espressif: Enable signature verification (RSA, EC256 and ED25519) MbedTLS and Tinycrypt security lib options added to Espressif's configuration and build. Signed-off-by: Almir Okato <almir.okato@espressif.com>

commit: eb6b7bf3ebf2d0badb0dcb36b2c1d4e2477f0a48 [log] [tgz]
author: Almir Okato <almir.okato@espressif.com> Tue Sep 07 17:06:35 2021 -0300
committer: Fabio Utzig <utzig@utzig.org> Thu Oct 07 18:30:20 2021 -0300
tree: 51975d5e4183e338b57e44600bd09ed4b7e1c9e3
parent: 14c785b71601092c1574ccb7eab4cf1c43dd07ec [diff] [blame]
diff --git a/boot/espressif/bootloader.conf b/boot/espressif/bootloader.conf
index a20c904..758d5ed 100644
--- a/boot/espressif/bootloader.conf
+++ b/boot/espressif/bootloader.conf

@@ -1,3 +1,7 @@
+# Copyright (c) 2021 Espressif Systems (Shanghai) Co., Ltd.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 CONFIG_ESP_BOOTLOADER_SIZE=0xF000
 CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS=0x10000
 CONFIG_ESP_APPLICATION_SIZE=0x100000
@@ -5,3 +9,17 @@
 CONFIG_ESP_MCUBOOT_WDT_ENABLE=y
 CONFIG_ESP_SCRATCH_OFFSET=0x210000
 CONFIG_ESP_SCRATCH_SIZE=0x40000
+
+# CONFIG_ESP_SIGN_EC256=y
+# CONFIG_ESP_SIGN_ED25519=n
+# CONFIG_ESP_SIGN_RSA=n
+# CONFIG_ESP_SIGN_RSA_LEN=2048
+
+# Use Tinycrypt lib for EC256 or ED25519 signing
+# CONFIG_ESP_USE_TINYCRYPT=y
+# Use Mbed TLS lib for RSA image signing
+# CONFIG_ESP_USE_MBEDTLS=n
+
+# It is strongly recommended to generate a new signing key
+# using imgtool instead of use the existent sample
+# CONFIG_ESP_SIGN_KEY_FILE=root-ec-p256.pem
commit	eb6b7bf3ebf2d0badb0dcb36b2c1d4e2477f0a48	[log] [tgz]
author	Almir Okato <almir.okato@espressif.com>	Tue Sep 07 17:06:35 2021 -0300
committer	Fabio Utzig <utzig@utzig.org>	Thu Oct 07 18:30:20 2021 -0300
tree	51975d5e4183e338b57e44600bd09ed4b7e1c9e3
parent	14c785b71601092c1574ccb7eab4cf1c43dd07ec [diff] [blame]