Page 1 of 1

Avoiding writing plain text to encrypted partitions

Posted: Tue Oct 15, 2019 8:12 pm
by kuhatovuk
Hello ! I did "secure-boot one time" + "flash encryption release mode" on ten devices today. I thought one had failed and I restarted the operation. But maybe it was fine already. So I think I overwrote the valid encrypted bootloader with a plain-text bootloader and bricked it. Is there a command option or simple check to avoid overwriting a secure/encrypted partition with plain text ? Thank you !

Re: Avoiding writing plain text to encrypted partitions

Posted: Wed Oct 16, 2019 3:18 am
by ESP_Angus
Hi kuhatovuk ,

Unfortunately the only precaution we have is that "make flash" & "idf.py flash" won't automatically write the bootloader if secure boot is enabled.

If you can check the output of "espefuse.py -p PORT summary" then you can see which feature(s) are already enabled.

I will see if we can add some additional checks to esptool.py to require a flag to write if security features are already enabled.


angus

Re: Avoiding writing plain text to encrypted partitions

Posted: Mon Oct 21, 2019 9:15 pm
by kuhatovuk
Hello, thank you for the answer. I had a similar issue today. Did the usual :

burn eFuse SDIO 3.3V
burn eFuse BLK3, write protect it
make -j4 erase_flash
make -j4
make -j4 bootloader
command to flash bootloader
make -j4 flash monitor

And it started well. Then it said some byte at ota0's offset wasn't as expected. I don't have the log anymore.

Is it possible that when flashing for encryption, make does not report partitions not fitting ? And I'm overflowing factory into ota0 or similar.

Also, is it possible to do secure-boot one-time + release encryption but burn the FLASH_CNT/UART_DECRYPT/etc eFuses at the end myself ? So I can verify everything is working before locking myself out.

Thank you !