Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

dmitryga
Posts: 29
Joined: Sat Jan 14, 2017 8:36 pm

Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Postby dmitryga » Thu Aug 16, 2018 9:16 am

Hi everybody!

I'm using secure boot + flash encryption with custom keys burned in Efuse block1 and block2. So these keys are known to me and I can encrypt some portion of data and send it to ESP in some way (TCP/IP for example). Can I decrypt this data like system APIs using keys in Efuse?

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Postby WiFive » Thu Aug 16, 2018 10:51 am

No those keys are protected so you may as well just store another key in encrypted flash and use that.

dmitryga
Posts: 29
Joined: Sat Jan 14, 2017 8:36 pm

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Postby dmitryga » Thu Aug 16, 2018 12:48 pm

But how spi_flash_write_encrypted can encrypt data with that keys? I don't want to read key bytes, I just want to ask CPU to encrypt/decrypt something instead of flash with these keys (like bootloader or other components do).

ESP_igrr
Posts: 2071
Joined: Tue Dec 01, 2015 8:37 am

Re: Is it possible to encrypt/decrypt buffer in RAM using Efuse block1/block2 keys?

Postby ESP_igrr » Thu Aug 16, 2018 12:53 pm

In case of encryption, ciphertext is passed straight to SPI controller, bypassing the CPU.

Who is online

Users browsing this forum: No registered users and 106 guests