ESP32 Forum

I believe I understand the process for signing images and enabling secure boot but if the worse (inevitable!) happens and I need to change the public key on shipped devices, is there any way to do this? Many systems will permit TWO keys so that they keys can be rotated (you retire one, replace it with a new key whilst the second one keeps the system running then you replace the second key later) but I don't see ESP32 doing this so is secure boot stuck with just one key that, if compromised, means all devices become vulnerable forever?

and I need to change the public key on shipped devices, is there any way to do this?

Nope.
https://docs.espressif.com/projects/esp ... v2-process :

A digest of the RSA-3072 public key is stored in the eFuse.

And the eFuses can only be written once.

Just to add that, some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme. Key revocation guide for ESP32-C3 can be found here: https://docs.espressif.com/projects/esp ... revocation

Unfortunately, ESP32 and ESP32-C2 supports only single key digest block and hence revocation is not possible there.

Thanks for that info - very hepful.

ESP_Mahavir wrote: ↑

Thu Dec 07, 2023 5:21 am

some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme.

Thanks for that link.

I'm still reading this as it's not possible to (for example) cycle keys on a regular basis via OTA updates. The three keys have to be pre-programmed at physical/JTAG programming time and the bootloader can't be updated in field. I'm reading this as it should be a "very rare" event to invalidate / cycle a key, and not something that could be done (for example) yearly. Is there any workaround or anything I'm missing?