| # SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD |
| # |
| # SPDX-License-Identifier: Apache-2.0 |
| |
| CONFIG_ESP_BOOTLOADER_SIZE=0xF000 |
| CONFIG_ESP_APPLICATION_PRIMARY_START_ADDRESS=0x10000 |
| CONFIG_ESP_APPLICATION_SIZE=0x100000 |
| CONFIG_ESP_APPLICATION_SECONDARY_START_ADDRESS=0x110000 |
| CONFIG_ESP_MCUBOOT_WDT_ENABLE=y |
| CONFIG_ESP_SCRATCH_OFFSET=0x210000 |
| CONFIG_ESP_SCRATCH_SIZE=0x40000 |
| |
| # CONFIG_ESP_SIGN_EC256=y |
| # CONFIG_ESP_SIGN_ED25519=n |
| # CONFIG_ESP_SIGN_RSA=n |
| # CONFIG_ESP_SIGN_RSA_LEN=2048 |
| |
| # Use Tinycrypt lib for EC256 or ED25519 signing |
| # CONFIG_ESP_USE_TINYCRYPT=y |
| # Use Mbed TLS lib for RSA image signing |
| # CONFIG_ESP_USE_MBEDTLS=n |
| |
| # It is strongly recommended to generate a new signing key |
| # using imgtool instead of use the existent sample |
| # CONFIG_ESP_SIGN_KEY_FILE=root-ec-p256.pem |
| |
| # Hardware Secure Boot related options |
| # CONFIG_SECURE_SIGNED_ON_BOOT=1 |
| # CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=1 |
| # CONFIG_SECURE_BOOT=1 |
| # CONFIG_SECURE_BOOT_V2_ENABLED=1 |
| # CONFIG_SECURE_BOOT_SUPPORTS_RSA=1 |
| |
| # Hardware Flash Encryption related options |
| # CONFIG_SECURE_FLASH_ENC_ENABLED=1 |
| # CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=1 |
| # CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=1 |
| # CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=1 |
| # CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=1 |
| # CONFIG_SECURE_BOOT_ALLOW_JTAG=1 |
| # CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=1 |
| |
| # Options for enabling eFuse emulation in Flash |
| # CONFIG_EFUSE_VIRTUAL=1 |
| # CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH=1 |