Hello, I wanted to know if anyone has experience in enabling NVS encryption through an OTA.
The tests I conducted involved OTA installation of a firmware that, upon startup, would update the bootloader (enabling secure boot and flash encryption) and the partition table by adding the nvs_key record after the partitions already specified in the old partition table (using some unused flash space). I am satisfied with the bootloader update results, and the activation of flash encryption and secure boot seems to work well. However, with the addition of the nvs_key in the partition table, it appears that the old information saved in NVS is no longer present.
So, my question is: by enabling NVS encryption, are the previously saved plaintext data in NVS no longer accessible?
NVS encryption activation with an OTA
-
ESP_rrtandler
- Posts: 22
- Joined: Wed May 31, 2023 6:54 pm
Re: NVS encryption activation with an OTA
Hi lodogg,
If you want to achieve "encrypt in place" you would have to copy the data elsewhere, re-initialize the partition, and rewrite all the data.
Regards
If you want to achieve "encrypt in place" you would have to copy the data elsewhere, re-initialize the partition, and rewrite all the data.
Regards
Who is online
Users browsing this forum: No registered users and 203 guests