2016-11-03 06:33:30 +00:00
|
|
|
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
#include "sdkconfig.h"
|
|
|
|
|
2020-07-12 19:23:12 +00:00
|
|
|
#include "bootloader_flash_priv.h"
|
2017-06-28 06:46:34 +00:00
|
|
|
#include "bootloader_sha.h"
|
2020-02-24 19:51:41 +00:00
|
|
|
#include "bootloader_utility.h"
|
2016-11-03 06:33:30 +00:00
|
|
|
#include "esp_log.h"
|
|
|
|
#include "esp_image_format.h"
|
|
|
|
#include "esp_secure_boot.h"
|
2019-03-08 05:16:55 +00:00
|
|
|
#include "mbedtls/sha256.h"
|
2019-01-04 07:18:28 +00:00
|
|
|
#include "mbedtls/x509.h"
|
2020-02-24 19:51:41 +00:00
|
|
|
#include "mbedtls/md.h"
|
|
|
|
#include "mbedtls/platform.h"
|
|
|
|
#include "mbedtls/entropy.h"
|
|
|
|
#include "mbedtls/ctr_drbg.h"
|
|
|
|
#include <string.h>
|
|
|
|
#include <sys/param.h>
|
2020-03-03 18:58:18 +00:00
|
|
|
#include "esp_secure_boot.h"
|
|
|
|
|
|
|
|
#ifdef CONFIG_IDF_TARGET_ESP32S2
|
|
|
|
#include <esp32s2/rom/secure_boot.h>
|
|
|
|
#endif
|
2016-11-03 06:33:30 +00:00
|
|
|
|
2020-02-24 19:51:41 +00:00
|
|
|
#define DIGEST_LEN 32
|
|
|
|
|
|
|
|
#ifdef CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME
|
|
|
|
static const char *TAG = "secure_boot_v1";
|
2016-11-03 06:33:30 +00:00
|
|
|
|
|
|
|
extern const uint8_t signature_verification_key_start[] asm("_binary_signature_verification_key_bin_start");
|
|
|
|
extern const uint8_t signature_verification_key_end[] asm("_binary_signature_verification_key_bin_end");
|
|
|
|
|
|
|
|
#define SIGNATURE_VERIFICATION_KEYLEN 64
|
|
|
|
|
|
|
|
esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length)
|
|
|
|
{
|
2017-06-28 06:46:34 +00:00
|
|
|
uint8_t digest[DIGEST_LEN];
|
2020-02-16 05:51:42 +00:00
|
|
|
uint8_t verified_digest[DIGEST_LEN];
|
2016-11-11 06:00:34 +00:00
|
|
|
const esp_secure_boot_sig_block_t *sigblock;
|
2016-11-03 06:33:30 +00:00
|
|
|
|
|
|
|
ESP_LOGD(TAG, "verifying signature src_addr 0x%x length 0x%x", src_addr, length);
|
|
|
|
|
2020-02-24 19:51:41 +00:00
|
|
|
esp_err_t err = bootloader_sha256_flash_contents(src_addr, length, digest);
|
|
|
|
if (err != ESP_OK) {
|
|
|
|
ESP_LOGE(TAG, "Digest calculation failed 0x%x, 0x%x", src_addr, length);
|
|
|
|
return err;
|
2016-11-03 06:33:30 +00:00
|
|
|
}
|
|
|
|
|
2017-06-28 06:46:34 +00:00
|
|
|
// Map the signature block and verify the signature
|
2020-02-24 19:51:41 +00:00
|
|
|
sigblock = (const esp_secure_boot_sig_block_t *)bootloader_mmap(src_addr + length, sizeof(esp_secure_boot_sig_block_t));
|
|
|
|
if (sigblock == NULL) {
|
|
|
|
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", src_addr + length, sizeof(esp_secure_boot_sig_block_t));
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
2020-02-16 05:51:42 +00:00
|
|
|
err = esp_secure_boot_verify_ecdsa_signature_block(sigblock, digest, verified_digest);
|
2020-02-24 19:51:41 +00:00
|
|
|
bootloader_munmap(sigblock);
|
2017-06-28 06:46:34 +00:00
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2020-02-16 05:51:42 +00:00
|
|
|
esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest)
|
2017-06-28 06:46:34 +00:00
|
|
|
{
|
2019-08-29 23:35:47 +00:00
|
|
|
#if !(defined(CONFIG_MBEDTLS_ECDSA_C) && defined(CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED))
|
|
|
|
ESP_LOGE(TAG, "Signature verification requires ECDSA & SECP256R1 curve enabled");
