Secure Boot - change public key?

[papadeltasierra]

I believe I understand the process for signing images and enabling secure boot but if the worse (inevitable!) happens and I need to change the public key on shipped devices, is there any way to do this? Many systems will permit TWO keys so that they keys can be rotated (you retire one, replace it with a new key whilst the second one keeps the system running then you replace the second key later) but I don't see ESP32 doing this so is secure boot stuck with just one key that, if compromised, means all devices become vulnerable forever?

[MicroController]

and I need to change the public key on shipped devices, is there any way to do this?

Nope.
https://docs.espressif.com/projects/esp ... v2-process :

A digest of the RSA-3072 public key is stored in the eFuse.

And the eFuses can only be written once.

[ESP_Mahavir]

Just to add that, some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme. Key revocation guide for ESP32-C3 can be found here: https://docs.espressif.com/projects/esp ... revocation

Unfortunately, ESP32 and ESP32-C2 supports only single key digest block and hence revocation is not possible there.

[papadeltasierra]

Thanks for that info - very hepful.

[CircuitGuy]

some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme.

Thanks for that link.

I'm still reading this as it's not possible to (for example) cycle keys on a regular basis via OTA updates. The three keys have to be pre-programmed at physical/JTAG programming time and the bootloader can't be updated in field. I'm reading this as it should be a "very rare" event to invalidate / cycle a key, and not something that could be done (for example) yearly. Is there any workaround or anything I'm missing?

[jgrossholtz]

I have a related question : I want to sign a firmware for an esp32-s3.

I follow the security features enablement workflow tutorial (or must)https://docs.espressif.com/projects/esp ... externally.

In the "7. Build, Sign and Flash the binaries" section in the case when there are multiple signing keys and digest flashed l it is mentioned that we can sign a firmware with multiple keys:

Code: Select all

espsecure.py sign_data --keyfile secure_boot_signing_key2.pem --version 2 --append_signatures -o bootloader-signed2.bin bootloader-signed.bin

espsecure.py sign_data --keyfile secure_boot_signing_key2.pem --version 2 --append_signatures -o my-app-signed2.bin my-app-signed.bin

But would we want to do this ?

From my understanding it would make more sense to keep the backup keys somewhere and to never use them unless we really have to.

If we flash multiple digest in the eFuses is a firmware gonna be validated if we only sign it with one key ?