I need to save a key (not secret) to the ESP.
I don't need either the Flash Encryption or the Secure Boot features.
I can write the key to BLK1, BLK2, and BKL3(will do all 3 because my key is long). I have already done this and I successfully read my key on my firmware.
I also write-protected those e-fuses, and I don't care if someone can read them either from a PC or a firmware.
I am just treating them as one-time programmable memory space, that I can store something that will NEVER change
My question is: Is it ok to do that? Will there be any negative effects by reading those e-fuses on every boot? If I read protect them will my firmware be able to read them?
The steps I have take are :
Code: Select all
espefuse burn_key BLK1 part_1.bin --no-protect-key
espefuse secure_boot BLK2 part_2.bin --no-protect-key
espefuse burn_key BLK3 part_3.bin --no-protect-key
Code: Select all
espefuse --port COM16 write_protect_efuse BLK1
espefuse --port COM16 write_protect_efuse BLK2
espefuse --port COM16 write_protect_efuse BLK3