|
|
|
|
return ESP_ERR_NOT_SUPPORTED;
|
|
|
|
#else
|
2017-06-28 06:46:34 +00:00
|
|
|
ptrdiff_t keylen;
|
|
|
|
|
2020-02-16 05:51:42 +00:00
|
|
|
/* Note: in IDF app image verification we don't add any fault injection resistance, boot-time checks only */
|
|
|
|
memset(verified_digest, 0, DIGEST_LEN);
|
|
|
|
|
2016-11-03 06:33:30 +00:00
|
|
|
keylen = signature_verification_key_end - signature_verification_key_start;
|
2019-04-16 09:01:31 +00:00
|
|
|
if (keylen != SIGNATURE_VERIFICATION_KEYLEN) {
|
2016-11-03 06:33:30 +00:00
|
|
|
ESP_LOGE(TAG, "Embedded public verification key has wrong length %d", keylen);
|
2017-06-28 06:46:34 +00:00
|
|
|
return ESP_FAIL;
|
2016-11-03 06:33:30 +00:00
|
|
|
}
|
|
|
|
|
2017-06-28 06:46:34 +00:00
|
|
|
if (sig_block->version != 0) {
|
|
|
|
ESP_LOGE(TAG, "image has invalid signature version field 0x%08x", sig_block->version);
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
2016-11-03 06:33:30 +00:00
|
|
|
|
2018-07-13 01:52:57 +00:00
|
|
|
ESP_LOGD(TAG, "Verifying secure boot signature");
|
|
|
|
|
2019-01-04 07:18:28 +00:00
|
|
|
int ret;
|
|
|
|
mbedtls_mpi r, s;
|
|
|
|
|
|
|
|
mbedtls_mpi_init(&r);
|
|
|
|
mbedtls_mpi_init(&s);
|
|
|
|
|
|
|
|
/* Extract r and s components from RAW ECDSA signature of 64 bytes */
|
2019-04-16 09:01:31 +00:00
|
|
|
#define ECDSA_INTEGER_LEN 32
|
2019-01-04 07:18:28 +00:00
|
|
|
ret = mbedtls_mpi_read_binary(&r, &sig_block->signature[0], ECDSA_INTEGER_LEN);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "Failed mbedtls_mpi_read_binary(1), err:%d", ret);
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_mpi_read_binary(&s, &sig_block->signature[ECDSA_INTEGER_LEN], ECDSA_INTEGER_LEN);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "Failed mbedtls_mpi_read_binary(2), err:%d", ret);
|
|
|
|
mbedtls_mpi_free(&r);
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Initialise ECDSA context */
|
|
|
|
mbedtls_ecdsa_context ecdsa_context;
|
|
|
|
mbedtls_ecdsa_init(&ecdsa_context);
|
|
|
|
|
|
|
|
mbedtls_ecp_group_load(&ecdsa_context.grp, MBEDTLS_ECP_DP_SECP256R1);
|
|
|
|
size_t plen = mbedtls_mpi_size(&ecdsa_context.grp.P);
|
2019-04-16 09:01:31 +00:00
|
|
|
if (keylen != 2 * plen) {
|
2019-01-04 07:18:28 +00:00
|
|
|
ESP_LOGE(TAG, "Incorrect ECDSA key length %d", keylen);
|
|
|
|
ret = ESP_FAIL;
|
|
|
|
goto cleanup;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Extract X and Y components from ECDSA public key */
|
|
|
|
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.Q.X, signature_verification_key_start, plen));
|
|
|
|
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.Q.Y, signature_verification_key_start + plen, plen));
|
|
|
|
MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ecdsa_context.Q.Z, 1));
|
|
|
|
|
|
|
|
ret = mbedtls_ecdsa_verify(&ecdsa_context.grp, image_digest, DIGEST_LEN, &ecdsa_context.Q, &r, &s);
|
|
|
|
ESP_LOGD(TAG, "Verification result %d", ret);
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
mbedtls_mpi_free(&r);
|
|
|
|
mbedtls_mpi_free(&s);
|
|
|
|
mbedtls_ecdsa_free(&ecdsa_context);
|
|
|
|
return ret == 0 ? ESP_OK : ESP_ERR_IMAGE_INVALID;
|
2019-08-29 23:35:47 +00:00
|
|
|
#endif // CONFIG_MBEDTLS_ECDSA_C && CONFIG_MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
