Issue with Secure Boot V2 : Sig block 0 invalid

regiskiwi
Posts: 4
Joined: Tue Jul 27, 2021 9:47 pm

Issue with Secure Boot V2 : Sig block 0 invalid

Postby regiskiwi » Tue Jul 27, 2021 10:04 pm

I am having an issue at enabling Secure Boot V2 on my ESP32-D0WD-V3 chip. I am using IDF v4.3 and the hello world project where I just enabled secure boot v2 (but not encryption). I have verified that both the app and the bootloader binaries have been signed. I tried with idf v4.2 as well but with no more luck. Can you please let me know what I do wrong?

Code: Select all

I (53) boot: ESP-IDF v4.3-274-g75940e9364-dirty 2nd stage bootloader
I (53) boot: compile time 17:28:28
D (53) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (61) boot: chip revision: 3
D (65) boot.esp32: magic e9
D (68) boot.esp32: segments 03
D (71) boot.esp32: spi_mode 02
D (74) boot.esp32: spi_speed 00
D (77) boot.esp32: spi_size 02
I (80) boot.esp32: SPI Speed      : 40MHz
I (85) boot.esp32: SPI Mode       : DIO
I (89) boot.esp32: SPI Flash Size : 4MB
D (94) boot: Enabling RTCWDT(9000 ms)
I (98) boot: Enabling RNG early entropy source...
D (103) bootloader_flash: mmu set paddr=00000000 count=1 size=c00 src_addr=e000 src_addr_aligned=0
D (112) boot: mapped partition table 0xe000 at 0x3f40e000
D (118) flash_parts: partition table verified, 4 entries
I (123) boot: Partition Table:
I (127) boot: ## Label            Usage          Type ST Offset   Length
D (134) boot: load partition table entry 0x3f40e000
D (139) boot: type=1 subtype=2
I (142) boot:  0 nvs              WiFi data        01 02 0000f000 00006000
D (150) boot: load partition table entry 0x3f40e020
D (155) boot: type=1 subtype=1
I (158) boot:  1 phy_init         RF data          01 01 00015000 00001000
D (165) boot: load partition table entry 0x3f40e040
D (170) boot: type=0 subtype=0
I (173) boot:  2 factory          factory app      00 00 00020000 00100000
I (181) boot: End of partition table
D (185) boot: Trying partition index -1 offs 0x20000 size 0x100000
D (191) esp_image: reading image header @ 0x20000
D (196) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
D (203) esp_image: image header: 0xe9 0x06 0x02 0x01 40081078
I (209) esp_image: segment 0: paddr=00020020 vaddr=3f400020 size=068cch ( 26828) map
D (217) esp_image: free data page_count 0x00000032
D (222) bootloader_flash: mmu set paddr=00020000 count=1 size=68cc src_addr=20020 src_addr_aligned=20000
D (242) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
I (242) esp_image: segment 1: paddr=000268f4 vaddr=3ffb0000 size=028ech ( 10476) load
D (247) esp_image: free data page_count 0x00000032
D (252) bootloader_flash: mmu set paddr=00020000 count=1 size=28ec src_addr=268f4 src_addr_aligned=20000
D (266) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
I (268) esp_image: segment 2: paddr=000291e8 vaddr=40080000 size=06e30h ( 28208) load
D (277) esp_image: free data page_count 0x00000032
D (282) bootloader_flash: mmu set paddr=00020000 count=2 size=6e30 src_addr=291e8 src_addr_aligned=20000
D (303) bootloader_flash: mmu set block paddr=0x00030000 (was 0xffffffff)
I (303) esp_image: segment 3: paddr=00030020 vaddr=400d0020 size=13920h ( 80160) map
D (309) esp_image: free data page_count 0x00000032
D (314) bootloader_flash: mmu set paddr=00030000 count=2 size=13920 src_addr=30020 src_addr_aligned=30000
D (352) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (352) esp_image: segment 4: paddr=00043948 vaddr=40086e30 size=03bd0h ( 15312) load
D (356) esp_image: free data page_count 0x00000032
D (361) bootloader_flash: mmu set paddr=00040000 count=1 size=3bd0 src_addr=43948 src_addr_aligned=40000
