From a2d0fbb9abebe7670200b523cb8bc170c990db7d Mon Sep 17 00:00:00 2001 From: Angus Gratton Date: Tue, 4 Dec 2018 12:38:28 +1100 Subject: [PATCH] docs: flash encryption: Fix description of behaviour when all bits of FLASH_CRYPT_CNT are set Correct behaviour is described in section 25.3.3 Flash Decryption Block of the ESP32 TRM --- docs/en/security/flash-encryption.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/en/security/flash-encryption.rst b/docs/en/security/flash-encryption.rst index f65fb6f4f..82e6fb379 100644 --- a/docs/en/security/flash-encryption.rst +++ b/docs/en/security/flash-encryption.rst @@ -146,7 +146,7 @@ Limited Updates Only 4 plaintext serial update cycles of this kind are possible, including the initial encrypted flash. -After the fourth time encryption is disabled, :ref:`FLASH_CRYPT_CNT` has the maximum value `0xFF` and encryption is permanently disabled. +After the fourth time encryption is enabled, :ref:`FLASH_CRYPT_CNT` has the maximum value ``0x7F`` (7 bits set) and encryption is permanently enabled. Flashing :ref:`FLASH_CRYPT_CNT` to ``0xFF`` (8 bits set) does not re-disable encryption, the eighth bit is ignored. Using :ref:`updating-encrypted-flash-ota` or :ref:`pregenerated-flash-encryption-key` allows you to exceed this limit.