2016-11-03 06:33:30 +00:00
|
|
|
}
|
2020-02-24 19:51:41 +00:00
|
|
|
|
|
|
|
#elif CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
|
|
|
|
|
|
|
|
static const char *TAG = "secure_boot_v2";
|
|
|
|
#define ALIGN_UP(num, align) (((num) + ((align) - 1)) & ~((align) - 1))
|
|
|
|
#define RSA_KEY_SIZE 384 /* RSA 3072 Bits */
|
|
|
|
|
2020-03-03 18:58:18 +00:00
|
|
|
#if CONFIG_IDF_TARGET_ESP32S2
|
|
|
|
inline static bool digest_matches(const void *trusted, const void *computed)
|
|
|
|
{
|
|
|
|
if (trusted == NULL) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// 'trusted' is probably a pointer to read-only efuse registers,
|
|
|
|
// which only support word reads. memcmp() cannot be guaranteed
|
|
|
|
// to do word reads, so we make a local copy here (we know that
|
|
|
|
// memcpy() will do word operations if it can).
|
|
|
|
uint8_t __attribute__((aligned(4))) trusted_local[ETS_DIGEST_LEN];
|
|
|
|
uint8_t __attribute__((aligned(4))) computed_local[ETS_DIGEST_LEN];
|
|
|
|
|
|
|
|
memcpy(trusted_local, trusted, ETS_DIGEST_LEN);
|
|
|
|
memcpy(computed_local, computed, ETS_DIGEST_LEN);
|
|
|
|
return memcmp(trusted_local, computed_local, ETS_DIGEST_LEN) == 0;
|
|
|
|
}
|
|
|
|
#endif /* CONFIG_IDF_TARGET_ESP32S2 */
|
|
|
|
|
2020-02-24 19:51:41 +00:00
|
|
|
esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length)
|
|
|
|
{
|
|
|
|
uint8_t digest[DIGEST_LEN] = {0};
|
2020-02-16 05:51:42 +00:00
|
|
|
uint8_t verified_digest[DIGEST_LEN] = {0};
|
2020-02-24 19:51:41 +00:00
|
|
|
|
|
|
|
/* Rounding off length to the upper 4k boundary */
|
2020-02-16 05:51:42 +00:00
|
|
|
uint32_t padded_length = ALIGN_UP(length, FLASH_SECTOR_SIZE);
|
2020-02-24 19:51:41 +00:00
|
|
|
ESP_LOGD(TAG, "verifying signature src_addr 0x%x length 0x%x", src_addr, length);
|
|
|
|
|
|
|
|
esp_err_t err = bootloader_sha256_flash_contents(src_addr, padded_length, digest);
|
|
|
|
if (err != ESP_OK) {
|
|
|
|
ESP_LOGE(TAG, "Digest calculation failed 0x%x, 0x%x", src_addr, padded_length);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
const ets_secure_boot_signature_t *sig_block = bootloader_mmap(src_addr + padded_length, sizeof(ets_secure_boot_signature_t));
|
|
|
|
if (sig_block == NULL) {
|
|
|
|
ESP_LOGE(TAG, "Failed to mmap data at offset 0x%x", src_addr + padded_length);
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
|
|
|
|
2020-02-16 05:51:42 +00:00
|
|
|
err = esp_secure_boot_verify_rsa_signature_block(sig_block, digest, verified_digest);
|
2020-02-24 19:51:41 +00:00
|
|
|
if (err != ESP_OK) {
|
|
|
|
ESP_LOGE(TAG, "Secure Boot V2 verification failed.");
|
|
|
|
}
|
|
|
|
bootloader_munmap(sig_block);
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2020-02-16 05:51:42 +00:00
|
|
|
esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest)
|
2020-02-24 19:51:41 +00:00
|
|
|
{
|
2020-03-03 18:58:18 +00:00
|
|
|
uint8_t i = 0;
|
2020-04-24 04:41:42 +00:00
|
|
|
#if CONFIG_SECURE_BOOT_V2_ENABLED /* Verify key against efuse block */
|
2020-03-03 18:58:18 +00:00
|
|
|
uint8_t sig_block_key_digest[SECURE_BOOT_NUM_BLOCKS][DIGEST_LEN] = {0};
|
2020-02-24 19:51:41 +00:00
|
|
|
|
2020-02-16 05:51:42 +00:00
|
|
|
/* Note: in IDF verification we don't add any fault injection resistance, as we don't expect this to be called
|
|
|
|
during boot-time verification. */
|
|
|
|
memset(verified_digest, 0, DIGEST_LEN);
|
|
|
|
|
2020-09-24 23:58:37 +00:00
|
|
|
/* Generating the SHA of the public key components in the signature block */
|
|
|
|
for (i = 0; i < SECURE_BOOT_NUM_BLOCKS; i++) {
|
|
|
|
bootloader_sha256_handle_t sig_block_sha;
|
|
|
|
sig_block_sha = bootloader_sha256_start();
|
|
|
|
bootloader_sha256_data(sig_block_sha, &sig_block->block[i].key, sizeof(sig_block->block[i].key));
|
|
|
|
bootloader_sha256_finish(sig_block_sha, (unsigned char *)sig_block_key_digest[i]);
|
|
|
|
}
|
|
|
|
|
2020-03-03 18:58:18 +00:00
|
|
|
#if CONFIG_IDF_TARGET_ESP32
|
|
|
|
uint8_t efuse_trusted_digest[DIGEST_LEN] = {0};
|
|
|
|
memcpy(efuse_trusted_digest, (uint8_t *) EFUSE_BLK2_RDATA0_REG, sizeof(efuse_trusted_digest));
|
2020-02-24 19:51:41 +00:00
|
|
|
|
2020-09-24 23:58:37 +00:00
|
|
|
if (memcmp(efuse_trusted_digest, sig_block_key_digest[0], DIGEST_LEN) != 0) {
|
2020-04-24 04:40:24 +00:00
|
|
|
const uint8_t zeroes[DIGEST_LEN] = {0};
|
|
|
|
/* Can't continue if secure boot is enabled, OR if a different digest is already written in efuse BLK2
|
|
|
|
|
|
|
|
(If BLK2 is empty and Secure Boot is disabled then we assume that it will be enabled later.)
|
|
|
|
*/
|
|
|
|
if (esp_secure_boot_enabled() || memcmp(efuse_trusted_digest, zeroes, DIGEST_LEN) != 0) {
|
2020-02-24 19:51:41 +00:00
|
|
|
ESP_LOGE(TAG, "Public key digest in eFuse BLK2 and the signature block don't match.");
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
|
|
|
}
|
2020-03-03 18:58:18 +00:00
|
|
|
#elif CONFIG_IDF_TARGET_ESP32S2
|
|
|
|
bool match = false;
|
|
|
|
ets_secure_boot_key_digests_t efuse_trusted_digest;
|
|
|
|
ETS_STATUS r;
|
|
|
|
r = ets_secure_boot_read_key_digests(&efuse_trusted_digest);
|
|
|
|
if (r != 0) {
|
|
|
|
ESP_LOGI(TAG, "Could not read secure boot digests!");
|
|
|
|
return ESP_FAIL;
|
|
|
|
}
|
|
|
|
#endif /* CONFIG_IDF_TARGET_ESP32 */
|
|
|
|
#endif /* CONFIG_SECURE_BOOT_V2_ENABLED */
|
2020-02-24 19:51:41 +00:00
|
|
|
|
|
|
|
ESP_LOGI(TAG, "Verifying with RSA-PSS...");
|
|
|
|
int ret = 0;
|
|
|
|
mbedtls_rsa_context pk;
|
|
|
|
mbedtls_entropy_context entropy;
|
|
|
|
mbedtls_ctr_drbg_context ctr_drbg;
|
|
|
|
unsigned char *sig_be = calloc(1, RSA_KEY_SIZE);
|
|
|
|
unsigned char *buf = calloc(1, RSA_KEY_SIZE);
|
|
|
|
if (sig_be == NULL || buf == NULL) {
|
|
|
|
return ESP_ERR_NO_MEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
mbedtls_entropy_init(&entropy);
|
2020-03-20 15:12:10 +00:00
|
|
|
mbedtls_ctr_drbg_init(&ctr_drbg);
|
2020-02-24 19:51:41 +00:00
|
|
|
ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "mbedtls_ctr_drbg_seed returned -0x%04x\n", ret);
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (i = 0; i < SECURE_BOOT_NUM_BLOCKS; i++) {
|
2020-03-03 18:58:18 +00:00
|
|
|
#if CONFIG_IDF_TARGET_ESP32S2
|
|
|
|
for (uint8_t j = 0; j < SECURE_BOOT_NUM_BLOCKS; j++) {
|
|
|
|
if (digest_matches(efuse_trusted_digest.key_digests[j], sig_block_key_digest[i])) {
|
|
|
|
ESP_LOGI(TAG, "eFuse key matches(%d) matches the application key(%d).", j, i);
|
|
|
|
match = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (match == false) {
|
|
|
|
continue; // Skip the public keys whose digests don't match.
