Search found 21 matches
- Sun Mar 05, 2023 4:55 pm
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Thanks. All works fine!
- Thu Mar 02, 2023 8:42 pm
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Also, I have the following configuration: grep SIGN configurations/sdkconfig-latch-sim800 CONFIG_SECURE_SIGNED_ON_BOOT=y CONFIG_SECURE_SIGNED_ON_UPDATE=y CONFIG_SECURE_SIGNED_APPS=y CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y # CONFIG_SECURE_BOOT_BUILD_SIGNED_BINARIES=y # CONFIG_SECURE_BOOT_SIGNING_KEY="...
- Thu Mar 02, 2023 5:58 pm
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Build signed application, decide this application as base application. Then it is needed to have an application signed for particular device using the device's key. Make sign_data process, no errors. At the end of OTA the device can not verify the signature. Build signed application from scratch usi...
- Thu Feb 23, 2023 9:01 am
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Your utility can not resign the application binary!
- Wed Feb 22, 2023 6:06 pm
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Ah. I've found a solution. There is a bug in sign_data implementation...
- Wed Feb 22, 2023 12:27 pm
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Hmm, I did a hack: Build the application on the notebook with applying signature during build process. Run OTA with breakpoint on obtaining application. Upload the builded and signed (by notebook) application to OTA server. Begin the OTA process And the final was: D (892411) OTA: Written image lengt...
- Wed Feb 22, 2023 7:20 am
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Which tool you use to verify the image on host? espsecure.py could help you to verify the image See here You might need to reproduce the process using the host encryption key+private signing key Decrypting on the host: pipenv run python ../esp32/tmp/idf-extra-components/esp_encrypted_img/tools/esp_...
- Wed Feb 22, 2023 7:18 am
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
I use second version of SecureBoot explicitly.dmitrij999 wrote: ↑Wed Feb 22, 2023 7:14 amIf you plan to use SecureBoot v2, you need to tell espsecure.py that you use SecureBoot v2 explicitlyAs well, it might help you in case of signing imagesCode: Select all
python espsecure.py verify_signature --version 2 ...
- Wed Feb 22, 2023 7:17 am
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Hello, - Can you please share the instructions you used to sign and encrypt the firmware binary? - Can you please share the EFuse summary on the device? `espefuse.py --chip esp32 summary` Sure! Signature and its verification (works well on CICD and host): espsecure.py sign_data --version 2 --keyfil...
- Wed Feb 22, 2023 7:09 am
- Forum: ESP-IDF
- Topic: [Solved] Secure boot signature verification failed
- Replies: 16
- Views: 9944
Re: Secure boot signature verification failed
Which tool you use to verify the image on host? espsecure.py could help you to verify the image See here You might need to reproduce the process using the host encryption key+private signing key As I wrote above I use the standard tool for signature verification: - espsecure.py sign_data ../applica...