espressif/ESP8266_RTOS_SDK
1
0
Fork 0
mirror of https://github.com/espressif/ESP8266_RTOS_SDK.git synced 2025-06-04 04:25:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'feature/add_bootloader_sha' into 'master'

Browse Source 
Add sha256 verification for bootloader and OTA

See merge request sdk/ESP8266_RTOS_SDK!551
This commit is contained in:
Dong Heng
2018-10-18 16:25:51 +08:00
parent 4c923bdc26 3de759602a
commit 223663f3fe
6 changed files with 392 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
components/app_update/Kconfig Normal file
View File

@ -0,0 +1,15 @@
menu "App update"
config APP_UPDATE_CHECK_APP_SUM
bool "Check APP binary data sum after downloading"
default y
help
If enable this option, app update will check the sum of app binary data after downloading it.
config APP_UPDATE_CHECK_APP_HASH
bool "Check APP binary data hash after downloading"
default n
help
If enable this option, app update will check the hash of app binary data after downloading it.
endmenu

8
components/app_update/Makefile.projbuild Normal file
View File

@ -0,0 +1,8 @@
ifdef CONFIG_APP_UPDATE_CHECK_APP_SUM
CFLAGS += -DCONFIG_ENABLE_BOOT_CHECK_SUM=1
endif
ifdef CONFIG_APP_UPDATE_CHECK_APP_HASH
CFLAGS += -DCONFIG_ENABLE_BOOT_CHECK_SHA256=1
endif

12
components/bootloader/Kconfig.projbuild
View File

@ -28,6 +28,18 @@ config LOG_BOOTLOADER_LEVEL
default 4 if LOG_BOOTLOADER_LEVEL_DEBUG
default 5 if LOG_BOOTLOADER_LEVEL_VERBOSE
config BOOTLOADER_CHECK_APP_SUM
bool "Check APP binary data sum before loading"
default y
help
If enable this option, bootloader will check the sum of app binary data before load it to run.
config BOOTLOADER_CHECK_APP_HASH
bool "Check APP binary data hash before loading"
default n
help
If enable this option, bootloader will check the hash of app binary data before load it to run.
config BOOTLOADER_SPI_WP_PIN
int "SPI Flash WP Pin when customising pins via efuse (read help)"
range 0 33

8
components/bootloader_support/Makefile.projbuild
View File

@ -5,3 +5,11 @@ $(SECURE_BOOT_SIGNING_KEY):
@echo "Keep key file safe after generating."
@echo "(See secure boot documentation for risks & alternatives.)"
@exit 1
ifdef CONFIG_BOOTLOADER_CHECK_APP_SUM
CFLAGS += -DCONFIG_ENABLE_BOOT_CHECK_SUM=1
endif
ifdef CONFIG_BOOTLOADER_CHECK_APP_HASH
CFLAGS += -DCONFIG_ENABLE_BOOT_CHECK_SHA256=1
endif

