mirror of
https://github.com/espressif/esp-idf.git
synced 2026-07-13 06:23:04 +03:00
The signing step (espsecure sign-data) derives the signature block type from the key file itself, so selecting e.g. the RSA app signing scheme with an ECDSA signing key produced a successfully built image that only failed signature verification at boot. Check the key at configure time and fail with a clear error when: - the key family (RSA vs ECDSA) does not match the selected app signing scheme - the ECDSA curve does not match the selected ECDSA key size for the ECDSA (V1/V2) schemes - the key cannot be parsed as an unencrypted PEM private key