Using Flash Download Tool to Implement Secure Bootloader and Flash Encryption

callux
Posts: 3
Joined: Wed Oct 20, 2021 5:39 am

Using Flash Download Tool to Implement Secure Bootloader and Flash Encryption

Postby callux » Fri Dec 03, 2021 7:03 am

Hi all,

I am currently trying to automate the process of implementing (Reflashable) Secure Bootloader v1 and Flash Encryption. The security features are to be implemented on several ESP32s with the same secure boot key and flash encryption key. (I know this isn't ideal but it will suffice for now). I have managed to do such using ESP-IDF on VS-Code but am now trying to use the Flash Download Tool by Espressif
to make the process more efficient.


With reference to the forum post [url] https://blog.csdn.net/espressif/article ... s/79362094 [/url], I tried setting the the values on the security.conf as follows to first try testing the Secure Bootloader.

[DEBUG MODE]
debug_enable = True
debug_pem_path = C:\Users\XXXX\Documents\Licences\secure_boot_01.pem

[SECURE BOOT]
secure_boot_en = True
burn_secure_boot_key = True
secure_boot_force_write = False
secure_boot_rw_protect = True

[FLASH ENCRYPTION]
flash_encryption_en = False
reserved_burn_times = 0

[ENCRYPTION KEYS SAVE]
keys_save_enable = False
encrypt_keys_enable = False
encrypt_keys_aeskey_path =

[DISABLE FUNC]
jtag_disable = False
dl_encrypt_disable = False
dl_decrypt_disable = False
dl_cache_disable = False


This successfully burned the fuses of BLOCK2 and ABS_DONE_0 and I had successfully managed to download the software. However I never managed to re-download the software again. After trying again, the following pops up as I try to monitor the device

[code]
rst:0x10 (RTCWDT_RTC_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
[/code]

Does anyone have any experience with implementing Secure Bootloader (and eventually flash encryption) on the ESP32 via the Flash Download Tool ? Or might anyone be able to point out what i'm doing wrong ?

Thankyou in advance.

mr.engineer
Posts: 6
Joined: Wed Feb 23, 2022 5:38 am

Re: Using Flash Download Tool to Implement Secure Bootloader and Flash Encryption

Postby mr.engineer » Wed Feb 23, 2022 5:44 am

UP

Who is online

Users browsing this forum: No registered users and 120 guests