Search found 19 matches
- Thu Sep 05, 2024 2:00 pm
- Forum: General Discussion
- Topic: Secure Boot V2 and Flash Encryption
- Replies: 1
- Views: 935
Secure Boot V2 and Flash Encryption
Hello everbody. I intend to use Flash encryption in combination with Secure Boot V2. I would like to know if the FW Image must be signed before it will be encrypted and flashed. Basically I want to use the flash encryption in Release mode. For me something was not clear enough: So as far as I unders...
- Fri Aug 30, 2024 9:53 am
- Forum: General Discussion
- Topic: certified library in ESP-IDF
- Replies: 1
- Views: 1157
certified library in ESP-IDF
Hello everyone,
I would like to know if ESP-IDF offers certified libraries. The background is that the developer is always liable for the correctness.
thanks
I would like to know if ESP-IDF offers certified libraries. The background is that the developer is always liable for the correctness.
thanks
- Fri Aug 23, 2024 11:37 am
- Forum: General Discussion
- Topic: USB-OTG and Secure Boot V2
- Replies: 5
- Views: 1422
Re: USB-OTG and Secure Boot V2
The JTAG bit will not work; you can try to connect to it but it won't see the CPU. The USB-to-serial bit will still function as a serial port. Ok thanks. But since the USB-OTG is disabled, I can communicate only with PC and send data over usb-serial. Am I able to write data from esp32s3 to a smartp...
- Thu Aug 22, 2024 8:31 am
- Forum: General Discussion
- Topic: USB-OTG and Secure Boot V2
- Replies: 5
- Views: 1422
Re: USB-OTG and Secure Boot V2
So my question: will the USB-OTG Stack be disable temporary and only during the validation of the signature or will it be permanet disabled? I mean, is any communication via USB-OTG after enabling SBV2 not possible anymore ? Or is it only not available only during the verification and validation pr...
- Thu Aug 22, 2024 7:48 am
- Forum: General Discussion
- Topic: USB-OTG and Secure Boot V2
- Replies: 5
- Views: 1422
USB-OTG and Secure Boot V2
Hello everyone, I have a general question regarding USB-OTG and Secure Boot V2 on esp32s3. So according to espressif documentation: enabling the Secure Boot disables the USB-OTG Stack in the ROM. So my question: will the USB-OTG Stack be disable temporary and only during the validation of the signat...
- Fri Aug 16, 2024 1:59 pm
- Forum: General Discussion
- Topic: invalid header after running secure boot
- Replies: 3
- Views: 1130
Re: invalid header after running secure boot
Solved the problem
the signed bootloader image must be flashed into the address 0x0. using the esptool.py write_flash --force 0x0 bootloader.bin fixed the problem
the signed bootloader image must be flashed into the address 0x0. using the esptool.py write_flash --force 0x0 bootloader.bin fixed the problem
- Wed Aug 14, 2024 1:47 pm
- Forum: General Discussion
- Topic: invalid header after running secure boot
- Replies: 3
- Views: 1130
Re: invalid header after running secure boot
The binary file (app-template.bin) can be corrupted or incorrectly generated. So I have tried to generate the signing manually using espsecure.py and the binary file has been succssefully signed. The binary file have been built using idf.py build. I have verified the appended signature using espsec...
- Tue Aug 13, 2024 1:04 pm
- Forum: General Discussion
- Topic: invalid header after running secure boot
- Replies: 3
- Views: 1130
invalid header after running secure boot
Hello everyone, so I have enabled the Secure Boot sucessfully, generated the private signing key using OpenSSL. So after running the command , it stays in the bootloader. So I ran the command idf.py monitor, but it gives me an invalid header. First and second output [esptool.py -p COM4 -b 1152000 --...
- Wed Aug 07, 2024 1:36 pm
- Forum: General Discussion
- Topic: Secure Boot V2 FW Signig in production
- Replies: 0
- Views: 634
Secure Boot V2 FW Signig in production
Hello everyone, I have watched the webinar from espressif abot SBV2 and how to sign the firmware for prodution purposes, so the key should not be get leaked. They use KMS like Thistle. My question is how to deal with a thousand of devices should be signed with different keys. I have seen the idea wh...
- Tue Aug 06, 2024 11:40 am
- Forum: General Discussion
- Topic: how to store sensible data that cannot be accessed
- Replies: 6
- Views: 1620
Re: how to store sensible data that cannot be accessed
So the nvs key will be stored in the nvs key parition in flash and the nvs key parition will be encrypted using flash encryption, which will use another key stored in the eFuse. Is my interpretation correct ? Yes :) Ok thanks a lot :) . So since the nvs key ist not executable cause it is hardware-e...