can't enable secureboot and encryption together

Post Reply
dmlee05a
Posts: 17
Joined: Thu Jul 06, 2017 4:00 pm

can't enable secureboot and encryption together

Postby dmlee05a » Sun Jun 24, 2018 8:52 pm

I've been trying to enable secureboot with flash encryption without success. Had success with each independently. I followed the programming guide, but after flashing the bootloader, then the app, I get the following on reboot:

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0018,len:4
load:0x3fff001c,len:9856
ho 0 tail 12 room 4
load:0x40078000,len:0
load:0x40078000,len:21792
csum err:0x67!=0xff
ets_main.c 371
ets Jun 8 2016 00:22:57

Where do I look to debug this? Efuses were not burned. Thanks.
Top
WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: can't enable secureboot and encryption together

Postby WiFive » Mon Jun 25, 2018 3:15 am

dmlee05a wrote:Had success with each independently. Efuses were not burned.
How? You were using separate esp32 units?
Top
ESP_Mahavir
Posts: 190
Joined: Wed Jan 24, 2018 6:51 am

Re: can't enable secureboot and encryption together

Postby ESP_Mahavir » Mon Jun 25, 2018 5:39 am

dmlee05a wrote:I've been trying to enable secureboot with flash encryption without success. Had success with each independently. I followed the programming guide, but after flashing the bootloader, then the app, I get the following on reboot:

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0018,len:4
load:0x3fff001c,len:9856
ho 0 tail 12 room 4
load:0x40078000,len:0
load:0x40078000,len:21792
csum err:0x67!=0xff
ets_main.c 371
ets Jun 8 2016 00:22:57

Where do I look to debug this? Efuses were not burned. Thanks.
It appears that 2nd stage bootloader size is bigger than its size limit of 28K (this may overflow partition table located at 0x8000). You may try to reduce verbosity of debugging message in bootloader (Bootloader config -> Bootloader log verbosity) to reduce size or can also adjust partition table offset from here https://github.com/espressif/esp-idf/bl ... jbuild#L38
Top
dmlee05a
Posts: 17
Joined: Thu Jul 06, 2017 4:00 pm

Re: can't enable secureboot and encryption together

Postby dmlee05a » Mon Jun 25, 2018 6:00 pm

Thanks ESP-MJ,
Turning off debug in the bootloader config did the trick. Really appreciate the help!
Top
dmlee05a
Posts: 17
Joined: Thu Jul 06, 2017 4:00 pm

Re: can't enable secureboot and encryption together

Postby dmlee05a » Mon Jun 25, 2018 6:03 pm

WiFIve... yes, i used different units to test encryption and secure boot independently.
Top
Post Reply

Return to “ESP-IDF”

Who is online

Users browsing this forum: No registered users and 133 guests