Improve docs for pico_encrypt_binary

will-v-pi · will-v-pi · commit c0c034a88457 · 2025-05-19T09:56:06.000+01:00
Add newlines for readability, and explain why MbedTLS version is insecure
diff --git a/tools/CMakeLists.txt b/tools/CMakeLists.txt
@@ -460,7 +460,8 @@ endfunction()
 # This sets the target property PICOTOOL_EMBED_DECRYPTION to TRUE.
 #
 # Optionally, use MBEDTLS to to use the MbedTLS based decryption stage - this
-# is faster, but less secure.
+# is faster, but offers no security against power or timing sniffing attacks,
+# and takes up more code size.
 # This sets the target property PICOTOOL_USE_MBEDTLS_DECRYPTION to TRUE.
 #
 # Optionally, use OTP_KEY_PAGE to specify the OTP page storing the AES key.

Original file line number	Diff line number	Diff line change
`@@ -460,7 +460,8 @@ endfunction()`
`460`	`460`	`# This sets the target property PICOTOOL_EMBED_DECRYPTION to TRUE.`
`461`	`461`	`#`
`462`	`462`	`# Optionally, use MBEDTLS to to use the MbedTLS based decryption stage - this`
`463`		`-# is faster, but less secure.`
	`463`	`+# is faster, but offers no security against power or timing sniffing attacks,`
	`464`	`+# and takes up more code size.`
`464`	`465`	`# This sets the target property PICOTOOL_USE_MBEDTLS_DECRYPTION to TRUE.`
`465`	`466`	`#`
`466`	`467`	`# Optionally, use OTP_KEY_PAGE to specify the OTP page storing the AES key.`