D (377) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (378) esp_image: segment 5: paddr=00047520 vaddr=50000000 size=00010h (    16) load
D (386) esp_image: free data page_count 0x00000032
D (391) bootloader_flash: mmu set paddr=00040000 count=1 size=10 src_addr=47520 src_addr_aligned=40000
D (400) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (407) esp_image: Verifying image signature...
D (412) bootloader_flash: mmu set paddr=00040000 count=1 size=20 src_addr=47540 src_addr_aligned=40000
D (422) bootloader_flash: mmu set paddr=00040000 count=1 size=aa0 src_addr=47560 src_addr_aligned=40000
D (432) boot: Calculated secure boot hash: e13ccd5467b63e0735a974ebad0eaa641112a69f7a6b9c04eea6d216e57af54e
D (441) bootloader_flash: mmu set paddr=00040000 count=1 size=1000 src_addr=48000 src_addr_aligned=40000
I (451) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (460) secure_boot_v2: Verifying with RSA-PSS...
I (469) secure_boot_v2: Signature verified successfully!
I (476) boot: Loaded app from partition at offset 0x20000
I (477) secure_boot_v2: enabling secure boot v2...
I (483) efuse: Batch mode of writing fields is enabled
D (488) esp_image: reading image header @ 0x1000
D (493) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
D (500) esp_image: image header: 0xe9 0x03 0x02 0x02 400806bc
I (506) esp_image: segment 0: paddr=00001020 vaddr=3fff0030 size=03344h ( 13124) 
D (514) esp_image: free data page_count 0x00000032
D (519) bootloader_flash: mmu set paddr=00000000 count=1 size=3344 src_addr=1020 src_addr_aligned=0
D (533) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (535) esp_image: segment 1: paddr=0000436c vaddr=40078000 size=05088h ( 20616) 
D (543) esp_image: free data page_count 0x00000032
D (548) bootloader_flash: mmu set paddr=00000000 count=1 size=5088 src_addr=436c src_addr_aligned=0
D (564) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (565) esp_image: segment 2: paddr=000093fc vaddr=40080400 size=01008h (  4104) 
D (572) esp_image: free data page_count 0x00000032
D (577) bootloader_flash: mmu set paddr=00000000 count=1 size=1008 src_addr=93fc src_addr_aligned=0
D (587) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (593) esp_image: Verifying image signature...
D (598) bootloader_flash: mmu set paddr=00000000 count=1 size=20 src_addr=a410 src_addr_aligned=0
D (607) bootloader_flash: mmu set paddr=00000000 count=1 size=bd0 src_addr=a430 src_addr_aligned=0
D (617) boot: Calculated secure boot hash: d42dc39ae60e4499ac0df89ced8422c63364c1be55dfd935a665eb9d848d590d
D (626) bootloader_flash: mmu set paddr=00000000 count=1 size=1000 src_addr=b000 src_addr_aligned=0
I (635) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (644) secure_boot_v2: Verifying with RSA-PSS...
Sig block 0 invalid: Image digest does not match
E (654) secure_boot_v2: Secure Boot V2 verification failed.
E (660) esp_image: Secure boot signature verification failed
I (666) esp_image: Calculating simple hash to check for corruption...
D (673) bootloader_flash: mmu set paddr=00000000 count=1 size=9410 src_addr=1000 src_addr_aligned=0
D (693) boot: Calculated hash: 42c573dd03657e447d933e37e6ca624801ad419e04b3d1b84727781e4bb63b48
E (693) esp_image: Image hash failed - image is corrupt
D (697) boot: Expected hash: 5061a4f33cde30dcac287b5a70799169fe8adbc860bed3ce2356a63554825d60
W (706) esp_image: image corrupted on flash
E (711) secure_boot_v2: bootloader image appears invalid! error 8194
E (718) boot: Secure Boot v2 failed (8194)
E (722) boot: Factory app partition is not bootable
D (728) boot: Can't boot from zero-length partition
E (733) boot: No bootable app partitions in the partition table
ets Jul 29 2019 12:21:46
The fuses have not been programmed and are as follow :

