Hello everbody. I intend to use Flash encryption in combination with Secure Boot V2. I would like to know if the FW Image must be signed before it will be encrypted and flashed. Basically I want to use the flash encryption in Release mode. For me something was not clear enough: So as far as I unders...

Hello everyone,

I would like to know if ESP-IDF offers certified libraries. The background is that the developer is always liable for the correctness.

thanks

The JTAG bit will not work; you can try to connect to it but it won't see the CPU. The USB-to-serial bit will still function as a serial port. Ok thanks. But since the USB-OTG is disabled, I can communicate only with PC and send data over usb-serial. Am I able to write data from esp32s3 to a smartp...

So my question: will the USB-OTG Stack be disable temporary and only during the validation of the signature or will it be permanet disabled? I mean, is any communication via USB-OTG after enabling SBV2 not possible anymore ? Or is it only not available only during the verification and validation pr...

Hello everyone, I have a general question regarding USB-OTG and Secure Boot V2 on esp32s3. So according to espressif documentation: enabling the Secure Boot disables the USB-OTG Stack in the ROM. So my question: will the USB-OTG Stack be disable temporary and only during the validation of the signat...

Solved the problem

the signed bootloader image must be flashed into the address 0x0. using the esptool.py write_flash --force 0x0 bootloader.bin fixed the problem

The binary file (app-template.bin) can be corrupted or incorrectly generated. So I have tried to generate the signing manually using espsecure.py and the binary file has been succssefully signed. The binary file have been built using idf.py build. I have verified the appended signature using espsec...

Hello everyone, so I have enabled the Secure Boot sucessfully, generated the private signing key using OpenSSL. So after running the command , it stays in the bootloader. So I ran the command idf.py monitor, but it gives me an invalid header. First and second output [esptool.py -p COM4 -b 1152000 --...

Hello everyone, I have watched the webinar from espressif abot SBV2 and how to sign the firmware for prodution purposes, so the key should not be get leaked. They use KMS like Thistle. My question is how to deal with a thousand of devices should be signed with different keys. I have seen the idea wh...

So the nvs key will be stored in the nvs key parition in flash and the nvs key parition will be encrypted using flash encryption, which will use another key stored in the eFuse. Is my interpretation correct ? Yes :) Ok thanks a lot :) . So since the nvs key ist not executable cause it is hardware-e...