Issue with Secure Boot V2 : Sig block 0 invalid
Posted: Tue Jul 27, 2021 10:04 pm
I am having an issue at enabling Secure Boot V2 on my ESP32-D0WD-V3 chip. I am using IDF v4.3 and the hello world project where I just enabled secure boot v2 (but not encryption). I have verified that both the app and the bootloader binaries have been signed. I tried with idf v4.2 as well but with no more luck. Can you please let me know what I do wrong?
The fuses have not been programmed and are as follow :
The changes I did in the config below: (also changed the partition offset to 0xE000):
Code: Select all
I (53) boot: ESP-IDF v4.3-274-g75940e9364-dirty 2nd stage bootloader
I (53) boot: compile time 17:28:28
D (53) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (61) boot: chip revision: 3
D (65) boot.esp32: magic e9
D (68) boot.esp32: segments 03
D (71) boot.esp32: spi_mode 02
D (74) boot.esp32: spi_speed 00
D (77) boot.esp32: spi_size 02
I (80) boot.esp32: SPI Speed : 40MHz
I (85) boot.esp32: SPI Mode : DIO
I (89) boot.esp32: SPI Flash Size : 4MB
D (94) boot: Enabling RTCWDT(9000 ms)
I (98) boot: Enabling RNG early entropy source...
D (103) bootloader_flash: mmu set paddr=00000000 count=1 size=c00 src_addr=e000 src_addr_aligned=0
D (112) boot: mapped partition table 0xe000 at 0x3f40e000
D (118) flash_parts: partition table verified, 4 entries
I (123) boot: Partition Table:
I (127) boot: ## Label Usage Type ST Offset Length
D (134) boot: load partition table entry 0x3f40e000
D (139) boot: type=1 subtype=2
I (142) boot: 0 nvs WiFi data 01 02 0000f000 00006000
D (150) boot: load partition table entry 0x3f40e020
D (155) boot: type=1 subtype=1
I (158) boot: 1 phy_init RF data 01 01 00015000 00001000
D (165) boot: load partition table entry 0x3f40e040
D (170) boot: type=0 subtype=0
I (173) boot: 2 factory factory app 00 00 00020000 00100000
I (181) boot: End of partition table
D (185) boot: Trying partition index -1 offs 0x20000 size 0x100000
D (191) esp_image: reading image header @ 0x20000
D (196) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
D (203) esp_image: image header: 0xe9 0x06 0x02 0x01 40081078
I (209) esp_image: segment 0: paddr=00020020 vaddr=3f400020 size=068cch ( 26828) map
D (217) esp_image: free data page_count 0x00000032
D (222) bootloader_flash: mmu set paddr=00020000 count=1 size=68cc src_addr=20020 src_addr_aligned=20000
D (242) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
I (242) esp_image: segment 1: paddr=000268f4 vaddr=3ffb0000 size=028ech ( 10476) load
D (247) esp_image: free data page_count 0x00000032
D (252) bootloader_flash: mmu set paddr=00020000 count=1 size=28ec src_addr=268f4 src_addr_aligned=20000
D (266) bootloader_flash: mmu set block paddr=0x00020000 (was 0xffffffff)
I (268) esp_image: segment 2: paddr=000291e8 vaddr=40080000 size=06e30h ( 28208) load
D (277) esp_image: free data page_count 0x00000032
D (282) bootloader_flash: mmu set paddr=00020000 count=2 size=6e30 src_addr=291e8 src_addr_aligned=20000
D (303) bootloader_flash: mmu set block paddr=0x00030000 (was 0xffffffff)
I (303) esp_image: segment 3: paddr=00030020 vaddr=400d0020 size=13920h ( 80160) map
D (309) esp_image: free data page_count 0x00000032
D (314) bootloader_flash: mmu set paddr=00030000 count=2 size=13920 src_addr=30020 src_addr_aligned=30000
D (352) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (352) esp_image: segment 4: paddr=00043948 vaddr=40086e30 size=03bd0h ( 15312) load
D (356) esp_image: free data page_count 0x00000032
D (361) bootloader_flash: mmu set paddr=00040000 count=1 size=3bd0 src_addr=43948 src_addr_aligned=40000
D (377) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (378) esp_image: segment 5: paddr=00047520 vaddr=50000000 size=00010h ( 16) load
D (386) esp_image: free data page_count 0x00000032
D (391) bootloader_flash: mmu set paddr=00040000 count=1 size=10 src_addr=47520 src_addr_aligned=40000
D (400) bootloader_flash: mmu set block paddr=0x00040000 (was 0xffffffff)
I (407) esp_image: Verifying image signature...
D (412) bootloader_flash: mmu set paddr=00040000 count=1 size=20 src_addr=47540 src_addr_aligned=40000
D (422) bootloader_flash: mmu set paddr=00040000 count=1 size=aa0 src_addr=47560 src_addr_aligned=40000
D (432) boot: Calculated secure boot hash: e13ccd5467b63e0735a974ebad0eaa641112a69f7a6b9c04eea6d216e57af54e
D (441) bootloader_flash: mmu set paddr=00040000 count=1 size=1000 src_addr=48000 src_addr_aligned=40000
I (451) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (460) secure_boot_v2: Verifying with RSA-PSS...
I (469) secure_boot_v2: Signature verified successfully!
I (476) boot: Loaded app from partition at offset 0x20000
I (477) secure_boot_v2: enabling secure boot v2...