Code: Select all

espefuse.py -p /dev/dut summmary
Connecting....
Detecting chip type... ESP32
espefuse.py v3.1-dev
EFUSE_NAME (Block)                       Description  = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0):              BLOCK3 partially served for ADC calibration data   = False R/W (0b0)
ADC_VREF (BLOCK0):                       Voltage reference calibration                      = 1114 R/W (0b00010)

Config fuses:
XPD_SDIO_FORCE (BLOCK0):                 Ignore MTDI pin (GPIO12) for VDD_SDIO on reset     = False R/W (0b0)
XPD_SDIO_REG (BLOCK0):                   If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset    = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0):                  If XPD_SDIO_FORCE & XPD_SDIO_REG                   = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0):                     8MHz clock freq override                           = 50 R/W (0x32)
SPI_PAD_CONFIG_CLK (BLOCK0):             Override SD_CLK pad (GPIO6/SPICLK)                 = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0):               Override SD_DATA_0 pad (GPIO7/SPIQ)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0):               Override SD_DATA_1 pad (GPIO8/SPID)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0):              Override SD_DATA_2 pad (GPIO9/SPIHD)               = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0):             Override SD_CMD pad (GPIO11/SPICS0)                = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0):              Disable SDIO host                                  = False R/W (0b0)

Efuse fuses:
WR_DIS (BLOCK0):                         Efuse write disable mask                           = 0 R/W (0x0000)
RD_DIS (BLOCK0):                         Efuse read disable mask                            = 0 R/W (0x0)
CODING_SCHEME (BLOCK0):                  Efuse variable block length scheme                
   = NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0):                     Usage of efuse block 3 (reserved)                  = False R/W (0b0)

Identity fuses:
MAC (BLOCK0):                            Factory MAC Address                               
   = 24:0a:c4:e1:28:c0 (CRC 0xf1 OK) R/W 
MAC_CRC (BLOCK0):                        CRC8 for factory MAC address                       = 241 R/W (0xf1)
CHIP_VER_REV1 (BLOCK0):                  Silicon Revision 1                                 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0):                  Silicon Revision 2                                 = True R/W (0b1)
CHIP_VERSION (BLOCK0):                   Reserved for future chip versions                  = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0):                   Chip package identifier                            = 1 R/W (0b001)
MAC_VERSION (BLOCK3):                    Version of the MAC field                           = 0 R/W (0x00)

Security fuses:
FLASH_CRYPT_CNT (BLOCK0):                Flash encryption mode counter                      = 0 R/W (0b0000000)
UART_DOWNLOAD_DIS (BLOCK0):              Disable UART download mode (ESP32 rev3 only)       = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0):             Flash encryption config (key tweak bits)           = 0 R/W (0x0)
CONSOLE_DEBUG_DISABLE (BLOCK0):          Disable ROM BASIC interpreter fallback             = True R/W (0b1)
ABS_DONE_0 (BLOCK0):                     Secure boot V1 is enabled for bootloader image     = False R/W (0b0)
ABS_DONE_1 (BLOCK0):                     Secure boot V2 is enabled for bootloader image     = False R/W (0b0)
JTAG_DISABLE (BLOCK0):                   Disable JTAG                                       = False R/W (0b0)
DISABLE_DL_ENCRYPT (BLOCK0):             Disable flash encryption in UART bootloader        = False R/W (0b0)
DISABLE_DL_DECRYPT (BLOCK0):             Disable flash decryption in UART bootloader        = False R/W (0b0)
DISABLE_DL_CACHE (BLOCK0):               Disable flash cache in UART bootloader             = False R/W (0b0)
BLOCK1 (BLOCK1):                         Flash encryption key                              
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W 
BLOCK2 (BLOCK2):                         Secure boot key                                   
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W 
BLOCK3 (BLOCK3):                         Variable Block 3                                  
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W 

Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).
The changes I did in the config below: (also changed the partition offset to 0xE000):

Code: Select all

#
# Security features
#
CONFIG_SECURE_SIGNED_ON_BOOT=y
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y
CONFIG_SECURE_BOOT=y
# CONFIG_SECURE_BOOT_V1_ENABLED is not set
CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOT_SIGNING_KEY="my_secure_boot_signing_key.pem"
CONFIG_SECURE_BOOT_INSECURE=y
# CONFIG_SECURE_FLASH_ENC_ENABLED is not set

