alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-08-13 13:50:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Secure Boot & Flash encryption: Support 3/4 Coding Scheme

Browse Source 
Includes esptool update to v2.6-beta1
This commit is contained in:
Angus Gratton
2018-10-02 15:15:32 +10:00
committed by Angus Gratton
parent 88625a2501
commit f53fef9936
11 changed files with 250 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
components/bootloader_support/src/flash_encrypt.c
View File

@@ -15,7 +15,6 @@
#include <strings.h>
#include "bootloader_flash.h"
#include "bootloader_random.h"
#include "esp_image_format.h"
#include "esp_flash_encrypt.h"
#include "esp_flash_partitions.h"
@@ -63,8 +62,9 @@ esp_err_t esp_flash_encrypt_check_and_update(void)
static esp_err_t initialise_flash_encryption(void)
{
if (REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_CODING_SCHEME_M) {
ESP_LOGE(TAG, "Flash Encryption is currently not supported on hardware with 3/4 Coding Scheme (CODING_SCHEME efuse set)");
uint32_t coding_scheme = REG_GET_FIELD(EFUSE_BLK0_RDATA6_REG, EFUSE_CODING_SCHEME);
if (coding_scheme != EFUSE_CODING_SCHEME_VAL_NONE && coding_scheme != EFUSE_CODING_SCHEME_VAL_34) {
ESP_LOGE(TAG, "Unknown/unsupported CODING_SCHEME value 0x%x", coding_scheme);
return ESP_ERR_NOT_SUPPORTED;
}
@@ -85,13 +85,7 @@ static esp_err_t initialise_flash_encryption(void)
&& REG_READ(EFUSE_BLK1_RDATA6_REG) == 0
&& REG_READ(EFUSE_BLK1_RDATA7_REG) == 0) {
ESP_LOGI(TAG, "Generating new flash encryption key...");
uint32_t buf[8];
bootloader_fill_random(buf, sizeof(buf));
for (int i = 0; i < 8; i++) {
ESP_LOGV(TAG, "EFUSE_BLK1_WDATA%d_REG = 0x%08x", i, buf[i]);
REG_WRITE(EFUSE_BLK1_WDATA0_REG + 4*i, buf[i]);
}
bzero(buf, sizeof(buf));
esp_efuse_write_random_key(EFUSE_BLK1_WDATA0_REG);
esp_efuse_burn_new_values();
ESP_LOGI(TAG, "Read & write protecting new key...");