Search found 190 matches
- Fri May 31, 2024 4:57 am
- Forum: ESP-IDF
- Topic: Esp32S3 : Flash Encryption Question.
- Replies: 3
- Views: 2370
Re: Esp32S3 : Flash Encryption Question.
Hello, 1) In development mode, is it possible to reflash non-encrypted firmware in the flash ? If the answer is yes, does it mean that : A) The Esp32S3 can automatically use the key stored in the eFuses (Because it has been put inside the 1st time) and encrypt the FW when flashing (In the UART bootl...
- Tue May 14, 2024 5:54 am
- Forum: ESP-IDF
- Topic: Invalid magic byte on secure boot with custom partition table offset
- Replies: 4
- Views: 1685
Re: Invalid magic byte on secure boot with custom partition table offset
The error here points to no legit application binary on the flash. Can you please confirm that you are flashing application binary at either factory/ota_0/ota_1 partition offset?
- Wed Feb 14, 2024 9:30 am
- Forum: ESP-IDF
- Topic: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
- Replies: 17
- Views: 20599
Re: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
1.- I imagine that this manual will be valid for any recent version of IDF, I am working with version 5.1.2.??? I ask because it is in the master branch and does not appear in the documentation of the version I use. Yes, the host based security workflow document should apply to ESP-IDF 5.1.2 releas...
- Wed Feb 14, 2024 8:38 am
- Forum: ESP-IDF
- Topic: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
- Replies: 6
- Views: 3416
Re: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
Neither of the two chips that I have blocked trying to activate flash encryption and secure boot v2 allow me to connect with espefuse.py Sorry to hear that. This also confirms that UART DL mode is disabled on these chips. For future experiments, please keep `CONFIG_SECURE_INSECURE_ALLOW_DL_MODE` en...
- Tue Feb 13, 2024 9:21 am
- Forum: ESP-IDF
- Topic: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
- Replies: 17
- Views: 20599
Re: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
Hello, Sorry for the delayed reply! In the instructions you shared, I was unable to see a command to flash the bootloader image. Please note that for secure boot enabled case, the default `idf.py flash` won't flash the bootloader on the device. If you could share more information about the eFuse sum...
- Mon Feb 12, 2024 9:29 am
- Forum: ESP-IDF
- Topic: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
- Replies: 6
- Views: 3416
Re: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
E (273) flash_encrypt: Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on This error indicates that the flash encryption is not yet enabled on this device. Maybe the device was power cycled interim the bootloader was enabling the flash encryption work...
- Mon Dec 18, 2023 5:22 am
- Forum: ESP-IDF
- Topic: Cannot disable flash encrytion after enabled it on development mode
- Replies: 3
- Views: 13631
Re: Cannot disable flash encrytion after enabled it on development mode
Please use the command specified in the docs section here https://docs.espressif.com/projects/esp ... encryption. This will correctly program the `FLASH_CRYPT_CNT` value to disable the flash encryption.
- Sun Dec 10, 2023 6:37 am
- Forum: ESP-IDF
- Topic: Correct sequence to apply encrypted flash and secure boot v2
- Replies: 6
- Views: 16517
Re: Correct sequence to apply encrypted flash and secure boot v2
... and what did you set menuconfig "Secure boot private signing key" to? The path to the file containing the private key. Please go through this guide https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html#how-to-enable-secure-boot-v2 which gives a step-by-step gu...
- Thu Dec 07, 2023 5:21 am
- Forum: ESP-IDF
- Topic: Secure Boot - change public key?
- Replies: 5
- Views: 5672
Re: Secure Boot - change public key?
Just to add that, some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme. Key revocation guide for ESP32-C3 can be found here: https://docs.espressif.com/projects/esp-idf/en/latest/esp32c3/security/secure-boot-v2.html#key-revocation Unfortunately, ...
- Tue Dec 05, 2023 8:50 am
- Forum: ESP-IDF
- Topic: Correct sequence to apply encrypted flash and secure boot v2
- Replies: 6
- Views: 16517
Re: Correct sequence to apply encrypted flash and secure boot v2
Please refer to the guide https://docs.espressif.com/projects/esp ... externally, it should help starting from the key generation to enabling secure boot externally.