|
|
|
|
}
|
|
|
|
# endif
|
|
|
|
|
2020-02-24 19:51:41 +00:00
|
|
|
const mbedtls_mpi N = { .s = 1,
|
|
|
|
.n = sizeof(sig_block->block[i].key.n)/sizeof(mbedtls_mpi_uint),
|
|
|
|
.p = (void *)sig_block->block[i].key.n,
|
|
|
|
};
|
|
|
|
const mbedtls_mpi e = { .s = 1,
|
|
|
|
.n = sizeof(sig_block->block[i].key.e)/sizeof(mbedtls_mpi_uint), // 1
|
|
|
|
.p = (void *)&sig_block->block[i].key.e,
|
|
|
|
};
|
|
|
|
mbedtls_rsa_init(&pk, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
|
|
|
|
ret = mbedtls_rsa_import(&pk, &N, NULL, NULL, NULL, &e);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "Failed mbedtls_rsa_import, err: %d", ret);
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_rsa_complete(&pk);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "Failed mbedtls_rsa_complete, err: %d", ret);
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_rsa_check_pubkey(&pk);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGI(TAG, "Key is not an RSA key -%0x", -ret);
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Signature needs to be byte swapped into BE representation */
|
|
|
|
for (int j = 0; j < RSA_KEY_SIZE; j++) {
|
|
|
|
sig_be[RSA_KEY_SIZE- j - 1] = sig_block->block[i].signature[j];
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = mbedtls_rsa_public( &pk, sig_be, buf);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "mbedtls_rsa_public failed, err: %d", ret);
|
|
|
|
goto exit;
|
|
|
|
}
|
|
|
|
|
2020-11-10 07:40:01 +00:00
|
|
|
ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, DIGEST_LEN,
|
2020-02-24 19:51:41 +00:00
|
|
|
sig_block->block[i].image_digest, sig_be);
|
|
|
|
if (ret != 0) {
|
|
|
|
ESP_LOGE(TAG, "Failed mbedtls_rsa_rsassa_pss_verify, err: %d", ret);
|
|
|
|
} else {
|
|
|
|
ESP_LOGI(TAG, "Signature verified successfully!");
|
|
|
|
}
|
|
|
|
exit:
|
|
|
|
mbedtls_rsa_free(&pk);
|
|
|
|
if (ret == 0) {
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2020-07-12 19:23:12 +00:00
|
|
|
|
2020-02-24 19:51:41 +00:00
|
|
|
free(sig_be);
|
|
|
|
free(buf);
|
2020-03-03 18:58:18 +00:00
|
|
|
#if CONFIG_IDF_TARGET_ESP32
|
|
|
|
return (ret != 0) ? ESP_ERR_IMAGE_INVALID: ESP_OK;
|
|
|
|
#elif CONFIG_IDF_TARGET_ESP32S2
|
|
|
|
return (ret != 0 || match == false) ? ESP_ERR_IMAGE_INVALID: ESP_OK;
|
|
|
|
#endif /* CONFIG_IDF_TARGET_ESP32 */
|
2020-02-24 19:51:41 +00:00
|
|
|
}
|
|
|
|
#endif
|