Multiple code signing keys possible?

homedad
Posts: 9
Joined: Sun Jan 23, 2022 2:53 am

Multiple code signing keys possible?

Postby homedad » Tue Nov 19, 2024 12:32 am

I have a bunch of development kits from project 1 for company 1. I built signed firmware on these.

I now have project 2 for company 2 and have generated a new signing certificate. I've built signed firmware, and I can flash it using idy.py, but my company 2 OTA's fail the signature validation unless I sign them with company 1's key.

I believe that these dev kits have been set up for company 1's signing key.

I've been confused by the Secure Boot V2 documentation, since I have only used the App Signing feature.

* Is there a way to load a second App Image Signing Public key onto these boards, so that I can load firmware built for company 1 and 2 on the same development kits?

* Is there a faster way to validate what signing key is on a board, other than performing an OTA and getting a failed result?

Thank you,
-scott.e

aliarifat794
Posts: 196
Joined: Sun Jun 23, 2024 6:18 pm

Re: Multiple code signing keys possible?

Postby aliarifat794 » Tue Nov 19, 2024 6:14 am

Check if the CONFIG_SECURE_BOOT_KEY_DIGEST or CONFIG_SECURE_BOOT_ALLOW_KEY_ROTATION options are enabled in your bootloader.

homedad
Posts: 9
Joined: Sun Jan 23, 2022 2:53 am

Re: Multiple code signing keys possible?

Postby homedad » Tue Nov 19, 2024 5:10 pm

Thanks for your help. I see neither of these set:
CONFIG_SECURE_BOOT_KEY_DIGEST
CONFIG_SECURE_BOOT_ALLOW_KEY_ROTATION

But I do have these security settings:
CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE=y
CONFIG_BOOTLOADER_APP_ANTI_ROLLBACK=y
CONFIG_BOOTLOADER_APP_SECURE_VERSION=0

CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_V2_RSA_SUPPORTED=y
CONFIG_SECURE_BOOT_V2_PREFERRED=y
CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT=y
CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y
CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT=y
# CONFIG_SECURE_BOOT is not set
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOT_SIGNING_KEY=<path to PEM>

# CONFIG_SECURE_FLASH_ENC_ENABLED is not set

CONFIG_SOC_SECURE_BOOT_V2_RSA=y
CONFIG_SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS=3
CONFIG_SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS=y
CONFIG_SOC_SUPPORT_SECURE_BOOT_REVOKE_KEY=y

Who is online

Users browsing this forum: ESP_rrtandler, jldesigns and 89 guests