Merge branch 'doc/security_features_small_fixes_v3.2' into 'release/v3.2'
doc: Small secure boot & flash encryption corrections (v3.2) See merge request idf/esp-idf!3888
This commit is contained in:
Ivan Grokhotkov
commit
3b4d51bbfa
2 changed files with 6 additions and 4 deletions
|
|
@ -3,7 +3,7 @@ Flash Encryption
|
|||
|
||||
Flash Encryption is a feature for encrypting the contents of the ESP32's attached SPI flash. When flash encryption is enabled, physical readout of the SPI flash is not sufficient to recover most flash contents.
|
||||
|
||||
Flash Encryption is separate from the :doc:`Secure Boot <secure-boot>` feature, and you can use flash encryption without enabling secure boot. However we recommend using both features together for a secure environment. In absence of secure boot, additional configuration needs to be performed to ensure effectiveness of flash encryption. See :ref:`flash-encryption-without-secure-boot` for more details.
|
||||
Flash Encryption is separate from the :doc:`Secure Boot <secure-boot>` feature, and you can use flash encryption without enabling secure boot. However, for a secure environment both should be used simultaneously. In absence of secure boot, additional configuration needs to be performed to ensure effectiveness of flash encryption. See :ref:`flash-encryption-without-secure-boot` for more details.
|
||||
|
||||
.. important::
|
||||
Enabling flash encryption limits your options for further updates of your ESP32. Make sure to read this document (including :ref:`flash-encryption-limitations`) and understand the implications of enabling flash encryption.
|
||||
|
|
@ -146,7 +146,7 @@ Limited Updates
|
|||
|
||||
Only 4 plaintext serial update cycles of this kind are possible, including the initial encrypted flash.
|
||||
|
||||
After the fourth time encryption is disabled, :ref:`FLASH_CRYPT_CNT` has the maximum value `0xFF` and encryption is permanently disabled.
|
||||
After the fourth time encryption is enabled, :ref:`FLASH_CRYPT_CNT` has the maximum value ``0x7F`` (7 bits set) and encryption is permanently enabled. Flashing :ref:`FLASH_CRYPT_CNT` to ``0xFF`` (8 bits set) does not re-disable encryption, the eighth bit is ignored.
|
||||
|
||||
Using :ref:`updating-encrypted-flash-ota` or :ref:`pregenerated-flash-encryption-key` allows you to exceed this limit.
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ Secure Boot
|
|||
|
||||
Secure Boot is a feature for ensuring only your code can run on the chip. Data loaded from flash is verified on each reset.
|
||||
|
||||
Secure Boot is separate from the :doc:`Flash Encryption <flash-encryption>` feature, and you can use secure boot without encrypting the flash contents. However we recommend using both features together for a secure environment. See :ref:`secure-boot-and-flash-encr` for more details.
|
||||
Secure Boot is separate from the :doc:`Flash Encryption <flash-encryption>` feature, and you can use secure boot without encrypting the flash contents. However, for a secure environment both should be used simultaneously. See :ref:`secure-boot-and-flash-encr` for more details.
|
||||
|
||||
.. important::
|
||||
|
||||
|
|
@ -258,7 +258,9 @@ To generate a bootloader digest::
|
|||
|
||||
espsecure.py digest_secure_bootloader --keyfile ./securebootkey.bin --output ./bootloader-digest.bin build/bootloader/bootloader.bin
|
||||
|
||||
Keyfile is the 32 byte raw secure boot key for the device. To flash this digest onto the device::
|
||||
Keyfile is the 32 byte raw secure boot key for the device.
|
||||
|
||||
The output of the ``espsecure.py digest_secure_bootloader`` command is a single file which contains both the digest and the bootloader appended to it. To flash the combined digest plus bootloader to the device::
|
||||
|
||||
esptool.py write_flash 0x0 bootloader-digest.bin
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue