Hello there.
I'm studying Flash Encryption and security features about ESP32 in esp-idf sdk. I would like to know if it's possible to use "make erase_flash" after enabling the encryption and all other features like secureboot, signed app images, partitions etc in order to restore the flash and flash new programs in the chip.
I'm going to find this out somewhere in near future but I would like a quick answer(Y or N) if it's possible.
Regards, Kostas.
What if Flash Encryption and Secure Boot goes wrong ??
-
- Posts: 33
- Joined: Wed Mar 28, 2018 6:58 am
Re: What if Flash Encryption and Secure Boot goes wrong ??
Hi Kostas,
Flash Encryption and Secure Boot are both enabled by burning efuses inside the ESP32 (not the flash). Efuses are write-once only, once an efuse bit is set to "1" it can't be set back to "0".
If you erase the flash of an ESP32 with flash encryption and secure boot turned on, the only way to continue to use that ESP32 is to have saved pre-generated Flash Encryption and Secure Boot keys (which match the efuse contents) and then re-flash pre-encrypted binaries with a pre-generated secure boot digest. See here:
https://docs.espressif.com/projects/esp ... bootloader
https://docs.espressif.com/projects/esp ... yption-key
(One exception: If flash encryption is used and FLASH_CRYPT_CNT value is not yet the max, you can increment by one bit to disable flash encryption again and use the chip with flash encryption off. This can only be done 3 times in total, after this you run out of efuse bits in FLASH_CRYPT_CNT. If Secure Boot is enabled then you will still need the secure boot key to generate a bootloader digest for the plaintext bootloader.)
Flash Encryption and Secure Boot are both enabled by burning efuses inside the ESP32 (not the flash). Efuses are write-once only, once an efuse bit is set to "1" it can't be set back to "0".
If you erase the flash of an ESP32 with flash encryption and secure boot turned on, the only way to continue to use that ESP32 is to have saved pre-generated Flash Encryption and Secure Boot keys (which match the efuse contents) and then re-flash pre-encrypted binaries with a pre-generated secure boot digest. See here:
https://docs.espressif.com/projects/esp ... bootloader
https://docs.espressif.com/projects/esp ... yption-key
(One exception: If flash encryption is used and FLASH_CRYPT_CNT value is not yet the max, you can increment by one bit to disable flash encryption again and use the chip with flash encryption off. This can only be done 3 times in total, after this you run out of efuse bits in FLASH_CRYPT_CNT. If Secure Boot is enabled then you will still need the secure boot key to generate a bootloader digest for the plaintext bootloader.)
-
- Posts: 33
- Joined: Wed Mar 28, 2018 6:58 am
Re: What if Flash Encryption and Secure Boot goes wrong ??
Thank you a lot Angus for the quick response. I'm going to study more these days about the topic.
Best regards, Kostas.
Best regards, Kostas.
Who is online
Users browsing this forum: dzungpv and 151 guests