espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'docs/key_manager_docs' into 'master'

Browse Source 
Add Key-Manager peripheral related documentation and example

Closes IDF-7903

See merge request espressif/esp-idf!45263
This commit is contained in:
Aditya Patwardhan
2026-03-19 09:01:17 +05:30
parent 655d7a0c79 5c66b1f529
commit d70142ceae
42 changed files with 3638 additions and 438 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/conf_common.py
+1
View File
@@ -368,6 +368,7 @@ conditional_include_dict = {
'SOC_HMAC_SUPPORTED': ['api-reference/peripherals/hmac.rst'],
'SOC_GDMA_SUPPORT_CRC': ['api-reference/peripherals/async_crc.rst'],
'SOC_ASYNC_MEMCPY_SUPPORTED': ['api-reference/peripherals/async_memcpy.rst'],
'SOC_KEY_MANAGER_SUPPORTED': ['api-reference/peripherals/key_manager.rst'],
'CONFIG_IDF_TARGET_ARCH_XTENSA': XTENSA_DOCS,
'CONFIG_IDF_TARGET_ARCH_RISCV': RISCV_DOCS,
'SOC_TEMP_SENSOR_SUPPORTED': TEMP_SENSOR_DOCS,
docs/docs_not_updated/esp32h4.txt
+1
View File
@@ -126,6 +126,7 @@ api-reference/peripherals/sdspi_share.rst
api-reference/peripherals/ana_cmpr.rst
api-reference/peripherals/adc_continuous.rst
api-reference/peripherals/hmac.rst
api-reference/peripherals/key_manager.rst
api-reference/peripherals/sdspi_host.rst
api-reference/peripherals/vad.rst
api-reference/peripherals/i2s.rst
docs/doxygen/Doxyfile
+2
View File
@@ -383,6 +383,8 @@ PREDEFINED = \
configTASKLIST_INCLUDE_COREID=1 \
configUSE_SB_COMPLETED_CALLBACK=1 \
PRIVILEGED_FUNCTION= \
PACKED_ATTR= \
WORD_ALIGNED_ATTR= \
"ESP_EVENT_DECLARE_BASE(x)=extern esp_event_base_t x"
## Do not complain about not having dot
docs/doxygen/Doxyfile_esp32c5
+2
View File
@@ -22,4 +22,6 @@ INPUT += \
$(PROJECT_PATH)/components/esp_tee/include/esp_tee.h \
$(PROJECT_PATH)/components/esp_tee/subproject/components/tee_sec_storage/include/esp_tee_sec_storage.h \
$(PROJECT_PATH)/components/esp_tee/subproject/components/tee_ota_ops/include/esp_tee_ota_ops.h \
$(PROJECT_PATH)/components/esp_security/include/esp_key_mgr.h \
$(PROJECT_PATH)/components/esp_hal_security/include/hal/key_mgr_types.h \
$(PROJECT_PATH)/components/mbedtls/port/include/psa/initial_attestation.h \
docs/doxygen/Doxyfile_esp32p4
+3 -1
View File
@@ -53,4 +53,6 @@ INPUT += \
$(PROJECT_PATH)/components/ulp/lp_core/lp_core/include/ulp_lp_core_utils.h \
$(PROJECT_PATH)/components/ulp/lp_core/shared/include/ulp_lp_core_lp_uart_shared.h \
$(PROJECT_PATH)/components/ulp/lp_core/shared/include/ulp_lp_core_lp_vad_shared.h \
$(PROJECT_PATH)/components/ulp/ulp_common/include/ulp_common.h
$(PROJECT_PATH)/components/ulp/ulp_common/include/ulp_common.h \
$(PROJECT_PATH)/components/esp_security/include/esp_key_mgr.h \
$(PROJECT_PATH)/components/esp_hal_security/include/hal/key_mgr_types.h
docs/en/api-reference/peripherals/ds.rst
+12 -2
View File
@@ -3,7 +3,13 @@ Digital Signature (DS)
:link_to_translation:`zh_CN:[中文]`
The Digital Signature (DS) module provides hardware acceleration of signing messages based on RSA. It uses pre-encrypted parameters to calculate a signature. The parameters are encrypted using HMAC as a key-derivation function. In turn, the HMAC uses eFuses as the input key. The whole process happens in hardware so that neither the decryption key for the RSA parameters nor the input key for the HMAC key derivation function can be seen by the software while calculating the signature.
The Digital Signature (DS) module provides hardware acceleration of signing messages based on RSA. It uses pre-encrypted parameters to calculate a signature. The parameters are encrypted using HMAC as a key-derivation function. In turn, the HMAC uses eFuses as the input key.
.. only:: SOC_KEY_MANAGER_SUPPORTED
