feat/secure_boot_v2: Adding secure boot v2 support for ESP32-ECO3

components/bootloader/CMakeLists.txt

@@ -6,11 +6,15 @@ if(BOOTLOADER_BUILD OR NOT CONFIG_APP_BUILD_BOOTLOADER)
 endif()
 
 add_dependencies(bootloader partition_table)
+# When secure boot is enabled, do not flash bootloader along with invocation of `idf.py flash`
+if(NOT CONFIG_SECURE_BOOT)
+    set(flash_bootloader FLASH_IN_PROJECT)
+endif()
 
 esptool_py_custom_target(bootloader-flash bootloader "bootloader")
 esptool_py_flash_target_image(bootloader-flash bootloader "0x1000" "${BOOTLOADER_BUILD_DIR}/bootloader.bin")
 
 # Also attach an image to the project flash target
-if(NOT CONFIG_SECURE_BOOT_ENABLED)
+if(NOT CONFIG_SECURE_BOOT)
     esptool_py_flash_target_image(flash bootloader "0x1000" "${BOOTLOADER_BUILD_DIR}/bootloader.bin")
 endif()

components/bootloader/Kconfig.projbuild

@@ -224,7 +224,7 @@ menu "Bootloader config"
 
     config BOOTLOADER_SKIP_VALIDATE_IN_DEEP_SLEEP
         bool "Skip image validation when exiting deep sleep"
-        depends on (SECURE_BOOT_ENABLED && SECURE_BOOT_INSECURE) || !SECURE_BOOT_ENABLED
+        depends on (SECURE_BOOT && SECURE_BOOT_INSECURE) || !SECURE_BOOT
         default n
         help
             This option disables the normal validation of an image coming out of
@@ -279,12 +279,12 @@ menu "Security features"
     config SECURE_SIGNED_ON_BOOT
         bool
         default y
-        depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
+        depends on SECURE_BOOT || SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
 
     config SECURE_SIGNED_ON_UPDATE
         bool
         default y
-        depends on SECURE_BOOT_ENABLED || SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
+        depends on SECURE_BOOT || SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
 
     config SECURE_SIGNED_APPS
         bool
@@ -298,8 +298,7 @@ menu "Security features"
 
     config SECURE_SIGNED_APPS_NO_SECURE_BOOT
         bool "Require signed app images"
-        default n
-        depends on !SECURE_BOOT_ENABLED
+        depends on !SECURE_BOOT
         help
             Require apps to be signed to verify their integrity.
 
@@ -308,6 +307,35 @@ menu "Security features"
             against remote network access, but not physical access. Compared to using hardware Secure Boot this option
             is much simpler to implement.
 
+    choice SECURE_SIGNED_APPS_SCHEME
+        bool "App Signing Scheme"
+        depends on SECURE_BOOT || SECURE_SIGNED_APPS_NO_SECURE_BOOT
+        default SECURE_SIGNED_APPS_ECDSA_SCHEME if SECURE_BOOT_V1_ENABLED
+        default SECURE_SIGNED_APPS_RSA_SCHEME if SECURE_BOOT_V2_ENABLED
+        help
+            Select the Secure App signing scheme. Depends on the Chip Revision.
+            There are two options:
+            1. ECDSA based secure boot scheme. (Only choice for Secure Boot V1)
+            Supported in ESP32 and ESP32-ECO3.
+            2. The RSA based secure boot scheme. (Only choice for Secure Boot V2)
+            Supported in ESP32-ECO3. (ESP32 Chip Revision 3 onwards)
+
+        config SECURE_SIGNED_APPS_ECDSA_SCHEME
+            bool "ECDSA"
+            depends on IDF_TARGET_ESP32 && (SECURE_SIGNED_APPS_NO_SECURE_BOOT || SECURE_BOOT_V1_ENABLED)
+            help
+                Embeds the ECDSA public key in the bootloader and signs the application with an ECDSA key.
+
+                Refer to the documentation before enabling.
+
+        config SECURE_SIGNED_APPS_RSA_SCHEME
+            bool "RSA"
+            depends on ESP32_REV_MIN_3 && SECURE_BOOT_V2_ENABLED
+            help
+                Appends the RSA-3072 based Signature block to the application.
+                Refer to <Secure Boot Version 2 documentation link> before enabling.
+    endchoice
+
     config SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT
         bool "Bootloader verifies app signatures"
         default n
@@ -334,23 +362,48 @@ menu "Security features"
             If hardware secure boot is not enabled, this option still adds significant security against network-based
             attackers by preventing spoofing of OTA updates.
 
