Problem with Secure Boot V2 enabling
Posted: Mon Mar 08, 2021 9:21 am
Hello!
I have problems with enabling Secure Boot V2 on my ESP32-WROOM-32E module.
I am developing firmware in PlatformIO and using commandline tools fo flash and enable SB2.
[*]I have generated SB2 keys
[*]Enabled SB2 and encryption in menuconfig
[*]Compiled and signed firmware and bootloader
[*]Flashed key and binaries
When booting I get errors that application doesn't have valid signature:
[*]But I can verify on PC that bootloader and firmware bin files have valid signatures using command:
[*]And I see that block2 contains same content as I see in bin file generated by
[*]I have tried using PlatformIO tools generated bootloader and also IDF native generated bootloader and also firmware signing scripts.
[*]ESP32 had encryption enable before, but I don't think that could cause these problems.
My efuses:
Can anyone help me understanding where could be the problem?
I have problems with enabling Secure Boot V2 on my ESP32-WROOM-32E module.
I am developing firmware in PlatformIO and using commandline tools fo flash and enable SB2.
[*]I have generated SB2 keys
Code: Select all
espsecure.py generate_signing_key --version 2 sb2.pem
espsecure.py digest_rsa_public_key --keyfile sb2.pem --output sb2.bin
[*]Compiled and signed firmware and bootloader
Code: Select all
espsecure.py sign_data --version 2 --keyfile sb2.pem --output fw\firmware_sig.bin fw\firmware.bin
espsecure.py sign_data --version 2 --keyfile sb2.pem --output fw\bootloader_sig.bin fw\bootloader.bin
Code: Select all
espefuse.py --port COM5 burn_key_digest sb2.pem
esptool.py --chip esp32 --port COM5 --baud 921600 --before default_reset --after no_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x1000 fw\bootloader_sig.bin 0xC000 fw\partitions.bin 0x1D000 fw\ota_data_initial.bin 0x20000 fw\firmware_sig.bin 0x3e0000 fw\nvs_key.bin 0x3f0000 fw\mfg.bin
Code: Select all
I (644) secure_boot: Verifying with RSA-PSS...
W (653) secure_boot_v2: Using pre-loaded secure boot v2 public key digest in EFUSE block 2
I (943) secure_boot_v2: valid signature block found
E (948) secure_boot_v2: Application not signed with a valid private key.
E (948) boot: Secure Boot v2 failed (-1)
E (950) boot: Factory app partition is not bootable
E (955) esp_image: image at 0x160000 has invalid magic byte
W (962) esp_image: image at 0x160000 has invalid SPI mode 255
W (968) esp_image: image at 0x160000 has invalid SPI size 15
E (974) boot: OTA app partition slot 0 is not bootable
E (980) esp_image: image at 0x2a0000 has invalid magic byte
W (986) esp_image: image at 0x2a0000 has invalid SPI mode 255
W (993) esp_image: image at 0x2a0000 has invalid SPI size 15
E (999) boot: OTA app partition slot 1 is not bootable
E (1005) boot: No bootable app partitions in the partition table
Code: Select all
espsecure.py verify_signature --version 2 --keyfile sb2.pem fw\bootloader_sig.bin
Code: Select all
espsecure.py digest_rsa_public_key
[*]ESP32 had encryption enable before, but I don't think that could cause these problems.