#
# Potentially insecure options
#
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_BOOT_ALLOW_SHORT_APP_PARTITION=y
CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS=y
# end of Potentially insecure options

# CONFIG_SECURE_DISABLE_ROM_DL_MODE is not set
CONFIG_SECURE_INSECURE_ALLOW_DL_MODE=y
# end of Security features

regiskiwi
Posts: 4
Joined: Tue Jul 27, 2021 9:47 pm

Re: Issue with Secure Boot V2 : Sig block 0 invalid

Postby regiskiwi » Fri Jul 30, 2021 2:42 am

Just a quick update. If I enable Flash encryption, it works. Is it a requirement to enable SB2 & Flash encryption at the same time?

Konstantin
Posts: 14
Joined: Tue Feb 05, 2019 7:31 am

Re: Issue with Secure Boot V2 : Sig block 0 invalid

Postby Konstantin » Fri Jul 30, 2021 9:02 am

Hi regiskiwi!

It is hard to say what it is. I think.. it looks like the bootloader was corrupted. Th size of bootloader = 13124+20616+4104 = 0x93D4 + 0x1000 (offset) = 0xA93D4 => round up 0xB000 => + signature block => 0xC000. Your partition offet is 0xE000 (looks good).

Code: Select all

verifying bootloader:
D (617) boot: Calculated secure boot hash: d42dc39ae60e4499ac0df89ced8422c63364c1be55dfd935a665eb9d848d590d
...
I (644) secure_boot_v2: Verifying with RSA-PSS...
Sig block 0 invalid: Image digest does not match
E (654) secure_boot_v2: Secure Boot V2 verification failed.
E (660) esp_image: Secure boot signature verification failed
I (666) esp_image: Calculating simple hash to check for corruption...
D (673) bootloader_flash: mmu set paddr=00000000 count=1 size=9410 src_addr=1000 src_addr_aligned=0
D (693) boot: Calculated hash: 42c573dd03657e447d933e37e6ca624801ad419e04b3d1b84727781e4bb63b48
E (693) esp_image: Image hash failed - image is corrupt
D (697) boot: Expected hash: 5061a4f33cde30dcac287b5a70799169fe8adbc860bed3ce2356a63554825d60
W (706) esp_image: image corrupted on flash
E (711) secure_boot_v2: bootloader image appears invalid! error 8194
You can try to check hashes with this cmd what is correct:
esptool.py -c esp32 image_info bootloader.bin
And check that signature blocks are appended correctly:
espsecure.py signature_info_v2

Or you can try to readout the bootloader and check with:
esptool.py read_flash readout_bootloader.bin.
esptool.py -c esp32 image_info readout_bootloader.bin
espsecure.py signature_info_v2

regiskiwi
Posts: 4
Joined: Tue Jul 27, 2021 9:47 pm

Re: Issue with Secure Boot V2 : Sig block 0 invalid

Postby regiskiwi » Mon Aug 02, 2021 12:09 am

thanks Konstantin,

It must have been a corruption of the bootlodader but I can not check this as I have done more work on that unit now.
However, I still have an issue when trying to enable SB2 without encryption Using idf4.2 and my real project.
the first boot worked fine and it booted the app normally but subsequent reboots fail with

First boot:

Code: Select all

I (651) esp_image: Verifying image signature...
I (652) secure_boot: Secure Boot eFuse bit(ABS_DONE_1) not yet programmed!!@.
I (658) secure_boot: Verifying with RSA-PSS...
I (682) boot: Loaded app from partition at offset 0x50000
I (697) boot: Set actual ota_seq=1 in otadata[0]
I (697) secure_boot_v2: enabling secure boot v2...
I (697) esp_image: segment 0: paddr=0x00001020 vaddr=0x3fff0030 size=0x0001c (    28) 
I (705) esp_image: segment 1: paddr=0x00001044 vaddr=0x3fff004c size=0x02810 ( 10256) 
I (717) esp_image: segment 2: paddr=0x0000385c vaddr=0x40078000 size=0x043e8 ( 17384) 
I (729) esp_image: segment 3: paddr=0x00007c4c vaddr=0x40080400 size=0x011d8 (  4568) 
0x40080400: _init at ??:?