-    config SECURE_BOOT_ENABLED
-        bool "Enable hardware secure boot in bootloader (READ DOCS FIRST)"
+    config SECURE_BOOT
+        bool "Enable hardware Secure Boot in bootloader (READ DOCS FIRST)"
         default n
         help
-            Build a bootloader which enables secure boot on first boot.
+            Build a bootloader which enables Secure Boot on first boot.
 
-            Once enabled, secure boot will not boot a modified bootloader. The bootloader will only load a partition
+            Once enabled, Secure Boot will not boot a modified bootloader. The bootloader will only load a partition
             table or boot an app if the data has a verified digital signature. There are implications for reflashing
             updated apps once secure boot is enabled.
 
             When enabling secure boot, JTAG and ROM BASIC Interpreter are permanently disabled by default.
 
-            Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
+    choice SECURE_BOOT_VERSION
+        bool "Select secure boot version"
+        default SECURE_BOOT_V2_ENABLED if ESP32_REV_MIN_3
+        depends on SECURE_BOOT
+        help
+            Select the Secure Boot Version. Depends on the Chip Revision.
+            Secure Boot V2 is the new RSA based secure boot scheme.
+            Supported in ESP32-ECO3. (ESP32 Chip Revision 3 onwards)
+            Secure Boot V1 is the AES based secure boot scheme.
+            Supported in ESP32 and ESP32-ECO3.
+
+        config SECURE_BOOT_V1_ENABLED
+            bool "Enable Secure Boot version 1"
+            depends on IDF_TARGET_ESP32
+            help
+                Build a bootloader which enables secure boot version 1 on first boot.
+                Refer to the Secure Boot section of the ESP-IDF Programmer's Guide for this version before enabling.
+
+        config SECURE_BOOT_V2_ENABLED
+            bool "Enable Secure Boot version 2"
+            depends on ESP32_REV_MIN_3
+            help
+                Build a bootloader which enables Secure Boot version 2 on first boot.
+                Refer to Secure Boot V2 section of the ESP-IDF Programmer's Guide for this version before enabling.
+
+    endchoice
 
     choice SECURE_BOOTLOADER_MODE
         bool "Secure bootloader mode"
-        depends on SECURE_BOOT_ENABLED
+        depends on SECURE_BOOT_V1_ENABLED
         default SECURE_BOOTLOADER_ONE_TIME_FLASH
 
         config SECURE_BOOTLOADER_ONE_TIME_FLASH
@@ -385,7 +438,8 @@ menu "Security features"
             If enabled (default), these binary files are signed as part of the build process. The file named in
             "Secure boot private signing key" will be used to sign the image.
 
-            If disabled, unsigned app/partition data will be built. They must be signed manually using espsecure.py
+            If disabled, unsigned app/partition data will be built. They must be signed manually using espsecure.py.
+            Version 1 to enable ECDSA Based Secure Boot and Version 2 to enable RSA based Secure Boot.
             (for example, on a remote signing server.)
 
     config SECURE_BOOT_SIGNING_KEY
@@ -395,28 +449,32 @@ menu "Security features"
         help
             Path to the key file used to sign app images.
 
-            Key file is an ECDSA private key (NIST256p curve) in PEM format.
+            Key file is an ECDSA private key (NIST256p curve) in PEM format for Secure Boot V1.
+            Key file is an RSA private key in PEM format for Secure Boot V2.
 
             Path is evaluated relative to the project directory.
 
             You can generate a new signing key by running the following command:
             espsecure.py generate_signing_key secure_boot_signing_key.pem
 
-            See https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html for details.
+            See the Secure Boot section of the ESP-IDF Programmer's Guide for this version for details.
 
     config SECURE_BOOT_VERIFICATION_KEY
         string "Secure boot public signature verification key"
-        depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES
+        depends on SECURE_SIGNED_APPS && !SECURE_BOOT_BUILD_SIGNED_BINARIES && !SECURE_SIGNED_APPS_RSA_SCHEME
         default "signature_verification_key.bin"
         help
-            Path to a public key file used to verify signed images. This key is compiled into the bootloader and/or
+            Path to a public key file used to verify signed images.
+            Secure Boot V1: This ECDSA public key is compiled into the bootloader and/or
             app, to verify app images.
+            Secure Boot V2: This RSA public key is compiled into the signature block at
+            the end of the bootloader/app.
 
