Search found 32 matches
- Sun Aug 20, 2023 2:17 am
- Forum: Hardware
- Topic: [Question] : Has Security Advisory AR2022-003 been addressed ?
- Replies: 4
- Views: 1697
Re: [Question] : Has Security Advisory AR2022-003 been addressed ?
Well the Document states : "SCA and BBI vulnerabilities reported in this advisory may be applicable for Espressif SoC's including ESP32, ESP32-S2, ESP32-C3 and ESP32-S3. We will incorporate hardware countermeasures in our future chips to address these vulnerabilities." Also For ESP32, EMFI has been ...
- Fri Aug 18, 2023 12:39 pm
- Forum: Hardware
- Topic: [Question] : Has Security Advisory AR2022-003 been addressed ?
- Replies: 4
- Views: 1697
[Question] : Has Security Advisory AR2022-003 been addressed ?
Hello,
Anyone knows if Security Advisory AR2022-003 been addressed ?
If yes, then what is the revision number of ESP32-S3 that addresses this issue ?
(I am specifically looking ESP32-S3-DevKitC which addresses this issue)
Thanks
Anyone knows if Security Advisory AR2022-003 been addressed ?
If yes, then what is the revision number of ESP32-S3 that addresses this issue ?
(I am specifically looking ESP32-S3-DevKitC which addresses this issue)
Thanks
- Sun Feb 20, 2022 3:26 pm
- Forum: ESP-IDF
- Topic: Secure Boot V2 failure: Sig block 0 invalid: Image digest does not match
- Replies: 4
- Views: 3610
Re: Secure Boot V2 failure: Sig block 0 invalid: Image digest does not match
After discussion on the ESP-IDF github, it was concluded that this is due to mismatch of Size header in the bootloader.
Best way is to manually pass --flash_size keep or --flash_size <SIZE>
Best way is to manually pass --flash_size keep or --flash_size <SIZE>
- Thu Feb 17, 2022 7:11 pm
- Forum: ESP-IDF
- Topic: ESP32 Efuses
- Replies: 1
- Views: 2373
Re: ESP32 Efuses
Is it ok to do that? I think its a design flaw (imho)... If you dont mind the keys being read, why not store it in your program itself and check for it while the program boots ? (unless you are using this as a digest again)... there should be no 'negative' effect though as far as esp32 is cnocerned...
- Thu Feb 17, 2022 5:26 pm
- Forum: ESP-IDF
- Topic: [Script] Easy burn e-fuse in case of Flashing Pre-Generated Keys for Flash Encryption
- Replies: 3
- Views: 3806
[Script] Easy burn e-fuse in case of Flashing Pre-Generated Keys for Flash Encryption
Hi All ! After reading so much on the forum and getting help from ESP admins and mods, I have written a simple BAT script to burn the required fuses to protect ESP incase someone wants to burn pre-flashed keys. Please replace : <PORT> to your actual connected port <KEY> Path to your Key.bin ::*** fr...
- Thu Feb 17, 2022 5:04 pm
- Forum: ESP-IDF
- Topic: Does Partition.bin also need to be signed when using SecureBoot V2
- Replies: 4
- Views: 3800
- Thu Feb 17, 2022 3:42 pm
- Forum: ESP-IDF
- Topic: Secure Boot V2 failure: Sig block 0 invalid: Image digest does not match
- Replies: 4
- Views: 3610
Re: Secure Boot V2 failure: Sig block 0 invalid: Image digest does not match
I am also having the same problem. I am using ESP32-DevkitC-VE (Wrover Module) with 8MB Flash. If I burn the digest using : espefuse.py --port COM6 burn_key_digest X:\secure_boot_signing_key.pem, I get "Sig block 0 invalid: Image digest does not match" If I dont burn the digest manually, I get simil...
- Thu Feb 17, 2022 12:32 pm
- Forum: ESP-IDF
- Topic: Does Partition.bin also need to be signed when using SecureBoot V2
- Replies: 4
- Views: 3800
Does Partition.bin also need to be signed when using SecureBoot V2
Hi !
I was wondering if Partition.bin(or Partition-table.bin) also needs to be signed when using SecureBoot V2. Signing is done seperately using espsecure.py sign_data command.
Does Partition.bin(or Partition-table.bin) need to be signed or is ot supposed to be burnt unsigned ?
Thanks for the help!
I was wondering if Partition.bin(or Partition-table.bin) also needs to be signed when using SecureBoot V2. Signing is done seperately using espsecure.py sign_data command.
Does Partition.bin(or Partition-table.bin) need to be signed or is ot supposed to be burnt unsigned ?
Thanks for the help!
- Tue Feb 01, 2022 8:20 pm
- Forum: ESP-IDF
- Topic: Problem in Computing AES 256 CBC
- Replies: 19
- Views: 28319
Re: Problem in Computing AES 256 CBC
Hi @chegewara, I am trying to decrypt the file while writing OTA. The problem is that I get esp_image: invalid segment length 0xffc70fb10m if I use decryption. Direct non-encrypted OTA updates fine . Code : if (true) { #define BUFFER_SIZE=2048 mbedtls_aes_context aes; const uint8_t key[] = {0x10,0x1...
- Tue Feb 01, 2022 7:04 am
- Forum: ESP-IDF
- Topic: Problem in Computing AES 256 CBC
- Replies: 19
- Views: 28319
Re: Problem in Computing AES 256 CBC
I know int (11) is not the same as hex (0x11) and definitely not the same as "11". What I wanted to do was get a series of bytes is input to be encoded and decoded back to byte format. i,e -> input = 0x11 -> encrypt -> decrypt -> back to 0x11 I realize that the Decrypt array is showing as decimal an...