263
components/bootloader_support/src/bootloader_sha.c
View File

@ -170,4 +170,267 @@ void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest
#endif
#elif defined(CONFIG_TARGET_PLATFORM_ESP8266)
#ifndef BOOTLOADER_BUILD
#include "bootloader_sha.h"
#include <stdbool.h>
#include <string.h>
#include <assert.h>
#include <sys/param.h>
#ifdef CONFIG_SSL_USING_MBEDTLS
// App version is a wrapper around mbedTLS SHA API
#include <mbedtls/sha256.h>
bootloader_sha256_handle_t bootloader_sha256_start()
{
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)malloc(sizeof(mbedtls_sha256_context));
if (!ctx) {
return NULL;
}
mbedtls_sha256_init(ctx);
assert(mbedtls_sha256_starts_ret(ctx, false) == 0);
return ctx;
}
void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data, size_t data_len)
{
assert(handle != NULL);
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
assert(mbedtls_sha256_update_ret(ctx, data, data_len) == 0);
}
void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest)
{
assert(handle != NULL);
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
if (digest != NULL) {
assert(mbedtls_sha256_finish_ret(ctx, digest) == 0);
}
mbedtls_sha256_free(ctx);
free(handle);
}
#endif
#else
#include "bootloader_sha.h"
#include <stdbool.h>
#include <string.h>
#include <assert.h>
#include <sys/param.h>
typedef void* bootloader_sha256_handle_t;
// Code from mbedTLS sha256
#define F0(x,y,z) ((x & y) | (z & (x | y)))
#define F1(x,y,z) (z ^ (x & (y ^ z)))
#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
#define GET_UINT32_BE(n,b,i) \
do { \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
} while( 0 )
#define PUT_UINT32_BE(n,b,i) \
do { \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
} while( 0 )
#define R(t) \
( \
W[t] = S1(W[t - 2]) + W[t - 7] + \
S0(W[t - 15]) + W[t - 16] \
)
#define P(a,b,c,d,e,f,g,h,x,K) \
{ \
temp1 = h + S3(e) + F1(e,f,g) + K + x; \
temp2 = S2(a) + F0(a,b,c); \
d += temp1; h = temp1 + temp2; \
}
typedef struct {
uint32_t total[2];
uint32_t state[8];
uint8_t buffer[64];
} mbedtls_sha256_context;
static const uint32_t K[] =
{
0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5,
0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5,
0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3,
0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174,
0xE49B69C1, 0xEFBE4786, 0x0FC19DC6, 0x240CA1CC,
0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA,
0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7,
0xC6E00BF3, 0xD5A79147, 0x06CA6351, 0x14292967,
0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13,
0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85,
0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3,
0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070,
0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5,
0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3,
0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208,
0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2,
};
static mbedtls_sha256_context s_sha256;
static int internal_sha256_process(mbedtls_sha256_context *ctx, const uint8_t data[64])
{
uint32_t temp1, temp2, W[64];
uint32_t A[8];
unsigned int i;
for( i = 0; i < 8; i++ )
A[i] = ctx->state[i];
for( i = 0; i < 64; i++ )
{
if( i < 16 )
GET_UINT32_BE( W[i], data, 4 * i );
else
R( i );
P( A[0], A[1], A[2], A[3], A[4], A[5], A[6], A[7], W[i], K[i] );
temp1 = A[7]; A[7] = A[6]; A[6] = A[5]; A[5] = A[4]; A[4] = A[3];
A[3] = A[2]; A[2] = A[1]; A[1] = A[0]; A[0] = temp1;
}
for( i = 0; i < 8; i++ )
ctx->state[i] += A[i];
return( 0 );
}
bootloader_sha256_handle_t bootloader_sha256_start()
{
mbedtls_sha256_context *ctx = &s_sha256;
memset(ctx, 0, sizeof(mbedtls_sha256_context));
ctx->total[0] = 0;
ctx->total[1] = 0;
ctx->state[0] = 0x6A09E667;
ctx->state[1] = 0xBB67AE85;
ctx->state[2] = 0x3C6EF372;
ctx->state[3] = 0xA54FF53A;
ctx->state[4] = 0x510E527F;
ctx->state[5] = 0x9B05688C;
ctx->state[6] = 0x1F83D9AB;
ctx->state[7] = 0x5BE0CD19;
return ctx;
}
void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data, size_t data_len)
{
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
size_t ilen = data_len;
const uint8_t *input = (const uint8_t *)data;
int ret;
size_t fill;
uint32_t left;
left = ctx->total[0] & 0x3F;
fill = 64 - left;
ctx->total[0] += (uint32_t) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if( ctx->total[0] < (uint32_t) ilen )
ctx->total[1]++;
if( left && ilen >= fill )
{
memcpy((void *)(ctx->buffer + left), input, fill);
if( ( ret = internal_sha256_process( ctx, ctx->buffer ) ) != 0 )
return ;
input += fill;
ilen -= fill;
left = 0;
}
while( ilen >= 64 )
{
if( ( ret = internal_sha256_process( ctx, input ) ) != 0 )
return ;
input += 64;
ilen -= 64;
}
if( ilen > 0 )
memcpy( (void *) (ctx->buffer + left), input, ilen );
}
void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest)
{
uint32_t last, padn;
uint32_t high, low;
uint8_t msglen[8];
uint8_t *output = digest;
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
static const unsigned char sha256_padding[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
PUT_UINT32_BE( high, msglen, 0 );
PUT_UINT32_BE( low, msglen, 4 );
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
bootloader_sha256_data(ctx, sha256_padding, padn);
bootloader_sha256_data(ctx, msglen, 8);
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
PUT_UINT32_BE( ctx->state[2], output, 8 );
PUT_UINT32_BE( ctx->state[3], output, 12 );
PUT_UINT32_BE( ctx->state[4], output, 16 );
PUT_UINT32_BE( ctx->state[5], output, 20 );
PUT_UINT32_BE( ctx->state[6], output, 24 );
PUT_UINT32_BE( ctx->state[7], output, 28 );
return ;
}
#endif
#endif

