1.) Other than
Code: Select all
UART_DOWNLOAD_DIS = false
Code: Select all
Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 385 R/W (0x0181)
RD_DIS (BLOCK0): Efuse read disable mask = 1 R/- (0x1)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)
Identity fuses:
MAC (BLOCK0): Factory MAC Address
= b8:d6:1a:55:7f:84 (CRC 0x4a OK) R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 74 R/W (0x4a)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = True R/W (0b1)
WAFER_VERSION_MINOR (BLOCK0): WAFER VERSION MINOR = 0 R/W (0b00)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 1 R/W (0b001)
CHIP_PACKAGE_4BIT (BLOCK0): Chip package identifier #4bit = 0 R/W (0b0)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)
WAFER_VERSION_MAJOR (BLOCK0): calc WAFER VERSION MAJOR from CHIP_VER_REV1 and CH = 3 R/W (0b011)
IP_VER_REV2 and apb_ctl_date (read only)
PKG_VERSION (BLOCK0): calc Chip package = CHIP_PACKAGE_4BIT << 3 + CHIP_ = 1 R/W (0x1)
PACKAGE (read only)
Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 127 R/W (0b1111111)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = False R/W (0b0)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = True R/W (0b1)
JTAG_DISABLE (BLOCK0): Disable JTAG = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = True R/W (0b1)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = True R/W (0b1)
BLOCK1 (BLOCK1): Flash encryption key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK2 (BLOCK2): Secure boot key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? R/-
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
Flash voltage (VDD_SDIO) determined by GPIO12 on reset
Code: Select all
espefuse.py burn_key_digest key.pem
Code: Select all
espsecure.py digest_sbv2_public_key --keyfile key.pem --output digest.bin
espefuse.py burn_key secure_boot_v2 digest.bin
3.) Besides the sbv2 digest and the flash key, we issue the following burn_efuse commands, and then flash all of our encrypted binaries.
Code: Select all
'burn_efuse',
'FLASH_CRYPT_CNT', '0x7F',
'FLASH_CRYPT_CONFIG', '0xF',
'DISABLE_DL_ENCRYPT', '0x1',
'DISABLE_DL_DECRYPT', '0x1',
'DISABLE_DL_CACHE', '0x1',
'JTAG_DISABLE', '0x1'