Will secure boot work after upgrade esp-idf version?
Posted: Mon Jan 08, 2024 2:36 am
Hi everybody,
I am testing secureboot v1 with esp32 dev kit.
I use the blink example and enable secure boot with reflashable option.
The private key is pre-generated.
Actually, the project worked properly when I use with esp_idf version 4.4.
After that, I upgraded esp_idf version to 5.1.2
Then I test the blink example again with same private key and bootloader digest key.
I also change the partition table to support ota in future.
After that I flashed both app binary bin file and bootloader_reflash_digest bin file to the dev kit.
The result shows "secure boot check fail" message as below:
My question is that if I upgrade the esp_idf version, will the secure boot work with same private key ?
Thank you.
I am testing secureboot v1 with esp32 dev kit.
I use the blink example and enable secure boot with reflashable option.
The private key is pre-generated.
Actually, the project worked properly when I use with esp_idf version 4.4.
After that, I upgraded esp_idf version to 5.1.2
Then I test the blink example again with same private key and bootloader digest key.
I also change the partition table to support ota in future.
After that I flashed both app binary bin file and bootloader_reflash_digest bin file to the dev kit.
The result shows "secure boot check fail" message as below:
Code: Select all
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff00b8,len:7684
load:0x40078000,len:24116
load:0x40080400,len:4
0x40080400: _init at ??:?
ho 8 tail 4 room 4
load:0x40080404,len:3176
secure boot check fail
ets_main.c 371
Thank you.