181
components/bootloader_support/src/esp_image_format.c
View File

@ -601,6 +601,8 @@ static const char *TAG = "esp_image";
#define HASH_LEN 32 /* SHA-256 digest length */
#define SHA_CHUNK 1024
#define MAX_CHECKSUM_READ_SIZE SPI_FLASH_SEC_SIZE
#define SIXTEEN_MB 0x1000000
@ -647,9 +649,11 @@ static esp_err_t verify_segment_header(int index, const esp_image_segment_header
static esp_err_t verify_checksum(bootloader_sha256_handle_t sha_handle, uint32_t checksum_word, esp_image_metadata_t *data);
#if defined(CONFIG_SECURE_BOOT_ENABLED) && defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
#if defined(CONFIG_SECURE_BOOT_ENABLED)
static esp_err_t __attribute__((unused)) verify_secure_boot_signature(bootloader_sha256_handle_t sha_handle, esp_image_metadata_t *data);
static esp_err_t __attribute__((unused)) verify_simple_hash(bootloader_sha256_handle_t sha_handle, esp_image_metadata_t *data);
#endif
#if defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
static esp_err_t __attribute__((unused)) verify_simple_hash(bootloader_sha256_handle_t sha_handle, esp_image_metadata_t *data);
#endif
esp_err_t esp_image_load(esp_image_load_mode_t mode, const esp_partition_pos_t *part, esp_image_metadata_t *data)
@ -688,7 +692,10 @@ esp_err_t esp_image_load(esp_image_load_mode_t mode, const esp_partition_pos_t *
if (1) {
#else
#ifdef CONFIG_ENABLE_BOOT_CHECK_SHA256
if (data->image.hash_appended) {
#ifdef CONFIG_TARGET_PLATFORM_ESP32
if (data->image.hash_appended)
#endif
{
sha_handle = bootloader_sha256_start();
if (sha_handle == NULL) {
return ESP_ERR_NO_MEM;
@ -926,98 +933,53 @@ err:
static esp_err_t process_segment_data(intptr_t load_addr, uint32_t data_addr, uint32_t data_len, bool do_load, bootloader_sha256_handle_t sha_handle, uint32_t *checksum)
{
#ifdef BOOTLOADER_BUILD
const uint32_t *data = (const uint32_t *)bootloader_mmap(data_addr, data_len);
if(!data) {
ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed",
data_addr, data_len);
esp_err_t ret = ESP_OK;
#if defined(CONFIG_ENABLE_BOOT_CHECK_SUM) || defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
const char *src = (const char *)data_addr;
#ifndef BOOTLOADER_BUILD
uint32_t *pbuf;
pbuf = (uint32_t*)malloc(SHA_CHUNK);
if(pbuf == NULL) {
return ESP_FAIL;
}
#if defined(BOOTLOADER_BUILD) && defined(BOOTLOADER_UNPACK_APP)
// Set up the obfuscation value to use for loading
while (ram_obfs_value[0] == 0 || ram_obfs_value[1] == 0) {
bootloader_fill_random(ram_obfs_value, sizeof(ram_obfs_value));
}
ram_obfs_value[0] = 0x55;
ram_obfs_value[1] = 0xaa;
uint32_t *dest = (uint32_t *)load_addr;
#else
static char pbuf[SHA_CHUNK];
#endif
const uint32_t *src = data;
for (int i = 0; i < data_len; i += 4) {
int w_i = i/4; // Word index
uint32_t w = src[w_i];
*checksum ^= w;
#ifdef BOOTLOADER_BUILD
if (do_load) {
// dest[w_i] = w ^ ((w_i & 1) ? ram_obfs_value[0] : ram_obfs_value[1]);
}
#endif
for (int i = 0; i < data_len; i += SHA_CHUNK) {
// SHA_CHUNK determined experimentally as the optimum size
// to call bootloader_sha256_data() with. This is a bit
// counter-intuitive, but it's ~3ms better than using the
// SHA256 block size.
