mirror of
https://github.com/espressif/esp-idf.git
synced 2026-04-27 19:13:21 +00:00
docs(security): adds data partition verification docs
This commit is contained in:
Ashish Sharma
@@ -408,6 +408,16 @@ An image is verified if the public key stored in any signature block is valid fo
|
||||
3. Use the public key to verify the signature of the bootloader image, using either RSA-PSS (section 8.1.2 of RFC8017) or ECDSA signature verification (section 5.3.3 of RFC6090) with the image digest calculated in step (2) for comparison.
|
||||
|
||||
|
||||
Verifying Data Partitions
|
||||
--------------------------
|
||||
|
||||
The Secure Boot v2 signature verification can also verify data partition images during OTA updates. Enable :ref:`CONFIG_SECURE_SIGNED_DATA_PARTITION` to verify data partitions with subtype ``ESP_PARTITION_SUBTYPE_DATA_UNDEFINED``.
|
||||
|
||||
Data partition images must be signed using ``idf.py secure-sign-data`` with the same signing key and follow the same format as application images. The verification uses the public key digest(s) stored in eFuse and follows the process described in :ref:`verify_image`.
|
||||
|
||||
For detailed information including OTA procedures and partition configuration, see :ref:`secure-signed-data-partition`.
|
||||
|
||||
|
||||
Bootloader Size
|
||||
---------------
|
||||
|
||||
|
||||
Reference in New Issue
Block a user