ESP32 Forum

Posted: **Sun Oct 08, 2023 9:05 pm**

We want write all eFuse bits to one and completely destroy the key stored in an eFuse block as an additional layer of protection in case of tampering. But writing anything to a Reed-Solomon-encoded block using the provided API will cause an encoding error.

At this point we are really not interested in maintaining data integrity, only filling all bits with `1`.

Is possible to ignore the encoding-checking of the key blocks and force-write the remaining bits to one?

Thank you,

Posted: **Tue Oct 10, 2023 8:23 am**

Hi @eitell!

There might be some solutions:
- an efuse block is already read-protected - Software can not read it anyway, so it is safe to keep it. If you still want to destroy data see below.
- an efuse block is write-protected - The data in this block can not be changed.
- an efuse block is not write-protected - For now we do not have an API to do it because the current efuse APIs check repeat burns into RS blocks but there is a way. You can do it like that see the snippet below. I will create a new API - esp_efuse_destroy_block().

Code: Select all

uint8_t all_once[8*4];
memset(all_once, 0xFF, sizeof(all_once));
memcpy((void *)EFUSE_PGM_DATA0_REG, (void *)all_once, sizeof(all_once));
efuse_hal_clear_program_registers();
if (esp_efuse_get_coding_scheme(num_block) == EFUSE_CODING_SCHEME_RS) {
    uint8_t block_rs[12];
    efuse_hal_rs_calculate(all_once, block_rs);
    hal_memcpy((void *)EFUSE_PGM_CHECK_VALUE0_REG, block_rs, sizeof(block_rs));
}
efuse_hal_program(num_block);

ESP32 Forum

Destroy key stored in eFuse block

Destroy key stored in eFuse block

Re: Destroy key stored in eFuse block