             Key file is in raw binary format, and can be extracted from a
             PEM formatted private key using the espsecure.py
             extract_public_key command.
 
-            Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
+            Refer to the Secure Boot section of the ESP-IDF Programmer's Guide for this version before enabling.
 
     choice SECURE_BOOTLOADER_KEY_ENCODING
         bool "Hardware Key Encoding"
@@ -443,7 +501,7 @@ menu "Security features"
 
     config SECURE_BOOT_INSECURE
         bool "Allow potentially insecure options"
-        depends on SECURE_BOOT_ENABLED
+        depends on SECURE_BOOT
         default N
         help
             You can disable some of the default protections offered by secure boot, in order to enable testing or a
@@ -451,7 +509,7 @@ menu "Security features"
 
             Only enable these options if you are very sure.
 
-            Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html before enabling.
+            Refer to the Secure Boot section of the ESP-IDF Programmer's Guide for this version before enabling.
 
     config SECURE_FLASH_ENC_ENABLED
         bool "Enable flash encryption on boot (READ DOCS FIRST)"
@@ -495,7 +553,7 @@ menu "Security features"
             Select Release mode only for production or manufacturing. Once enabled you can not reflash using UART
             bootloader
 
-            Refer to https://docs.espressif.com/projects/esp-idf/en/latest/security/secure-boot.html and
+            Refer to the Secure Boot section of the ESP-IDF Programmer's Guide for this version and
             https://docs.espressif.com/projects/esp-idf/en/latest/security/flash-encryption.html for details.
 
         config SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT

components/bootloader/Makefile.projbuild

@@ -45,7 +45,7 @@ clean: bootloader-clean
 bootloader-list-components:
 	$(BOOTLOADER_MAKE) list-components
 
-ifndef CONFIG_SECURE_BOOT_ENABLED
+ifndef CONFIG_SECURE_BOOT
 # If secure boot disabled, bootloader flashing is integrated
 # with 'make flash' and no warnings are printed.
 
@@ -115,13 +115,35 @@ $(BOOTLOADER_DIGEST_BIN): $(BOOTLOADER_BIN) $(SECURE_BOOTLOADER_KEY) | check_pyt
 	@echo "DIGEST $(notdir $@)"
 	$(ESPSECUREPY) digest_secure_bootloader -k $(SECURE_BOOTLOADER_KEY) -o $@ $<
 
-else # CONFIG_SECURE_BOOT_ENABLED && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE && !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH
+else ifdef CONFIG_SECURE_BOOT_V2_ENABLED
+BOOTLOADER_SIGNED_BIN := $(BOOTLOADER_BUILD_DIR)/bootloader-signed.bin
+ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
+bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) | check_python_dependencies
+	$(ESPSECUREPY) sign_data --keyfile $(SECURE_BOOT_SIGNING_KEY) --version 2 \
+	-o $(BOOTLOADER_SIGNED_BIN) $(BOOTLOADER_BIN)
+else
+bootloader: $(BOOTLOADER_BIN) $(SDKCONFIG_MAKEFILE) | check_python_dependencies
+	@echo "Bootloader not signed. Sign the bootloader before flashing."
+	@echo "To sign the bootloader, you can use this command:"
+	@echo "espsecure.py sign_data --keyfile SECURE_BOOT_SIGNING_KEY --version 2 $(BOOTLOADER_BIN)"
+endif
+	@echo $(SEPARATOR)
+	@echo "Use the following command to flash the bootloader:"
+ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
+	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_SIGNED_BIN)"
+else
+	@echo "$(ESPTOOLPY_WRITE_FLASH) $(BOOTLOADER_OFFSET) $(BOOTLOADER_BIN)"
+endif
+	@echo $(SEPARATOR)
+
+else # CONFIG_SECURE_BOOT && !CONFIG_SECURE_BOOTLOADER_REFLASHABLE \
+&& !CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH && !CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
 bootloader:
 	@echo "Invalid bootloader target: bad sdkconfig?"
 	@exit 1
 endif
 
