diff --git a/components/bootloader/subproject/signature_verification_key.bin b/components/bootloader/subproject/signature_verification_key.bin
new file mode 100644
index 0000000000..7585540015
--- /dev/null
+++ b/components/bootloader/subproject/signature_verification_key.bin
@@ -0,0 +1 @@
+Y��IA))��->!��Pb4k���J�ʬHe���t�oȡ���K�/��؆��r���fM����D;��|(E
\ No newline at end of file
diff --git a/components/bootloader_support/src/esp_image_format.c b/components/bootloader_support/src/esp_image_format.c
index f053a20692..9351c7ad91 100644
--- a/components/bootloader_support/src/esp_image_format.c
+++ b/components/bootloader_support/src/esp_image_format.c
@@ -18,6 +18,7 @@
#include <soc/cpu.h>
#include <esp_image_format.h>
#include <esp_secure_boot.h>
+#define LOG_LOCAL_LEVEL ESP_LOG_ERROR
#include <esp_log.h>
#include <bootloader_flash.h>
#include <bootloader_random.h>
@@ -166,15 +167,17 @@ goto err;
rewritten the header - rely on esptool.py having verified the bootloader at flashing time, instead.
*/
if (!is_bootloader) {
+ if (esp_secure_boot_enabled()) {
#ifdef CONFIG_SECURE_BOOT_ENABLED
- // secure boot images have a signature appended
- err = verify_secure_boot_signature(sha_handle, data);
-#else
- // No secure boot, but SHA-256 can be appended for basic corruption detection
- if (sha_handle != NULL) {
- err = verify_simple_hash(sha_handle, data);
- }
+ // secure boot images have a signature appended
+ err = verify_secure_boot_signature(sha_handle, data);
#endif // CONFIG_SECURE_BOOT_ENABLED
+ } else {
+ // No secure boot, but SHA-256 can be appended for basic corruption detection
+ if (sha_handle != NULL) {
+ err = verify_simple_hash(sha_handle, data);
+ }
+ }
} else { // is_bootloader
// bootloader may still have a sha256 digest handle open
if (sha_handle != NULL) {
diff --git a/components/esp32/ld/esp32.spiram.rom-functions-iram.ld b/components/esp32/ld/esp32.spiram.rom-functions-iram.ld
index 6f97fb6b15..843d860427 100644
--- a/components/esp32/ld/esp32.spiram.rom-functions-iram.ld
+++ b/components/esp32/ld/esp32.spiram.rom-functions-iram.ld
@@ -47,6 +47,7 @@
*lib_a-mktime.o(.literal .text .literal.* .text.*)
*lib_a-syswrite.o(.literal .text .literal.* .text.*)
*lib_a-tzset_r.o(.literal .text .literal.* .text.*)
+ *lib_a-sysgettod.o(.literal .text .literal.* .text.*)
*lib_a-tzset.o(.literal .text .literal.* .text.*)
*lib_a-toupper.o(.literal .text .literal.* .text.*)
*lib_a-tolower.o(.literal .text .literal.* .text.*)
diff --git a/examples/peripherals/gpio/main/gpio_example_main.c b/examples/peripherals/gpio/main/gpio_example_main.c
index b6e71339ec..4e44edf0bd 100644
--- a/examples/peripherals/gpio/main/gpio_example_main.c
+++ b/examples/peripherals/gpio/main/gpio_example_main.c
@@ -89,7 +89,7 @@ void app_main()
//create a queue to handle gpio event from isr
gpio_evt_queue = xQueueCreate(10, sizeof(uint32_t));
//start gpio task
- xTaskCreate(gpio_task_example, "gpio_task_example", 2048, NULL, 10, NULL);
+ xTaskCreate(&gpio_task_example, "gpio_task_example", 2048, NULL, 10, NULL);
//install gpio isr service
gpio_install_isr_service(ESP_INTR_FLAG_DEFAULT);
diff --git a/examples/wifi/scan/secure_boot_signing_key.pem b/examples/wifi/scan/secure_boot_signing_key.pem
new file mode 100644
index 0000000000..13e6fc7958
--- /dev/null
+++ b/examples/wifi/scan/secure_boot_signing_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICMyAIK9+SQEoSM06ju1q2PHfyQf34uN0J6WS0OFwP9OoAoGCCqGSM49
+AwEHoUQDQgAEWc/nSUEpKYnULT4h7AVQYjRr6AK5SpzKrEhlgpmjdBBvyKHFBopL
+oS+5nNiGlPdym8YYZk3THReXRDv+/3woRQ==
+-----END EC PRIVATE KEY-----
diff --git a/examples/wifi/scan/signature_verification_key.bin b/examples/wifi/scan/signature_verification_key.bin
new file mode 100644
index 0000000000..7585540015
--- /dev/null
+++ b/examples/wifi/scan/signature_verification_key.bin
@@ -0,0 +1 @@
+Y��IA))��->!��Pb4k���J�ʬHe���t�oȡ���K�/��؆��r���fM����D;��|(E
\ No newline at end of file