const size_t SHA_CHUNK = 1024;
if (sha_handle != NULL && i % SHA_CHUNK == 0) {
// bootloader_sha256_data(sha_handle, &src[w_i],
// MIN(SHA_CHUNK, data_len - i));
}
}
size_t bytes = MIN(SHA_CHUNK, data_len - i);
bootloader_munmap(data);
return ESP_OK;
#endif
#ifndef BOOTLOADER_BUILD
uint32_t had_read_size = 0, to_read_size = 0;
uint32_t* data = 0;
data = (uint32_t*)malloc(MAX_CHECKSUM_READ_SIZE);
if(data == NULL) {
return ESP_FAIL;
}
const uint32_t *src = data;
for (; had_read_size != data_len; ) {
to_read_size = ((data_len - had_read_size) < MAX_CHECKSUM_READ_SIZE) ? (data_len - had_read_size) : MAX_CHECKSUM_READ_SIZE;
int ret = ESP_OK;
ret = spi_flash_read(data_addr + had_read_size, data, to_read_size);
ret = bootloader_flash_read((size_t)&src[i], pbuf, bytes, false);
if (ret) {
ESP_LOGE(TAG, "SPI flash read result %d\n", ret);
free(data);
return ESP_FAIL;
ESP_LOGE(TAG, "bootloader read flash @ %p %d error %d", &src[i], bytes, ret);
goto exit;
}
had_read_size += to_read_size;
#if defined(CONFIG_ENABLE_BOOT_CHECK_SUM)
uint32_t *psum = (uint32_t *)pbuf;
for (int i = 0; i < to_read_size; i += 4) {
int w_i = i/4; // Word index
uint32_t w = src[w_i];
*checksum ^= w;
#ifdef BOOTLOADER_BUILD
if (do_load) {
// dest[w_i] = w ^ ((w_i & 1) ? ram_obfs_value[0] : ram_obfs_value[1]);
}
#endif
// SHA_CHUNK determined experimentally as the optimum size
// to call bootloader_sha256_data() with. This is a bit
// counter-intuitive, but it's ~3ms better than using the
// SHA256 block size.
const size_t SHA_CHUNK = 1024;
if (sha_handle != NULL && i % SHA_CHUNK == 0) {
// bootloader_sha256_data(sha_handle, &src[w_i],
// MIN(SHA_CHUNK, data_len - i));
}
}
} // end for
free(data);
return ESP_OK;
for (int i = 0; i < bytes / sizeof(uint32_t); i++)
*checksum ^= psum[i];
#endif
#if defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
if (sha_handle != NULL)
bootloader_sha256_data(sha_handle, pbuf, bytes);
#endif
}
exit:
#ifndef BOOTLOADER_BUILD
free(pbuf);
#endif
#endif
return ret;
}
static esp_err_t verify_segment_header(int index, const esp_image_segment_header_t *segment, uint32_t segment_data_offs, bool silent)
@ -1082,49 +1044,68 @@ esp_err_t esp_image_verify_bootloader(uint32_t *length)
static esp_err_t verify_checksum(bootloader_sha256_handle_t sha_handle, uint32_t checksum_word, esp_image_metadata_t *data)
{
esp_err_t err = ESP_OK;
#if defined(CONFIG_ENABLE_BOOT_CHECK_SUM) || defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
uint32_t unpadded_length = data->image_len;
uint32_t length = unpadded_length + 1; // Add a byte for the checksum
length = (length + 15) & ~15; // Pad to next full 16 byte block
// Verify checksum
uint8_t buf[16];
esp_err_t err = bootloader_flash_read(data->start_addr + unpadded_length, buf, length - unpadded_length, true);
err = bootloader_flash_read(data->start_addr + unpadded_length, buf, length - unpadded_length, true);
if (err != ESP_OK) {
ESP_LOGE(TAG, "bootloader read flash @ 0x%x %d error %d", data->start_addr + unpadded_length, length - unpadded_length, err);
return ESP_ERR_IMAGE_INVALID;
}
#if defined(CONFIG_ENABLE_BOOT_CHECK_SUM)
uint8_t calc = buf[length - unpadded_length - 1];
