Help me out to test the secure boot features on ESP32

prasad.gj
Posts: 3
Joined: Mon Aug 17, 2020 10:01 am

Help me out to test the secure boot features on ESP32

Postby prasad.gj » Mon Aug 17, 2020 10:18 am

Have followed the below steps to configure the secure boot on ESP32,

Steps followed:
1)Open the Project Configuration Menu, navigate to “Secure Boot Configuration” and select the option “One-time Flash”. (To understand the alternative “Reflashable” choice, see Re-Flashable Software Bootloader.)
2)Select a name for the secure boot signing key
3)make
4)Generate secure boot signing key
` openssl ecparam -name prime256v1 -genkey -noout -out secure_boot_signing_key.pem `
5)espsecure.py sign_data --keyfile ./my_signing_key.pem --output ./image_signed.bin image-unsigned.bin
6)make
7)make bootloader
8)python /{$IDF}/esp/esp-idf/components/esptool_py/esptool/espefuse.py burn_key secure_boot /home/hmecl001302/Documents/esp/esp-idf/examples/secureboot/blink/build/bootloader/secure-bootloader-key-256.bin
9)python /{$IDF}/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port '/dev/ttyUSB0' --baud 115200 --before default_reset --after hard_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x1000 /home/hmecl001302/Documents/esp/esp-idf/examples/secureboot/blink/build/bootloader/bootloader.bin
10python /{$IDF}/esp/esp-idf/components/esptool_py/esptool/esptool.py --chip esp32 --port '/dev/ttyUSB0' --baud 115200 --before default_reset --after hard_reset write_flash -z --flash_mode dio --flash_freq 40m --flash_size detect 0x0 /home/hmecl001302/Documents/esp/esp-idf/examples/secureboot/blink/build/bootloader/bootloader-reflash-digest.bin
11)idf.py -p /dev/ttyUSB0 -b 115200 flash monitor


While monitoring the console getting stuck in the bootloader and throws below error

rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:4
load:0x3fff0034,len:11936
ho 0 tail 12 room 4
load:0x40078000,len:21372
load:0x40080400,len:4340
secure boot check fail
ets_main.c 371

Anyone can help me out to test the secure boot features.

Who is online

Users browsing this forum: No registered users and 107 guests