Skip to main content

ESP32S3: Flash Encryption and Secure Boot

Flash encryption and secure boot are useful security features for ESP32S3 chip. While not perfect, they definitely make it harder to extract the secrets in the chip.

However, it is tricky to enable both features at the same time. The topic is actually discussed in the official documentation:

Especially, the second one mentioned it is recommended to enable flash encryption before secure boot. But I still find the documentation confusing.

In the end I was able to successfully enable both, here's my findings.

My Understanding

After my adventure, here's what I think could have worked. WARNING, this is untested.

  • Follow Security Features Enablement Workflows:
    • Burn all the keys, as long as their purpose eFuses and read/write protections
    • Burn other security eFuses, but DO NOT burn ENABLE_SECURITY_DOWNLOAD in the middle, which is mentined at the end of the instruction for both flash encryption and secure boot.
    • Burn SPI_BOOT_CRYPT_CNT (all 3 bits) and SECURE_BOOT_EN
  • Sign bootloader and application
  • Encrypt signed bootloader, partition table and signed application
  • Flash three encrypted pieces into correct offsets.

My Actual Adventure

I had thought the official bootloader was necessary to enable the features, so I actually downloaded ESP-IDF and flashed the bootloader as the last step of enabling flash encryption. Later I found that ENABLE_SECURITY_DOWNLOAD had been automatically burned by the bootloader, because I used the recommended "secure download mode" option in `idf.py menuconfig`.

This is not the end of the world, it just meant I could no longer use `espefuse.py`. I could actually use the C API to burn the eFuses. The API is actually quite user-friendly, and the high-level functions (e.g. burn key, purpose and read/write protection at the same time) do check common errors. I just had to read the documentation to understand the differences between blocks, bits and registers.


One more thing about the bootloader: A recent version (5.3-ish) of ESP-IDF changed something about application image header, which is no longer compatible with esp-hal before this change, this took me quite a while to figure out.

Labels:

Comments

Post a Comment

Popular posts from this blog

Determine Perspective Lines With Off-page Vanishing Point

In perspective drawing, a vanishing point represents a group of parallel lines, in other words, a direction. For any point on the paper, if we want a line towards the same direction (in the 3d space), we simply draw a line through it and the vanishing point. But sometimes the vanishing point is too far away, such that it is outside the paper/canvas. In this example, we have a point P and two perspective lines L1 and L2. The vanishing point VP is naturally the intersection of L1 and L2. The task is to draw a line through P and VP, without having VP on the paper. I am aware of a few traditional solutions: 1. Use extra pieces of paper such that we can extend L1 and L2 until we see VP. 2. Draw everything in a smaller scale, such that we can see both P and VP on the paper. Draw the line and scale everything back. 3. Draw a perspective grid using the Brewer Method. #1 and #2 might be quite practical. #3 may not guarantee a solution, unless we can measure distances/p...
2 comments
Read More »

[转] UTF-8 and Unicode FAQ for Unix/Linux

这几天,这个东西把我搞得很头疼 而且这篇文章好像太大了,blogger自己的发布系统不能发 只好用mail了 //原文 http://www.cl.cam.ac.uk/~mgk25/unicode.html UTF-8 and Unicode FAQ for Unix/Linux by Markus Kuhn This text is a very comprehensive one-stop information resource on how you can use Unicode/UTF-8 on POSIX systems (Linux, Unix). You will find here both introductory information for every user, as well as detailed references for the experienced developer. Unicode has started to replace ASCII, ISO 8859 and EUC at all levels. It enables users to handle not only practically any script and language used on this planet, it also supports a comprehensive set of mathematical and technical symbols to simplify scientific information exchange. With the UTF-8 encoding, Unicode can be used in a convenient and backwards compatible way in environments that were designed entirely around ASCII, like Unix. UTF-8 is the way in which Unicode is used under Unix, Linux, and similar systems. It is now time to make sure that you are well familiar ...
Post a Comment
Read More »

Moving Items Along Bezier Curves with CSS Animation (Part 2: Time Warp)

This is a follow-up of my earlier article.  I realized that there is another way of achieving the same effect. This article has lots of nice examples and explanations, the basic idea is to make very simple @keyframe rules, usually just a linear movement, then use timing function to distort the time, such that the motion path becomes the desired curve. I'd like to call it the "time warp" hack. Demo See the Pen Interactive cubic Bezier curve + CSS animation by Lu Wang ( @coolwanglu ) on CodePen . How does it work? Recall that a cubic Bezier curve is defined by this formula : \[B(t) = (1-t)^3P_0+3(1-t)^2tP_1+3(1-t)t^2P_2+t^3P_3,\ 0 \le t \le 1.\] In the 2D case, \(B(t)\) has two coordinates, \(x(t)\) and \(y(t)\). Define \(x_i\) to the be x coordinate of \(P_i\), then we have: \[x(t) = (1-t)^3x_0+3(1-t)^2tx_1+3(1-t)t^2x_2+t^3x_3,\ 0 \le t \le 1.\] So, for our animated element, we want to make sure that the x coordiante (i.e. the "left" CSS property) is \(...
3 comments
Read More »