My efuses:
Code: Select all
espefuse.py v3.1-dev
EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)
----------------------------------------------------------------------------------------
Calibration fuses:
BLK3_PART_RESERVE (BLOCK0): BLOCK3 partially served for ADC calibration data = False R/W (0b0)
ADC_VREF (BLOCK0): Voltage reference calibration = 1128 R/W (0b00100)
Config fuses:
XPD_SDIO_FORCE (BLOCK0): Ignore MTDI pin (GPIO12) for VDD_SDIO on reset = False R/W (0b0)
XPD_SDIO_REG (BLOCK0): If XPD_SDIO_FORCE, enable VDD_SDIO reg on reset = False R/W (0b0)
XPD_SDIO_TIEH (BLOCK0): If XPD_SDIO_FORCE & XPD_SDIO_REG = 1.8V R/W (0b0)
CLK8M_FREQ (BLOCK0): 8MHz clock freq override = 49 R/W (0x31)
SPI_PAD_CONFIG_CLK (BLOCK0): Override SD_CLK pad (GPIO6/SPICLK) = 0 R/W (0b00000)
SPI_PAD_CONFIG_Q (BLOCK0): Override SD_DATA_0 pad (GPIO7/SPIQ) = 0 R/W (0b00000)
SPI_PAD_CONFIG_D (BLOCK0): Override SD_DATA_1 pad (GPIO8/SPID) = 0 R/W (0b00000)
SPI_PAD_CONFIG_HD (BLOCK0): Override SD_DATA_2 pad (GPIO9/SPIHD) = 0 R/W (0b00000)
SPI_PAD_CONFIG_CS0 (BLOCK0): Override SD_CMD pad (GPIO11/SPICS0) = 0 R/W (0b00000)
DISABLE_SDIO_HOST (BLOCK0): Disable SDIO host = False R/W (0b0)
Efuse fuses:
WR_DIS (BLOCK0): Efuse write disable mask = 384 R/W (0x0180)
RD_DIS (BLOCK0): Efuse read disable mask = 1 R/W (0x1)
CODING_SCHEME (BLOCK0): Efuse variable block length scheme
= NONE (BLK1-3 len=256 bits) R/W (0b00)
KEY_STATUS (BLOCK0): Usage of efuse block 3 (reserved) = False R/W (0b0)
Identity fuses:
MAC (BLOCK0): Factory MAC Address
= .............. R/W
MAC_CRC (BLOCK0): CRC8 for factory MAC address = 227 R/W (0xe3)
CHIP_VER_REV1 (BLOCK0): Silicon Revision 1 = True R/W (0b1)
CHIP_VER_REV2 (BLOCK0): Silicon Revision 2 = True R/W (0b1)
CHIP_VERSION (BLOCK0): Reserved for future chip versions = 2 R/W (0b10)
CHIP_PACKAGE (BLOCK0): Chip package identifier = 1 R/W (0b001)
MAC_VERSION (BLOCK3): Version of the MAC field = 0 R/W (0x00)
Security fuses:
FLASH_CRYPT_CNT (BLOCK0): Flash encryption mode counter = 3 R/W (0b0000011)
UART_DOWNLOAD_DIS (BLOCK0): Disable UART download mode (ESP32 rev3 only) = False R/W (0b0)
FLASH_CRYPT_CONFIG (BLOCK0): Flash encryption config (key tweak bits) = 15 R/W (0xf)
CONSOLE_DEBUG_DISABLE (BLOCK0): Disable ROM BASIC interpreter fallback = True R/W (0b1)
ABS_DONE_0 (BLOCK0): Secure boot V1 is enabled for bootloader image = False R/W (0b0)
ABS_DONE_1 (BLOCK0): Secure boot V2 is enabled for bootloader image = False R/W (0b0)
JTAG_DISABLE (BLOCK0): Disable JTAG = True R/W (0b1)
DISABLE_DL_ENCRYPT (BLOCK0): Disable flash encryption in UART bootloader = False R/W (0b0)
DISABLE_DL_DECRYPT (BLOCK0): Disable flash decryption in UART bootloader = True R/W (0b1)
DISABLE_DL_CACHE (BLOCK0): Disable flash cache in UART bootloader = True R/W (0b1)
BLOCK1 (BLOCK1): Flash encryption key
= ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-
BLOCK2 (BLOCK2): Secure boot key
= 43 33 3a af d6 f7 fb 05 e2 77 85 d7 85 70 f7 36 2c 4e 34 5f fc 26 95 11 7a db 65 6d d9 cd 0d 6e R/-
BLOCK3 (BLOCK3): Variable Block 3
= 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/W
Flash voltage (VDD_SDIO) determined by GPIO12 on reset (High for 1.8V, Low/NC for 3.3V).