Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calculate end of bootloader to update SHA256 #716

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Calculate end of bootloader to update SHA256 #716

wants to merge 1 commit into from
+32 −6

Conversation

chris-subtlebytes
Copy link

The current implementation uses the last 32 bytes of the bootloader file. When Secure Boot V2 is enabled, the bootloader is padded. The new implementation walks through the segments to find the end and adds the 16-byte aligned 1-byte checksum to update the SHA256 instead of incorrectly updating the padding.

Closes #715

SergioGasquez
SergioGasquez reviewed Dec 30, 2024
View reviewed changes
Copy link
Member

@SergioGasquez SergioGasquez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Briefly looking at your changes and argumentation, they look good to me! Ill wait until the PR is ready for review and Ill do a more thorough review and some testing.

Thanks for contributting to espflash!

@chris-subtlebytes
Copy link
Author

I left some print statements in there mostly to illustrate the issue. Do you want those removed? Are there any plans to add logging crates?

I briefly looked into creating some tests. Are there any existing test Targets floating around so that I can plug in a bunch of differently sized images?

@jessebraham
Copy link
Member

Are there any plans to add logging crates?

Not sure what you mean, log and env_logger are already dependencies, we do have logging.

@chris-subtlebytes chris-subtlebytes marked this pull request as ready for review January 20, 2025 21:36
@chris-subtlebytes
Copy link
Author

log line added:

[2025-01-20T21:34:02Z INFO ] Updating bootloader SHA256 from 2034f85843702b555013b639087cbf4bd5d0ab800a8a15a7fe45715f5519d97f to 573853af4720e60f022158fae5b1a4aebc2279cec379c57cd64687708a00759e

@chris-subtlebytes
Calculate end of bootloader to update SHA256
7a83fc7 
The current implementation uses the last 32 bytes of the bootloader
file. When Secure Boot V2 is enabled, the bootloader is padded. The
new implementation walks through the segments to find the end and adds
the 16-byte aligned 1-byte checksum to update the SHA256 instead of
incorrectly updating the padding.

Closes esp-rs#715
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SergioGasquez SergioGasquez SergioGasquez left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

espflash save-image does not update the App Image SHA256 in the correct location.
3 participants
@chris-subtlebytes @jessebraham @SergioGasquez