Secure Boot V2 and Flash Download Tool

osiris81
Posts: 6
Joined: Fri Sep 11, 2020 12:57 pm

Secure Boot V2 and Flash Download Tool

Postby osiris81 » Mon Jun 14, 2021 2:03 pm

Hello,

I'm trying to enable secure boot V2 and flash encryption for our project. When flashing the target as described in the secure boot documentation (https://docs.espressif.com/projects/esp ... ot-v2.html) it works.

For production however, we'd like to use the Flash Download Tool v3.8.5. I've setup the tool the same way as without secure boot (bootloader.bin, my_app.bin, ota_data_initial.bin, partition-table.bin), but after flashing, I always get the following output after the first boot:

Code: Select all

I (413) esp_image: Verifying image signature...
I (415) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (424) secure_boot_v2: Verifying with RSA-PSS...
I (431) secure_boot_v2: Signature verified successfully!
I (446) boot: Loaded app from partition at offset 0x20000
I (446) secure_boot_v2: enabling secure boot v2...
I (447) efuse: Batch mode of writing fields is enabled
I (453) esp_image: segment 0: paddr=00001020 vaddr=3ffe6260 size=0351ch ( 13596) 
I (464) esp_image: segment 1: paddr=00004544 vaddr=4004c000 size=00d10h (  3344) 
I (470) esp_image: segment 2: paddr=0000525c vaddr=40050000 size=049f8h ( 18936) 
I (482) esp_image: Verifying image signature...
I (483) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (492) secure_boot_v2: Verifying with RSA-PSS...
Sig block 0 invalid: Image digest does not match
E (501) secure_boot_v2: Secure Boot V2 verification failed.
E (507) esp_image: Secure boot signature verification failed
I (514) esp_image: Calculating simple hash to check for corruption...
E (527) esp_image: Image hash failed - image is corrupt
W (527) esp_image: image corrupted on flash
E (531) secure_boot_v2: bootloader image appears invalid! error 8194
I (538) efuse: Batch mode of writing fields is cancelled
E (544) boot: Secure Boot v2 failed (8194)
E (549) boot: Factory app partition is not bootable
E (555) esp_image: image at 0x160000 has invalid magic byte
I'm using ESP-IDF tag v4.3-rc.

callux
Posts: 3
Joined: Wed Oct 20, 2021 5:39 am

Re: Secure Boot V2 and Flash Download Tool

Postby callux » Fri Dec 03, 2021 8:12 am

Have you managed to implement secure boot with flash download tool ?

ESP_QiChuan
Posts: 14
Joined: Tue Mar 05, 2019 6:35 am

Re: Secure Boot V2 and Flash Download Tool

Postby ESP_QiChuan » Thu Feb 17, 2022 8:15 am

Hi,

Could you provide your setup config of flash download tool?

mr.engineer
Posts: 6
Joined: Wed Feb 23, 2022 5:38 am

Re: Secure Boot V2 and Flash Download Tool

Postby mr.engineer » Wed Feb 23, 2022 5:45 am

ESP_QiChuan wrote:
Thu Feb 17, 2022 8:15 am
Hi,

Could you provide your setup config of flash download tool?
UP

Who is online

Users browsing this forum: No registered users and 96 guests