Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(cmake/signing): do not clean up the CONFIG_SECURE_BOOT_VERIFICATI… (IDFGH-13799) #14657

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(cmake/signing): do not clean up the CONFIG_SECURE_BOOT_VERIFICATI… (IDFGH-13799) #14657

wants to merge 1 commit into from
+2 −3

Conversation

Andste82
Copy link
Contributor

@Andste82 Andste82 commented Oct 1, 2024
edited
Loading

…ON_KEY file provided separately

Description

with secure boot V1 remote signing, the private key is not part of the project, as the binaries are signed in a separate process. however, the derived verification key must be available at compile time.

if “Sign binaries during build” is deactivated according to the documentation and the generated verification key file is defined via CONFIG_SECURE_BOOT_VERIFICATION_KEY, then this verification key is currently deleted in a project clean!

this patch no longer deletes the file specified by the user.

Related

https://docs.espressif.com/projects/esp-idf/en/stable/esp32/security/secure-boot-v1.html#remote-signing-of-images

Testing

sdkconfig:

#
# Security features
#
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_V2_RSA_SUPPORTED=y
CONFIG_SECURE_BOOT_V1_SUPPORTED=y
CONFIG_SECURE_BOOT_V2_PREFERRED=y
CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT=y
CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME=y
# CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME is not set
# CONFIG_SECURE_SIGNED_ON_BOOT_NO_SECURE_BOOT is not set
CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT=y
# CONFIG_SECURE_BOOT is not set
# CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES is not set
CONFIG_SECURE_BOOT_VERIFICATION_KEY="signature_verification_key.bin"
# CONFIG_SECURE_FLASH_ENC_ENABLED is not set

@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 1, 2024
edited
Loading

Warnings
⚠️

Some issues found for the commit messages in this PR:

  • the commit message "fix(cmake/signing): do not clean up the CONFIG_SECURE_BOOT_VERIFICATION_KEY file provided separately":
    • summary appears to be too long

Please fix these commit messages - here are some basic tips:

  • follow Conventional Commits style
  • correct format of commit message should be: <type/action>(<scope/component>): <summary>, for example fix(esp32): Fixed startup timeout issue
  • allowed types are: change,ci,docs,feat,fix,refactor,remove,revert,test
  • sufficiently descriptive message summary should be between 20 to 72 characters and start with upper case letter
  • avoid Jira references in commit messages (unavailable/irrelevant for our customers)

TIP: Install pre-commit hooks and run this check when committing (uses the Conventional Precommit Linter).

👋 Hello Andste82, we appreciate your contribution to this project!

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.
🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.
Click to see more instructions ...


This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Resolve all warnings (⚠️ ) before requesting a review from human reviewers - they will appreciate it.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...


We do welcome contributions in the form of bug reports, feature requests and pull requests via this public GitHub repository.

This GitHub project is public mirror of our internal git repository

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved, we synchronize it into our internal git repository.
4. In the internal git repository we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
5. If the change is approved and passes the tests it is merged into the default branch.
5. On next sync from the internal git repository merged change will appear in this public GitHub repository.

Generated by 🚫 dangerJS against bb08754

@espressif-bot espressif-bot added the Status: Opened Issue is new label Oct 1, 2024
@github-actions github-actions bot changed the title fix(cmake/signing): do not clean up the CONFIG_SECURE_BOOT_VERIFICATI… fix(cmake/signing): do not clean up the CONFIG_SECURE_BOOT_VERIFICATI… (IDFGH-13799) Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Status: Opened Issue is new
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Andste82 @espressif-bot