I (483) efuse: Batch mode of writing fields is enabled
D (488) esp_image: reading image header @ 0x1000
D (493) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
D (500) esp_image: image header: 0xe9 0x03 0x02 0x02 400806bc
I (506) esp_image: segment 0: paddr=00001020 vaddr=3fff0030 size=03344h ( 13124)
D (514) esp_image: free data page_count 0x00000032
D (519) bootloader_flash: mmu set paddr=00000000 count=1 size=3344 src_addr=1020 src_addr_aligned=0
D (533) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (535) esp_image: segment 1: paddr=0000436c vaddr=40078000 size=05088h ( 20616)
D (543) esp_image: free data page_count 0x00000032
D (548) bootloader_flash: mmu set paddr=00000000 count=1 size=5088 src_addr=436c src_addr_aligned=0
D (564) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (565) esp_image: segment 2: paddr=000093fc vaddr=40080400 size=01008h ( 4104)
D (572) esp_image: free data page_count 0x00000032
D (577) bootloader_flash: mmu set paddr=00000000 count=1 size=1008 src_addr=93fc src_addr_aligned=0
D (587) bootloader_flash: mmu set block paddr=0x00000000 (was 0xffffffff)
I (593) esp_image: Verifying image signature...
D (598) bootloader_flash: mmu set paddr=00000000 count=1 size=20 src_addr=a410 src_addr_aligned=0
D (607) bootloader_flash: mmu set paddr=00000000 count=1 size=bd0 src_addr=a430 src_addr_aligned=0
D (617) boot: Calculated secure boot hash: d42dc39ae60e4499ac0df89ced8422c63364c1be55dfd935a665eb9d848d590d
D (626) bootloader_flash: mmu set paddr=00000000 count=1 size=1000 src_addr=b000 src_addr_aligned=0
I (635) secure_boot_v2: Secure boot V2 is not enabled yet and eFuse digest keys are not set
I (644) secure_boot_v2: Verifying with RSA-PSS...
Sig block 0 invalid: Image digest does not match
E (654) secure_boot_v2: Secure Boot V2 verification failed.
E (660) esp_image: Secure boot signature verification failed
I (666) esp_image: Calculating simple hash to check for corruption...
D (673) bootloader_flash: mmu set paddr=00000000 count=1 size=9410 src_addr=1000 src_addr_aligned=0
D (693) boot: Calculated hash: 42c573dd03657e447d933e37e6ca624801ad419e04b3d1b84727781e4bb63b48
E (693) esp_image: Image hash failed - image is corrupt
D (697) boot: Expected hash: 5061a4f33cde30dcac287b5a70799169fe8adbc860bed3ce2356a63554825d60
W (706) esp_image: image corrupted on flash
E (711) secure_boot_v2: bootloader image appears invalid! error 8194
E (718) boot: Secure Boot v2 failed (8194)
E (722) boot: Factory app partition is not bootable
D (728) boot: Can't boot from zero-length partition
E (733) boot: No bootable app partitions in the partition table
ets Jul 29 2019 12:21:46
Code: Select all
espefuse.py -p /dev/dut summmary
Connecting....
Detecting chip type... ESP32
espefuse.py v3.1-dev
EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0): BLOCK3 partially served for ADC calibration data = False R/W (0b0)
ADC_VREF (BLOCK0): Voltage reference calibration = 1114 R/W (0b00010)
Config fuses:
XPD_SDIO_FORCE (BLOCK0): Ignore MTDI pin (GPIO12) for VDD_SDIO on reset = False R/W (0b0)
XPD_SDIO_REG (BLOCK0): If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0): If XPD_SDIO_FORCE & XPD_SDIO_REG = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0): 8MHz clock freq override = 50 R/W (0x32)
SPI_PAD_CONFIG_CLK (BLOCK0): Override SD_CLK pad (GPIO6/SPICLK) = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0): Override SD_DATA_0 pad (GPIO7/SPIQ) = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0): Override SD_DATA_1 pad (GPIO8/SPID) = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0): Override SD_DATA_2 pad (GPIO9/SPIHD) = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0): Override SD_CMD pad (GPIO11/SPICS0) = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0): Disable SDIO host = False R/W (0b0)
Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 0 R/W (0x0000)
RD_DIS (BLOCK0): Efuse read disable mask = 0 R/W (0x0)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)
Identity fuses:
MAC (BLOCK0): Factory MAC Address
= 24:0a:c4:e1:28:c0 (CRC 0xf1 OK) R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 241 R/W (0xf1)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = True R/W (0b1)
CHIP_VERSION (BLOCK0): Reserved for future chip versions = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 1 R/W (0b001)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)
Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 0 R/W (0b0000000)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 0 R/W (0x0)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = False R/W (0b0)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = False R/W (0b0)
JTAG_DISABLE (BLOCK0): Disable JTAG = False R/W (0b0)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = False R/W (0b0)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = False R/W (0b0)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = False R/W (0b0)
BLOCK1 (BLOCK1): Flash encryption key
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
BLOCK2 (BLOCK2): Secure boot key
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).
Code: Select all
#
# Security features
#
CONFIG_SECURE_SIGNED_ON_BOOT=y
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_BOOT_SUPPORTS_RSA=y
CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y
CONFIG_SECURE_BOOT=y
# CONFIG_SECURE_BOOT_V1_ENABLED is not set
CONFIG_SECURE_BOOT_V2_ENABLED=y
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOT_SIGNING_KEY="my_secure_boot_signing_key.pem"
CONFIG_SECURE_BOOT_INSECURE=y
# CONFIG_SECURE_FLASH_ENC_ENABLED is not set
#
# Potentially insecure options
#
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_BOOT_ALLOW_SHORT_APP_PARTITION=y
CONFIG_SECURE_BOOT_V2_ALLOW_EFUSE_RD_DIS=y
# end of Potentially insecure options
# CONFIG_SECURE_DISABLE_ROM_DL_MODE is not set
CONFIG_SECURE_INSECURE_ALLOW_DL_MODE=y
# end of Security features