Merge branch 'fix/add_ecdsa_curve_validation_during_secure_boot_v6.0' into 'release/v6.0'

fix(bootloader_support): added ecdsa curve validation during secure boot (v6.0)

See merge request espressif/esp-idf!46297

components/bootloader/Kconfig.projbuild

@@ -707,7 +707,8 @@ menu "Security features"
             Path to the key file used to sign app images.
 
             Key file is an ECDSA private key (NIST256p curve) in PEM format for Secure Boot V1.
-            Key file is an RSA private key in PEM format for Secure Boot V2.
+            Key file is an RSA private key in PEM format for Secure Boot V2 (RSA scheme).
+            Key file is an ECDSA private key (NIST 192p, 256p or 384p) in PEM format for Secure Boot V2 (ECDSA scheme).
 
             Path is evaluated relative to the project directory.
 

components/bootloader_support/include/esp_secure_boot.h

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2026 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -70,6 +70,17 @@ typedef enum {
 #define ESP_SECURE_BOOT_SCHEME ESP_SECURE_BOOT_V2_ECDSA
 #endif
 
+/* Expected ECDSA curve ID from menuconfig "ECDSA key size" (matches ECDSA_CURVE_P192/P256/P384 in ROM) */
+#if CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
+#if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_192_BITS
+#define ESP_SECURE_BOOT_ECDSA_CURVE_ID  ECDSA_CURVE_P192
+#elif CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_256_BITS
+#define ESP_SECURE_BOOT_ECDSA_CURVE_ID  ECDSA_CURVE_P256
+#elif CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS
+#define ESP_SECURE_BOOT_ECDSA_CURVE_ID  ECDSA_CURVE_P384
+#endif
+#endif
+
 #if CONFIG_SECURE_BOOT || CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT
 /** @brief Get the selected secure boot scheme key type
  *

components/bootloader_support/src/secure_boot_v2/secure_boot_ecdsa_signature.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2026 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -13,11 +13,13 @@
 
 ESP_LOG_ATTR_TAG(TAG, "secure_boot_v2_ecdsa");
 
-#if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS
+#if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_192_BITS
+#define ECDSA_INTEGER_LEN 24
+#elif CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS
 #define ECDSA_INTEGER_LEN 48
 #else
 #define ECDSA_INTEGER_LEN 32
-#endif /* CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS */
+#endif
 
 esp_err_t verify_ecdsa_signature_block(const ets_secure_boot_signature_t *sig_block, const uint8_t *image_digest, const ets_secure_boot_sig_block_t *trusted_block)
 {
@@ -39,16 +41,20 @@ esp_err_t verify_ecdsa_signature_block(const ets_secure_boot_signature_t *sig_bl
     psa_ecc_family_t curve_family;
 
     switch(trusted_block->ecdsa.key.curve_id) {
+#if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_192_BITS
         case ECDSA_CURVE_P192:
             key_size = 24;
             curve_family = PSA_ECC_FAMILY_SECP_R1;
             psa_set_key_bits(&key_attributes, PSA_BYTES_TO_BITS(key_size));
             break;
+#endif /* CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_192_BITS */
+#if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_256_BITS
         case ECDSA_CURVE_P256:
             key_size = 32;
             curve_family = PSA_ECC_FAMILY_SECP_R1;
             psa_set_key_bits(&key_attributes, PSA_BYTES_TO_BITS(key_size));
             break;
+#endif /* CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_256_BITS */
 #if CONFIG_SECURE_BOOT_ECDSA_KEY_LEN_384_BITS
         case ECDSA_CURVE_P384:
             key_size = 48;

components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2026 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -43,6 +43,13 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
         return ESP_FAIL;
     }
 
+#if CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
+    if (block->ecdsa.key.curve_id != ESP_SECURE_BOOT_ECDSA_CURVE_ID) {
+        ESP_LOGE(TAG, "ECDSA curve mismatch: actual (curve_id %u), expected (curve_id %u)", (unsigned) block->ecdsa.key.curve_id, (unsigned) ESP_SECURE_BOOT_ECDSA_CURVE_ID);
+        return ESP_FAIL;
+    }
+#endif
+
 #if SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED && CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
     if (block->ecdsa.key.curve_id == ECDSA_CURVE_P192) {
         // Enabling ECDSA-192 Curve mode

components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_bootloader.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2026 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -72,6 +72,13 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
         return ESP_FAIL;
     }
 
+#if CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
+    if (block->ecdsa.key.curve_id != ESP_SECURE_BOOT_ECDSA_CURVE_ID) {
+        ESP_LOGE(TAG, "ECDSA curve mismatch: actual (curve_id %u), expected (curve_id %u)", (unsigned) block->ecdsa.key.curve_id, (unsigned) ESP_SECURE_BOOT_ECDSA_CURVE_ID);
+        return ESP_FAIL;
+    }
+#endif
+
 #if SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED && CONFIG_SECURE_SIGNED_APPS_ECDSA_V2_SCHEME
     if (block->ecdsa.key.curve_id == ECDSA_CURVE_P192) {
         // Enabling ECDSA-192 Curve mode