Search found 190 matches

by ESP_Mahavir
Fri May 31, 2024 4:57 am
Forum: ESP-IDF
Topic: Esp32S3 : Flash Encryption Question.
Replies: 3
Views: 2370

Re: Esp32S3 : Flash Encryption Question.

Hello, 1) In development mode, is it possible to reflash non-encrypted firmware in the flash ? If the answer is yes, does it mean that : A) The Esp32S3 can automatically use the key stored in the eFuses (Because it has been put inside the 1st time) and encrypt the FW when flashing (In the UART bootl...
by ESP_Mahavir
Tue May 14, 2024 5:54 am
Forum: ESP-IDF
Topic: Invalid magic byte on secure boot with custom partition table offset
Replies: 4
Views: 1685

Re: Invalid magic byte on secure boot with custom partition table offset

The error here points to no legit application binary on the flash. Can you please confirm that you are flashing application binary at either factory/ota_0/ota_1 partition offset?
by ESP_Mahavir
Wed Feb 14, 2024 9:30 am
Forum: ESP-IDF
Topic: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
Replies: 17
Views: 20599

Re: IDF v4.4 ESP32 secure boot and flash encryption step-by-step

1.- I imagine that this manual will be valid for any recent version of IDF, I am working with version 5.1.2.??? I ask because it is in the master branch and does not appear in the documentation of the version I use. Yes, the host based security workflow document should apply to ESP-IDF 5.1.2 releas...
by ESP_Mahavir
Wed Feb 14, 2024 8:38 am
Forum: ESP-IDF
Topic: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
Replies: 6
Views: 3416

Re: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader

Neither of the two chips that I have blocked trying to activate flash encryption and secure boot v2 allow me to connect with espefuse.py Sorry to hear that. This also confirms that UART DL mode is disabled on these chips. For future experiments, please keep `CONFIG_SECURE_INSECURE_ALLOW_DL_MODE` en...
by ESP_Mahavir
Tue Feb 13, 2024 9:21 am
Forum: ESP-IDF
Topic: IDF v4.4 ESP32 secure boot and flash encryption step-by-step
Replies: 17
Views: 20599

Re: IDF v4.4 ESP32 secure boot and flash encryption step-by-step

Hello, Sorry for the delayed reply! In the instructions you shared, I was unable to see a command to flash the bootloader image. Please note that for secure boot enabled case, the default `idf.py flash` won't flash the bootloader on the device. If you could share more information about the eFuse sum...
by ESP_Mahavir
Mon Feb 12, 2024 9:29 am
Forum: ESP-IDF
Topic: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader
Replies: 6
Views: 3416

Re: Esp32 blocked: Flash encryption eFuse bit was not enabled in bootloader

E (273) flash_encrypt: Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on This error indicates that the flash encryption is not yet enabled on this device. Maybe the device was power cycled interim the bootloader was enabling the flash encryption work...
by ESP_Mahavir
Mon Dec 18, 2023 5:22 am
Forum: ESP-IDF
Topic: Cannot disable flash encrytion after enabled it on development mode
Replies: 3
Views: 13631

Re: Cannot disable flash encrytion after enabled it on development mode

Please use the command specified in the docs section here https://docs.espressif.com/projects/esp ... encryption. This will correctly program the `FLASH_CRYPT_CNT` value to disable the flash encryption.
by ESP_Mahavir
Sun Dec 10, 2023 6:37 am
Forum: ESP-IDF
Topic: Correct sequence to apply encrypted flash and secure boot v2
Replies: 6
Views: 16517

Re: Correct sequence to apply encrypted flash and secure boot v2

... and what did you set menuconfig "Secure boot private signing key" to? The path to the file containing the private key. Please go through this guide https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v2.html#how-to-enable-secure-boot-v2 which gives a step-by-step gu...
by ESP_Mahavir
Thu Dec 07, 2023 5:21 am
Forum: ESP-IDF
Topic: Secure Boot - change public key?
Replies: 5
Views: 5672

Re: Secure Boot - change public key?

Just to add that, some of our recent chips like ESP32-C3, ESP32-S3 do support multiple signing keys in secure boot v2 scheme. Key revocation guide for ESP32-C3 can be found here: https://docs.espressif.com/projects/esp-idf/en/latest/esp32c3/security/secure-boot-v2.html#key-revocation Unfortunately, ...
by ESP_Mahavir
Tue Dec 05, 2023 8:50 am
Forum: ESP-IDF
Topic: Correct sequence to apply encrypted flash and secure boot v2
Replies: 6
Views: 16517

Re: Correct sequence to apply encrypted flash and secure boot v2

Please refer to the guide https://docs.espressif.com/projects/esp ... externally, it should help starting from the key generation to enabling secure boot externally.