I (732) esp_image: Verifying image signature...
I (736) secure_boot: Secure Boot eFuse bit(ABS_DONE_1) not yet programmed!!@.
I (744) secure_boot: Verifying with RSA-PSS...
I (763) secure_boot_v2: reading signature block
I (763) secure_boot_v2: valid signature block found
I (768) secure_boot_v2: Burning public key hash to efuse.
I (768) secure_boot_v2: EFUSE_BLKx_WDATA0_REG = 0x8186dd12
I (774) secure_boot_v2: EFUSE_BLKx_WDATA1_REG = 0x88378686
I (780) secure_boot_v2: EFUSE_BLKx_WDATA2_REG = 0x5bb08cf3
I (787) secure_boot_v2: EFUSE_BLKx_WDATA3_REG = 0x85c08091
I (793) secure_boot_v2: EFUSE_BLKx_WDATA4_REG = 0x7c2bcd34
I (799) secure_boot_v2: EFUSE_BLKx_WDATA5_REG = 0xe8ef19a7
I (805) secure_boot_v2: EFUSE_BLKx_WDATA6_REG = 0xbcd7dfb5
I (811) secure_boot_v2: EFUSE_BLKx_WDATA7_REG = 0x6a00f181
I (817) secure_boot_v2: Write protecting public key digest...
I (1151) secure_boot_v2: reading signature block
I (1151) secure_boot_v2: valid signature block found
I (1156) secure_boot_v2: blowing secure boot efuse...
I (1156) secure_boot_v2: before updating, EFUSE_BLK0_RDATA6 4
W (1162) secure_boot_v2: Not disabling JTAG - SECURITY COMPROMISED
W (1169) secure_boot_v2: Not disabling ROM BASIC fallback - SECURITY COMPROMISED
W (1177) secure_boot_v2: Allowing read disabling of additional efuses - SECURITY COMPROMISED
I (1198) secure_boot_v2: after updating, EFUSE_BLK0_RDATA0 0x00000100 EFUSE_BLK0_RDATA6 0x00000024
I (1198) secure_boot_v2: secure boot v2 is now enabled.
I (1204) boot: Disabling RNG early entropy source...
I (1210) cpu_start: Pro cpu up.
second reboot:

Code: Select all

secure boot v2 enabled
Sig block 0 signed with untrusted key
secure boot verification failed


checking the BLbk2 is programmed with the incorrect key (all zeros...). I can not update this anymore (burned)

Code: Select all

espefuse.py -p /dev/dut summaryConnecting......
Detecting chip type... ESP32
espefuse.py v3.0
EFUSE_NAME (Block)                       Description  = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0):              BLOCK3 partially served for ADC calibration data   = False R/W (0b0)
ADC_VREF (BLOCK0):                       Voltage reference calibration                      = 1114 R/W (0b00010)

Config fuses:
XPD_SDIO_FORCE (BLOCK0):                 Ignore MTDI pin (GPIO12) for VDD_SDIO on reset     = False R/W (0b0)
XPD_SDIO_REG (BLOCK0):                   If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset    = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0):                  If XPD_SDIO_FORCE & XPD_SDIO_REG                   = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0):                     8MHz clock freq override                           = 49 R/W (0x31)
SPI_PAD_CONFIG_CLK (BLOCK0):             Override SD_CLK pad (GPIO6/SPICLK)                 = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0):               Override SD_DATA_0 pad (GPIO7/SPIQ)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0):               Override SD_DATA_1 pad (GPIO8/SPID)                = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0):              Override SD_DATA_2 pad (GPIO9/SPIHD)               = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0):             Override SD_CMD pad (GPIO11/SPICS0)                = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0):              Disable SDIO host                                  = False R/W (0b0)

Efuse fuses:
WR_DIS (BLOCK0):                         Efuse write disable mask                           = 256 R/W (0x0100)
RD_DIS (BLOCK0):                         Efuse read disable mask                            = 0 R/W (0x0)
CODING_SCHEME (BLOCK0):                  Efuse variable block length scheme                
   = NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0):                     Usage of efuse block 3 (reserved)                  = False R/W (0b0)

