ESP32 Flash Encryption "flash decryption block"

eslamsnono
Posts: 3
Joined: Wed May 18, 2022 4:54 pm

ESP32 Flash Encryption "flash decryption block"

Postby eslamsnono » Wed May 18, 2022 5:00 pm

  1. ESP32 Espressif Programming Guide says that after enable flash encryption Firmware bootloader, partitions and app are encrypted. When rebooted it says that the firmware is the one responsible for calling " flash decryption block".
  2. My question, i am confused who is responsible for calling  flash decryption block ? Rom bootloader or firmware bootloader as the firmware bootloader is already encrypted so how it will be decrypted and call the  flash decryption block.
  3. Thanks in advance

ESP_Sprite
Posts: 8921
Joined: Thu Nov 26, 2015 4:08 am

Re: ESP32 Flash Encryption "flash decryption block"

Postby ESP_Sprite » Thu May 19, 2022 1:28 pm

I see only one reference to "flash decryption block" and that seems to refer to the 2nd stage bootloader (the one in flash) doing the decryption.

eslamsnono
Posts: 3
Joined: Wed May 18, 2022 4:54 pm

Re: ESP32 Flash Encryption "flash decryption block"

Postby eslamsnono » Mon May 23, 2022 10:44 am

@ESP_Sprite
Yes, They say the 2nd stage bootloader but how this is done as this should be also encrypted. So how it is decrypted?

ESP_Sprite
Posts: 8921
Joined: Thu Nov 26, 2015 4:08 am

Re: ESP32 Flash Encryption "flash decryption block"

Postby ESP_Sprite » Tue May 24, 2022 2:06 am

Okay, I read through it again; you're referring to this, right? I think that it's mostly written to indicate the flash encryption process; the actual 'normal' startup process is glossed over a bit. You can read about that here.

Note that flash decryption is a hardware function: it gets set up partially in hardware, partially in the ROM bootloader, and afterwards code can 'decrypt' flash by simply reading it; the hardware does the decryption. As such there is no specific code anywhere to do decryption.

eslamsnono
Posts: 3
Joined: Wed May 18, 2022 4:54 pm

Re: ESP32 Flash Encryption "flash decryption block"

Postby eslamsnono » Wed May 25, 2022 3:15 am

@ESP_Sprite
Firstly thanks for your reply and concern
So that means that it is not the 2nd stage bootloader is the one who call the decryption block, it is the room bootloader.
and this is logic, it should call this hardware decryption block who decrypt the flash memory

thanks @ESP_Sprite

Who is online

Users browsing this forum: No registered users and 123 guests