Design flow with SecureBoot and FlashEncryption enabled

[jas39_]

I'm having a commercial product out based on ESP32 where I have secure flash and OTA updates enabled. As volumes now grows I would like to enable the secure boot for a new generation based on idf 4.2. I would like to be able to be able regularly reflash my internal boards but keep them as close to the real product as possible. I have a fair amount of esp32 v1 chips so staying with Secure Boot V1 for now.

I'm trying to set up a design flow where:
1. Flash encryption is enabled, using a known random key in BLK1
2. Secure boot key is known and burnt in BLK2
3. Compile and flash new bootloader and app

I build with the following options in a file by setting (SDKCONFIG_DEFAULTS secure_dev) to get the bootloader and the signed binary

Code: Select all

#Secure flash and NVS
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE=y


# Enable HW Secure boot V1, Reflashable (PEM used for 256-bit BLK2 key)
# Sign binaries during build
CONFIG_SECURE_BOOT_SIGNING_KEY="private_key.pem"
CONFIG_SECURE_BOOT_VERIFICATION_KEY="public_key.pem"
CONFIG_SECURE_BOOT=y
CONFIG_SECURE_BOOT_V1_ENABLED=y
CONFIG_SECURE_SIGNED_ON_BOOT=y
CONFIG_SECURE_SIGNED_ON_UPDATE=y
CONFIG_SECURE_SIGNED_APPS=y
CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME=y
# CONFIG_SECURE_BOOTLOADER_ONE_TIME_FLASH is not set
CONFIG_SECURE_BOOTLOADER_REFLASHABLE=y
CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y
CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_256BIT=y
# CONFIG_SECURE_BOOTLOADER_KEY_ENCODING_192BIT is not set
# CONFIG_SECURE_BOOT_INSECURE is not set
CONFIG_SECURE_ENABLE_SECURE_ROM_DL_MODE=y
# end of Security features
CONFIG_SECURE_BOOT_ALLOW_JTAG=y

Then I encrypt the files by

Code: Select all

espsecure.py encrypt_flash_data --keyfile myKey --address 0x0 -o "enc/bootloader-digest.bin" build/bootloader/bootloader-reflash-digest.bin
espsecure.py encrypt_flash_data --keyfile myKey --address 0x8000 -o "enc/partition-table.bin" build/partition_table/partition-table.bin
espsecure.py encrypt_flash_data --keyfile myKey --address 0xb000 -o "enc/ota_data_initial.bin" build/ota_data_initial.bin
espsecure.py encrypt_flash_data --keyfile myKey --address 0x20000 -o "enc/myApp.bin" build/myApp.bin

And finally I flash the signed and encrypted files to my board in one go after checking that the bootloader fits in the allocated space.

Code: Select all

esptool.py -p COM3 -b 921600 --no-stub --before default_reset --after no_reset write_flash --flash_mode dio --flash_freq 40m --flash_size 4MB 
0x0 "enc/bootloader-digest.bin"
0x8000 "enc/partition-table.bin" 
0xb000 "enc/ota_data_initial.bin"	
0x20000 "enc/myApp.bin"

And then I open my terminal and get the dreaded:

Code: Select all

rst:0x10 (RTCWDT_RTC_RESET),boot:0x17 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun  8 2016 00:22:57

Any hints or pointers where this flow is broken would be greatly appreciated

[jas39_]

The above process works, at least when flashed on an un-encrypted device, letting it self-encrypt, and doing sub-sequent writes with encrypted files to the bootloader, partition table, ota and app.

[jas39_]

When taking an encrypted device and reflashing everything nvs partitions must be re-initialized:

All encrypted nvs partitions needs to be initialized so that they read 0xff after decryption. This is done by creating a file with all 0xff of the proper length, encode it using the key and address and then flash it together with all other data

[jas39_]

The reason for my initial fail must have been a failed write in step 2. Secure boot key is known and burnt in BLK2 resulting in an unknown key.