ESP32 Forum

Posted: **Wed Dec 06, 2023 4:08 pm**

I believe I understand the process for signing images and enabling secure boot but if the worse (inevitable!) happens and I need to change the public key on shipped devices, is there any way to do this? Many systems will permit TWO keys so that they keys can be rotated (you retire one, replace it with a new key whilst the second one keeps the system running then you replace the second key later) but I don't see ESP32 doing this so is secure boot stuck with just one key that, if compromised, means all devices become vulnerable forever?

Posted: **Wed Dec 06, 2023 8:11 pm**

and I need to change the public key on shipped devices, is there any way to do this?

Nope.
https://docs.espressif.com/projects/esp ... v2-process :

A digest of the RSA-3072 public key is stored in the eFuse.

And the eFuses can only be written once.

Posted: **Thu Dec 07, 2023 5:21 am**

Just to add that, some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme. Key revocation guide for ESP32-C3 can be found here: https://docs.espressif.com/projects/esp ... revocation

Unfortunately, ESP32 and ESP32-C2 supports only single key digest block and hence revocation is not possible there.

Posted: **Thu Dec 07, 2023 10:32 am**

Thanks for that info - very hepful.

Posted: **Sun Sep 08, 2024 5:10 pm**

ESP_Mahavir wrote: ↑
Thu Dec 07, 2023 5:21 am
some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme.

Thanks for that link.

I'm still reading this as it's not possible to (for example) cycle keys on a regular basis via OTA updates. The three keys have to be pre-programmed at physical/JTAG programming time and the bootloader can't be updated in field. I'm reading this as it should be a "very rare" event to invalidate / cycle a key, and not something that could be done (for example) yearly. Is there any workaround or anything I'm missing?

Posted: **Wed Nov 20, 2024 1:50 pm**

I have a related question : I want to sign a firmware for an esp32-s3.

I follow the security features enablement workflow tutorial (or must)https://docs.espressif.com/projects/esp ... externally.

In the "7. Build, Sign and Flash the binaries" section in the case when there are multiple signing keys and digest flashed l it is mentioned that we can sign a firmware with multiple keys:

Code: Select all

espsecure.py sign_data --keyfile secure_boot_signing_key2.pem --version 2 --append_signatures -o bootloader-signed2.bin bootloader-signed.bin

espsecure.py sign_data --keyfile secure_boot_signing_key2.pem --version 2 --append_signatures -o my-app-signed2.bin my-app-signed.bin

But would we want to do this ?

From my understanding it would make more sense to keep the backup keys somewhere and to never use them unless we really have to.

If we flash multiple digest in the eFuses is a firmware gonna be validated if we only sign it with one key ?

ESP32 Forum

Secure Boot - change public key?

Secure Boot - change public key?

Re: Secure Boot - change public key?

Re: Secure Boot - change public key?

Re: Secure Boot - change public key?

Re: Secure Boot - change public key?

Re: Secure Boot - change public key?