-ifndef CONFIG_SECURE_BOOT_ENABLED
+ifndef CONFIG_SECURE_BOOT
 # don't build bootloader by default if secure boot is enabled
 all_binaries: $(BOOTLOADER_BIN)
 endif
@@ -131,3 +153,8 @@ bootloader-clean: $(SDKCONFIG_MAKEFILE)
 ifdef CONFIG_SECURE_BOOTLOADER_REFLASHABLE
 	rm -f $(SECURE_BOOTLOADER_KEY) $(BOOTLOADER_DIGEST_BIN)
 endif
+ifdef CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
+ifdef CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES
+	rm -f $(BOOTLOADER_SIGNED_BIN)
+endif
+endif

components/bootloader/project_include.cmake

@@ -19,8 +19,8 @@ set(bootloader_binary_files
 
 idf_build_get_property(project_dir PROJECT_DIR)
 
-# There are some additional processing when CONFIG_CONFIG_SECURE_SIGNED_APPS. This happens
-# when either CONFIG_SECURE_BOOT_ENABLED or SECURE_BOOT_BUILD_SIGNED_BINARIES.
+# There are some additional processing when CONFIG_SECURE_SIGNED_APPS. This happens
+# when either CONFIG_SECURE_BOOT_V1_ENABLED or CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES.
 # For both cases, the user either sets binaries to be signed during build or not
 # using CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES.
 #
@@ -29,7 +29,13 @@ idf_build_get_property(project_dir PROJECT_DIR)
 if(CONFIG_SECURE_SIGNED_APPS)
     add_custom_target(gen_secure_boot_keys)
 
-    if(CONFIG_SECURE_BOOT_ENABLED)
+    if(CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME)
+        set(secure_apps_signing_scheme "1")
+    elseif(CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME)
+        set(secure_apps_signing_scheme "2")
+    endif()
+
+    if(CONFIG_SECURE_BOOT_V1_ENABLED)
         # Check that the configuration is sane
         if((CONFIG_SECURE_BOOTLOADER_REFLASHABLE AND CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH) OR
             (NOT CONFIG_SECURE_BOOTLOADER_REFLASHABLE AND NOT CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH))
@@ -60,7 +66,8 @@ if(CONFIG_SECURE_SIGNED_APPS)
             # (to pick up a new signing key if one exists, etc.)
             fail_at_build_time(gen_secure_boot_signing_key
                 "Secure Boot Signing Key ${CONFIG_SECURE_BOOT_SIGNING_KEY} does not exist. Generate using:"
-                "\tespsecure.py generate_signing_key ${CONFIG_SECURE_BOOT_SIGNING_KEY}")
+                "\tespsecure.py generate_signing_key --version ${secure_apps_signing_scheme} \
+                ${CONFIG_SECURE_BOOT_SIGNING_KEY}")
         else()
             add_custom_target(gen_secure_boot_signing_key)
         endif()
@@ -70,7 +77,7 @@ if(CONFIG_SECURE_SIGNED_APPS)
         set(ver_key_arg)
 
         add_dependencies(gen_secure_boot_keys gen_secure_boot_signing_key)
-    else()
+    elseif(CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME)
 
         get_filename_component(secure_boot_verification_key
             ${CONFIG_SECURE_BOOT_VERIFICATION_KEY}
@@ -83,7 +90,7 @@ if(CONFIG_SECURE_SIGNED_APPS)
             fail_at_build_time(gen_secure_boot_verification_key
                 "Secure Boot Verification Public Key ${CONFIG_SECURE_BOOT_VERIFICATION_KEY} does not exist."
                 "\tThis can be extracted from the private signing key."
-                "\tSee docs/security/secure-boot.rst for details.")
+                "\tSee docs/security/secure-boot-v1.rst for details.")
         else()
             add_custom_target(gen_secure_boot_verification_key)
         endif()

components/bootloader/sdkconfig.rename

@@ -20,3 +20,6 @@ CONFIG_FLASH_ENCRYPTION_INSECURE                            CONFIG_SECURE_FLASH_
 CONFIG_FLASH_ENCRYPTION_UART_BOOTLOADER_ALLOW_ENCRYPT       CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC
 CONFIG_FLASH_ENCRYPTION_UART_BOOTLOADER_ALLOW_DECRYPT       CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC
 CONFIG_FLASH_ENCRYPTION_UART_BOOTLOADER_ALLOW_CACHE         CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE
+
+# Secure Boot Scheme
+CONFIG_SECURE_BOOT_ENABLED                                  CONFIG_SECURE_BOOT_V1_ENABLED

components/bootloader/subproject/CMakeLists.txt

@@ -90,6 +90,39 @@ if(CONFIG_SECURE_BOOTLOADER_REFLASHABLE)
     add_custom_target (gen_bootloader_digest_bin ALL DEPENDS "${bootloader_digest_bin}")
 endif()
 
