Hi Guys.
I’m not sure if I’m on the right track.
Once I start using flash encrypting.
Am I able to reflash my program if I’m to update it.
And would I be able to reflash a new SPIFFs image aswell ?
As I just want to protect the ESP from
Having the source code downloaded.
Am I on the right track. Or do you suggest doing something else.
Thanks In advance
Jonathan
Flash Encryption
-
- Posts: 9739
- Joined: Thu Nov 26, 2015 4:08 am
Re: Flash Encryption
Note that you can't download the source code even from an unprotected ESP32; all that's in the flash is the compiled binary of your program. (Given we're talking about an ESP-IDF or Arduino project.(
Re: Flash Encryption
can you download the compiled binary?Note that you can't download the source code even from an unprotected ESP32; all that's in the flash is the compiled binary of your program.
And run it through a decompiler tho ?
so whats the overall benefits of the flash encryption ?
-
- Posts: 9739
- Joined: Thu Nov 26, 2015 4:08 am
Re: Flash Encryption
Sure, you could, and you could run it through a 'decompiler', but that would hardly give you back the original source code. There certainly is merit to flash encryption, just wanted to correct any notion you would be able to retrieve the original sources from the flash at all.
Re: Flash Encryption
So once I use flash encryption. I can not reflash it via UART. (I can update it via OTA) is what im reading. is that correct ?
Re: Flash Encryption
or if i knew the flash key.. and generate it myself. i can upload an pre encrypted image via uart ?
just means i have to manage the keys myself (best pratice is different key for each device)
just means i have to manage the keys myself (best pratice is different key for each device)
Re: Flash Encryption
Hi lildenty,
That's correct.
In ESP-IDF V4.0 and newer we have something called "Development mode", which does allow reflashing of the binary even without knowing the key. However this setup is for debugging a firmware with flash encryption enabled, it's not suitable for production (because someone can flash a small binary that dumps the rest of the flash contents in plaintext.)
With Flash Encryption Release mode (which is the only mode before ESP-IDF V4.0), you would need a copy of the device key in order to read or write the flash - by encrypting or decrypting on the host using the key. Or you can OTA update, as noted.
Angus
That's correct.
In ESP-IDF V4.0 and newer we have something called "Development mode", which does allow reflashing of the binary even without knowing the key. However this setup is for debugging a firmware with flash encryption enabled, it's not suitable for production (because someone can flash a small binary that dumps the rest of the flash contents in plaintext.)
With Flash Encryption Release mode (which is the only mode before ESP-IDF V4.0), you would need a copy of the device key in order to read or write the flash - by encrypting or decrypting on the host using the key. Or you can OTA update, as noted.
Angus
Re: Flash Encryption
Awesome.
so overall understanding is.
So if I manage my own keys. I can reflash the esp32 as many times as i want.
as there any examples of this process kicking about you could point me to.
Thanks
Denty
so overall understanding is.
So if I manage my own keys. I can reflash the esp32 as many times as i want.
as there any examples of this process kicking about you could point me to.
Thanks
Denty
Re: Flash Encryption
Hi Denty,
Yes. We used to document this in ESP-IDF v3.x, but it was replaced when "Development mode" was introduced as that method is actually easier to do (fully integrated with the build system, so less fiddling around pre-encrypting all the binaries on the host).
You can see the steps for generating and burning a key in the v3.x docs. If you do this before first boot, the bootloader will use that key instead of generating a random one:
https://docs.espressif.com/projects/esp ... yption-key
(We've had a request to re-introduce these sections in the newer IDF docs and we plan to do that also, but it needs some restructuring first so we haven't had time yet.)
Yes. We used to document this in ESP-IDF v3.x, but it was replaced when "Development mode" was introduced as that method is actually easier to do (fully integrated with the build system, so less fiddling around pre-encrypting all the binaries on the host).
You can see the steps for generating and burning a key in the v3.x docs. If you do this before first boot, the bootloader will use that key instead of generating a random one:
https://docs.espressif.com/projects/esp ... yption-key
(We've had a request to re-introduce these sections in the newer IDF docs and we plan to do that also, but it needs some restructuring first so we haven't had time yet.)
Who is online
Users browsing this forum: Baidu [Spider] and 77 guests