Expand description
Utilities for ESP Secure Boot V2 RSA signature block verification and signing
For now, only Secure Boot V2 is supported, with the RSA-based signature block, as this is what seemingly Espressif recommends*. In future, it can be extended with support for ECC signatures, as well as Secure Boot V1.
The module is no_std (but needs alloc because Rust Crypto RSA needs it)
so that it can also be used on the chip itself for e.g. verifying image signatures
during OTA updates for baremetal apps. Note though that the on-chip verification
would be slow(er), because the Esp RSA and SHA peripherals are not utilized yet.
- https://docs.espressif.com/projects/esp-idf/en/v5.3.1/esp32h2/security/secure-boot-v2.html#signature-block-format
Modules§
- rsa
- The RSA crate is re-exported for user convenience so that users of the lib do not have to explicitly depend on it
Structs§
- AsyncIo
- A blocking wrapper for types implementing
std::io::Readandstd::io::Writeto implementReadandWritefor async I/O. - Null
Write - A null writer that writes to nowhere
Implements the
Writetrait fromembedded-io-async - SBV2
RsaPub Key - ESP Secure Boot V2 RSA Public key
- SBV2
RsaSignature Block - ESP Secure Boot V2 RSA Signature Block https://docs.espressif.com/projects/esp-idf/en/stable/esp32/security/secure-boot-v2.html#signature-block-format
Enums§
- Image
Type - Type of image to sign or verify
- Sign
Error - Errors that can occur during verification
- Verify
Error - Errors that can occur during verification