Skip to content

Support flash encryption #70

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jessebraham opened this issue Oct 6, 2021 · 2 comments
Closed

Support flash encryption #70

jessebraham opened this issue Oct 6, 2021 · 2 comments
Assignees
@jessebraham
Labels
help wanted Extra attention is needed

Comments

@jessebraham
Copy link
Member

jessebraham commented Oct 6, 2021
edited
Loading

Flash encryption is supported by all chips from the ESP32 and newer. We can encrypt data on the host and flash it to the target, assuming we first burn the encryption key into the target's eFuse.

For more details:
https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html
@jessebraham jessebraham moved this to In Progress in esp-rs Feb 10, 2022
@jessebraham jessebraham moved this from In Progress to Todo in esp-rs May 3, 2022
@georgik georgik added the help wanted Extra attention is needed label May 17, 2022
@jessebraham
Copy link
Member Author

After some further discussion, it seems there's not really anything actionable here. I have written a short guide for using flash encryption in this gist:
https://gist.github.com/jessebraham/0c7d86f9866614dc602e5d8e0e97c37a

If there is any specific functionality we need in the future we can open issues for that specifically.

@jessebraham jessebraham closed this as not planned Won't fix, can't repro, duplicate, stale Jul 6, 2022
Repository owner moved this from Todo to Done in esp-rs Jul 6, 2022
@ost-ing
Copy link

ost-ing commented May 23, 2024

@jessebraham in your gist, you need to manually build a secure flash bootloader with esp-idf idf.py, and then manually pass that bootloader binary to espflash.

That seems fairly incomplete to me. Shouldn't espflash be able to prepare the bootloader for encryption?

@4rzael 4rzael mentioned this issue Jan 6, 2025
Open
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jessebraham jessebraham

Labels
help wanted Extra attention is needed
Projects
esp-rs
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@georgik @jessebraham @ost-ing