Identity fuses:
MAC (BLOCK0):                            Factory MAC Address                               
   = 10:52:1c:86:9e:d8 (CRC 0x5e OK) R/W 
MAC_CRC (BLOCK0):                        CRC8 for factory MAC address                       = 94 R/W (0x5e)
CHIP_VER_REV1 (BLOCK0):                  Silicon Revision 1                                 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0):                  Silicon Revision 2                                 = True R/W (0b1)
CHIP_VERSION (BLOCK0):                   Reserved for future chip versions                  = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0):                   Chip package identifier                            = 1 R/W (0b001)
MAC_VERSION (BLOCK3):                    Version of the MAC field                           = 0 R/W (0x00)

Security fuses:
FLASH_CRYPT_CNT (BLOCK0):                Flash encryption mode counter                      = 0 R/W (0b0000000)
UART_DOWNLOAD_DIS (BLOCK0):              Disable UART download mode (ESP32 rev3 only)       = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0):             Flash encryption config (key tweak bits)           = 0 R/W (0x0)
CONSOLE_DEBUG_DISABLE (BLOCK0):          Disable ROM BASIC interpreter fallback             = True R/W (0b1)
ABS_DONE_0 (BLOCK0):                     Secure boot V1 is enabled for bootloader image     = False R/W (0b0)
ABS_DONE_1 (BLOCK0):                     Secure boot V2 is enabled for bootloader image     = True R/W (0b1)
JTAG_DISABLE (BLOCK0):                   Disable JTAG                                       = False R/W (0b0)
DISABLE_DL_ENCRYPT (BLOCK0):             Disable flash encryption in UART bootloader        = False R/W (0b0)
DISABLE_DL_DECRYPT (BLOCK0):             Disable flash decryption in UART bootloader        = False R/W (0b0)
DISABLE_DL_CACHE (BLOCK0):               Disable flash cache in UART bootloader             = False R/W (0b0)
BLOCK1 (BLOCK1):                         Flash encryption key                              
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W 
BLOCK2 (BLOCK2):                         Secure boot key                                   
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/- 
BLOCK3 (BLOCK3):                         Variable Block 3                                  
   = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W 

the app / bootloader readout seem to be all fine.

Code: Select all

espsecure.py signature_info_v2 readout_app.bin 
espsecure.py v3.0
Signature block 0 is valid. 
Public key digest for block 0: 12 dd 86 81 86 86 37 88 f3 8c b0 5b 91 80 c0 85 34 cd 2b 7c a7 19 ef e8 b5 df d7 bc 81 f1 00 6a
Signature block 1 absent/invalid. Skipping checking next blocks.

espsecure.py signature_info_v2 readout_bootloader.bin 
espsecure.py v3.0
Signature block 0 is valid. 
Public key digest for block 0: 12 dd 86 81 86 86 37 88 f3 8c b0 5b 91 80 c0 85 34 cd 2b 7c a7 19 ef e8 b5 df d7 bc 81 f1 00 6a
Signature block 1 absent/invalid. Skipping checking next blocks.

Konstantin
Posts: 14
Joined: Tue Feb 05, 2019 7:31 am

Re: Issue with Secure Boot V2 : Sig block 0 invalid

Postby Konstantin » Tue Aug 03, 2021 5:44 pm

Hi regiskiwi!
I have checked the branch that you used ESP-IDF v4.3-274-g75940e9364 in the first msg and I successfully run the Secure Boot V2 on esp32 eco3 (the first and the next boots are ok).

As I understand last your msg with the ESP-IDF v4.2 (you did not provide what exact version). I think that the version that you use has the known issue which was fixed, see https://github.com/espressif/esp-idf/issues/6886 (commit 4200af3e26bb736d8b168f11490fde8091eb1582). If so please update the branch.

>Is it a requirement to enable SB2 & Flash encryption at the same time?
No, you should be able to run: SB, FE, and SB + FE.

regiskiwi
Posts: 4
Joined: Tue Jul 27, 2021 9:47 pm

Re: Issue with Secure Boot V2 : Sig block 0 invalid

Postby regiskiwi » Wed Aug 04, 2021 10:36 pm

Thanks a lot for checking this. I am moving my project to v4.3 and will retest shortly .

Who is online

Users browsing this forum: Baidu [Spider] and 172 guests