+if(CONFIG_SECURE_BOOT_V2_ENABLED)
+    if(CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES)
+        get_filename_component(secure_boot_signing_key 
+            "${SECURE_BOOT_SIGNING_KEY}" ABSOLUTE BASE_DIR "${project_dir}")
+
+        if(NOT EXISTS "${secure_boot_signing_key}")
+            message(FATAL_ERROR
+                "Secure Boot Signing Key Not found."
+                "\nGenerate the Secure Boot V2 RSA-PSS 3072 Key."
+                "\nTo generate one, you can use this command:"
+                "\n\t${espsecurepy} generate_signing_key --version 2 ${SECURE_BOOT_SIGNING_KEY}")
+        endif()
+
+        set(bootloader_unsigned_bin "bootloader-unsigned.bin")
+        add_custom_command(OUTPUT ".signed_bin_timestamp"
+            COMMAND cp "${CMAKE_BINARY_DIR}/${PROJECT_BIN}" "${CMAKE_BINARY_DIR}/${bootloader_unsigned_bin}"
+            COMMAND ${ESPSECUREPY} sign_data --version 2 --keyfile "${secure_boot_signing_key}"
+            -o "${CMAKE_BINARY_DIR}/${PROJECT_BIN}" "${CMAKE_BINARY_DIR}/${bootloader_unsigned_bin}"
+            COMMAND ${CMAKE_COMMAND} -E echo "Generated signed binary image ${build_dir}/${PROJECT_BIN}"
+            "from ${CMAKE_BINARY_DIR}/${bootloader_unsigned_bin}"
+            COMMAND ${CMAKE_COMMAND} -E md5sum "${CMAKE_BINARY_DIR}/${PROJECT_BIN}" > "${CMAKE_BINARY_DIR}/.signed_bin_timestamp"
+            DEPENDS "${build_dir}/.bin_timestamp"
+            VERBATIM
+            COMMENT "Generated the signed Bootloader")
+    else()
+        add_custom_command(OUTPUT ".signed_bin_timestamp"
+        VERBATIM
+        COMMENT "Bootloader generated but not signed")    
+    endif()
+
+    add_custom_target (gen_signed_bootloader ALL DEPENDS "${build_dir}/.signed_bin_timestamp")
+endif()
+
 if(CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH)
     add_custom_command(TARGET bootloader.elf POST_BUILD
         COMMAND ${CMAKE_COMMAND} -E echo
@@ -133,4 +166,18 @@ elseif(CONFIG_SECURE_BOOTLOADER_REFLASHABLE)
             "* Not recommended to re-use the same secure boot keyfile on multiple production devices."
         DEPENDS gen_secure_bootloader_key gen_bootloader_digest_bin
         VERBATIM)
+elseif(CONFIG_SECURE_BOOT_V2_ENABLED)
+    add_custom_command(TARGET bootloader.elf POST_BUILD
+    COMMAND ${CMAKE_COMMAND} -E echo
+        "=============================================================================="
+    COMMAND ${CMAKE_COMMAND} -E echo
+        "Bootloader built. Secure boot enabled, so bootloader not flashed automatically."
+    COMMAND ${CMAKE_COMMAND} -E echo
+        "Secure boot enabled, so bootloader not flashed automatically."
+    COMMAND ${CMAKE_COMMAND} -E echo
+        "\t${esptoolpy_write_flash} ${BOOTLOADER_OFFSET} ${CMAKE_BINARY_DIR}/bootloader.bin"
+    COMMAND ${CMAKE_COMMAND} -E echo
+        "=============================================================================="
+    DEPENDS gen_signed_bootloader
+    VERBATIM)
 endif()

components/bootloader/subproject/main/component.mk

@@ -17,6 +17,9 @@ ifdef CONFIG_IDF_TARGET_ESP32
     ifndef CONFIG_SPI_FLASH_ROM_DRIVER_PATCH
         LINKER_SCRIPTS += $(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.spiflash.ld
     endif
+    ifdef CONFIG_ESP32_REV_MIN_3 
+        LINKER_SCRIPTS += $(IDF_PATH)/components/esp_rom/$(IDF_TARGET)/ld/$(IDF_TARGET).rom.eco3.ld
+    endif
 endif
 
 COMPONENT_ADD_LDFLAGS += -L $(COMPONENT_PATH) $(addprefix -T ,$(LINKER_SCRIPTS))