Flash encryption

zavovi
Posts: 10
Joined: Thu Aug 10, 2017 10:21 am

Flash encryption

Postby zavovi » Sun Oct 18, 2020 8:58 pm

Hi all,
please help. I encrypted the flash on my ESP32 device and now I cannot write anything new.
I have five devices and I was learning with flash encryption. THe first one is not really good (the other are ok).

The first one summary:

Code: Select all

# ./../esp-idf/components/esptool_py/esptool/espefuse.py --port COM39 summary
Connecting........_
Detecting chip type... ESP32
espefuse.py v3.0-dev
EFUSE_NAME (Block)                       Description  = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Efuse fuses:
WR_DIS (BLOCK0):                         Efuse write disable mask                           = 388 R/W (0x0184)
RD_DIS (BLOCK0):                         Efuse read disable mask                            = 3 R/W (0x3)
CODING_SCHEME (BLOCK0):                  Efuse variable block length scheme
   = NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0):                     Usage of efuse block 3 (reserved)                  = False R/W (0b0)

Calibration fuses:
BLK3_PART_RESERVE (BLOCK0):              BLOCK3 partially served for ADC calibration data   = False R/W (0b0)
ADC_VREF (BLOCK0):                       Voltage reference calibration                      = 1121 R/W (0b00011)

Security fuses:
FLASH_CRYPT_CNT (BLOCK0):                Flash encryption mode counter                      = 1 R/- (0b0000001)
UART_DOWNLOAD_DIS (BLOCK0):              Disable UART download mode (ESP32 rev3 only)       = False R/- (0b0)
FLASH_CRYPT_CONFIG (BLOCK0):             Flash encryption config (key tweak bits)           = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0):          Disable ROM BASIC interpreter fallback             = True R/W (0b1)
ABS_DONE_0 (BLOCK0):                     secure boot enabled for bootloader                 = True R/W (0b1)
ABS_DONE_1 (BLOCK0):                     secure boot abstract 1 locked                      = False R/W (0b0)
JTAG_DISABLE (BLOCK0):                   Disable JTAG                                       = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0):             Disable flash encryption in UART bootloader        = True R/W (0b1)
DISABLE_DL_DECRYPT (BLOCK0):             Disable flash decryption in UART bootloader        = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0):               Disable flash cache in UART bootloader             = True R/W (0b1)
BLK1 (BLOCK1):                           Flash encryption key
   = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLK2 (BLOCK2):                           Secure boot key
   = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLK3 (BLOCK3):                           Variable Block 3
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W

Identity fuses:
MAC (BLOCK0):                            Factory MAC Address
   = 80:7d:3a:08:a7:dd (CRC 0x37 OK) R/W
MAC_CRC (BLOCK0):                        CRC8 for factory MAC address                       = 55 R/W (0x37)
CHIP_VER_REV1 (BLOCK0):                  Silicon Revision 1                                 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0):                  Silicon Revision 2                                 = False R/W (0b0)
CHIP_VERSION (BLOCK0):                   Reserved for future chip versions                  = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0):                   Chip package identifier                            = 1 R/W (0b001)
MAC_VERSION (BLOCK3):                    Version of the MAC field                           = 0 R/W (0x00)

Config fuses:
XPD_SDIO_FORCE (BLOCK0):                 Ignore MTDI pin (GPIO12) for VDD_SDIO on reset     = False R/W (0b0)
XPD_SDIO_REG (BLOCK0):                   If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset    = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0):                  If XPD_SDIO_FORCE & XPD_SDIO_REG                   = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0):                     8MHz clock freq override                           = 57 R/W (0x39)
SPI_PAD_CONFIG_CLK (BLOCK0):             Override SD_CLK pad (GPIO6/SPICLK)                 = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0):               Override SD_DATA_0 pad (GPIO7/SPIQ)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0):               Override SD_DATA_1 pad (GPIO8/SPID)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0):              Override SD_DATA_2 pad (GPIO9/SPIHD)               = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0):             Override SD_CMD pad (GPIO11/SPICS0)                = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0):              Disable SDIO host                                  = False R/W (0b0)
I flashed it with my binary FW and it is working. It have OTA, but it is not working too on this device. I know my secure keys. Is it any solution for reflash it and fix my OTA?

If I want to flash it again with encrypted binary like this:

Code: Select all

# ./../esp-idf/components/esptool_py/esptool/espsecure.py encrypt_flash_data --keyfile tcs_boot_secure_key.bin --address 0x20000 -o build_release/tcs_controller_release-enc.bin build_release/tcs_controller_release.bin
# ../esp-idf/components/esptool_py/esptool/esptool.py --port COM39 -b 2000000 write_flash 0x20000 build_release/tcs_controller_release-enc.bin
It seems that it is OK and it is flashing, but I cannot see the new FW in my device - still is OLD FW there.

Thank you very much.

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Flash encryption

Postby WiFive » Mon Oct 19, 2020 2:24 am

If you have multiple app partitions you may not be flashing to the active partition so you could try erasing the otadata. Also you might be using the wrong key to encrypt.

zavovi
Posts: 10
Joined: Thu Aug 10, 2017 10:21 am

Re: Flash encryption

Postby zavovi » Mon Oct 19, 2020 12:20 pm

Many Thanks! There was old OTA image and when I changed main APP image, it wasn't booted. I erased both OTA partitions and now I can use main APP from main partition.

Thank you very much!

Who is online

Users browsing this forum: pacucha42 and 154 guests