uint8_t checksum = (checksum_word >> 24)
^ (checksum_word >> 16)
^ (checksum_word >> 8)
^ (checksum_word >> 0);
if (err != ESP_OK || checksum != calc) {
if (checksum != calc) {
ESP_LOGE(TAG, "Checksum failed. Calculated 0x%x read 0x%x", checksum, calc);
return ESP_ERR_IMAGE_INVALID;
}
#endif
#ifdef CONFIG_ENABLE_BOOT_CHECK_SHA256
if (sha_handle != NULL) {
bootloader_sha256_data(sha_handle, buf, length - unpadded_length);
}
if (data->image.hash_appended) {
#if CONFIG_TARGET_PLATFORM_ESP32
if (data->image.hash_appended)
#endif
{
// Account for the hash in the total image length
length += HASH_LEN;
}
#endif
data->image_len = length;
#endif
return ESP_OK;
return err;
}
#if defined(CONFIG_SECURE_BOOT_ENABLED) && defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
#if defined(CONFIG_SECURE_BOOT_ENABLED) || defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
static void debug_log_hash(const uint8_t *image_hash, const char *caption);
#endif
#if defined(CONFIG_SECURE_BOOT_ENABLED)
static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_handle, esp_image_metadata_t *data)
{
uint8_t image_hash[HASH_LEN] = { 0 };
// For secure boot, we calculate the signature hash over the whole file, which includes any "simple" hash
// appended to the image for corruption detection
if (data->image.hash_appended) {
#if CONFIG_TARGET_PLATFORM_ESP32
if (data->image.hash_appended)
#endif
{
const void *simple_hash = bootloader_mmap(data->start_addr + data->image_len - HASH_LEN, HASH_LEN);
bootloader_sha256_data(sha_handle, simple_hash, HASH_LEN);
bootloader_munmap(simple_hash);
@ -1160,27 +1141,37 @@ static esp_err_t verify_secure_boot_signature(bootloader_sha256_handle_t sha_han
return ESP_OK;
}
#endif
#if defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
static esp_err_t verify_simple_hash(bootloader_sha256_handle_t sha_handle, esp_image_metadata_t *data)
{
uint8_t image_hash[HASH_LEN] = { 0 };
uint8_t image_hash[HASH_LEN];
uint8_t image_hash_flash[HASH_LEN];
// Simple hash for verification only
esp_err_t err = bootloader_flash_read(data->start_addr + data->image_len - HASH_LEN, image_hash_flash, HASH_LEN, false);
if (err != ESP_OK) {
ESP_LOGE(TAG, "bootloader read flash @ 0x%x %d error %d", data->start_addr + data->image_len - HASH_LEN, HASH_LEN, err);
return ESP_ERR_IMAGE_INVALID;
}
bootloader_sha256_finish(sha_handle, image_hash);
// Log the hash for debugging
debug_log_hash(image_hash, "Calculated hash");
// Simple hash for verification only
const void *hash = bootloader_mmap(data->start_addr + data->image_len - HASH_LEN, HASH_LEN);
if (memcmp(hash, image_hash, HASH_LEN) != 0) {
if (memcmp(image_hash_flash, image_hash, HASH_LEN) != 0) {
ESP_LOGE(TAG, "Image hash failed - image is corrupt");
debug_log_hash(hash, "Expected hash");
bootloader_munmap(hash);
debug_log_hash(image_hash_flash, "Expected hash");
return ESP_ERR_IMAGE_INVALID;
}
bootloader_munmap(hash);
return ESP_OK;
}
#endif
#if defined(CONFIG_SECURE_BOOT_ENABLED) || defined(CONFIG_ENABLE_BOOT_CHECK_SHA256)
// Log a hash as a hex string
static void debug_log_hash(const uint8_t *image_hash, const char *label)