On {IDF_TARGET_NAME}, the Digital Signature (DS) module can also use a key stored in the Key Manager instead of an eFuse key block. The AES encryption key can be directly deployed in the Key Manager with the type :cpp:enumerator:`ESP_KEY_MGR_DS_KEY`. Refer to :ref:`key-manager` for more details.
The whole process happens in hardware so that neither the decryption key for the RSA parameters nor the input key for the HMAC key derivation function can be seen by the software while calculating the signature.
For more detailed information on the hardware involved in the signature calculation and the registers used, see **{IDF_TARGET_NAME} Technical Reference Manual** > **Digital Signature (DS)** [`PDF <{IDF_TARGET_TRM_EN_URL}#digsig>`__].
@@ -112,7 +118,11 @@ Example for SSL Mutual Authentication Using DS
The SSL mutual authentication example that previously lived under ``examples/protocols/mqtt/ssl_ds`` is now shipped with the standalone `espressif/mqtt <https://components.espressif.com/components/espressif/mqtt>`__ component. Follow the component documentation to fetch the SSL DS example and build it together with ESP-MQTT. The example continues to use ``mqtt_client`` (implemented by ESP-MQTT) to connect to ``test.mosquitto.org`` over mutual-authenticated TLS, with the TLS portion handled by ESP-TLS.
.. only:: SOC_KEY_MANAGER_SUPPORTED
In case both the :cpp:member:`esp_ds_data_ctx_t::efuse_key_id` and :cpp:member:`esp_rsa_ds_opaque_key_t::key_recovery_info` are set, the ESP-DS PSA driver prefers using the Key Manager-based DS key over the eFuse-based DS key.
API Reference
-------------
.. include-build-file:: inc/esp_ds.inc
.. include-build-file:: inc/psa_crypto_driver_esp_rsa_ds_contexts.inc
docs/en/api-reference/peripherals/ecdsa.rst
+19 -1
View File
@@ -24,7 +24,14 @@ Supported Features
ECDSA on {IDF_TARGET_NAME}
--------------------------
On {IDF_TARGET_NAME}, the ECDSA module works with a secret key burnt into an eFuse block. This eFuse key is made completely inaccessible (default mode) for any resources outside the cryptographic modules, thus avoiding key leakage.
On {IDF_TARGET_NAME}, the ECDSA module works with a secret key burnt into an eFuse block.
.. only:: SOC_KEY_MANAGER_SUPPORTED
On {IDF_TARGET_NAME}, the ECDSA module also supports storing a secret key in the Key Manager. Refer to :ref:`key-manager` for more details.
This key is made completely inaccessible (default mode) for any resources outside the cryptographic modules, thus avoiding key leakage.
ECDSA Key Storage
^^^^^^^^^^^^^^^^^
@@ -53,6 +60,8 @@ ECDSA Key Storage
ECDSA key can be programmed externally through ``idf.py`` script. Here is an example of how to program the ECDSA key:
Using eFuses to store the ECDSA key:
.. code:: bash
idf.py efuse-burn-key <BLOCK_NUM> </path/to/ecdsa_private_key.pem> ECDSA_KEY
@@ -69,9 +78,18 @@ ECDSA key can be programmed externally through ``idf.py`` script. Here is an exa
Six physical eFuse blocks can be used as keys for the ECDSA module: block 4 ~ block 9. E.g., for block 4 (which is the first key block) , the argument should be ``BLOCK_KEY0``.
.. only:: SOC_KEY_MANAGER_SUPPORTED
Using the Key Manager to store the ECDSA key:
ECDSA private keys can be stored in the Key Manager. Refer to :ref:`key-manager` for more details.
Deploy an ECDSA key into the Key Manager and store the generated Key Recovery info in the flash memory for persistent keys.
Alternatively the ECDSA key can also be programmed through the application running on the target.
Using eFuses to store the ECDSA key:
Following code snippet uses :cpp:func:`esp_efuse_write_key` to set physical key block 0 in the eFuse with key purpose as :cpp:enumerator:`esp_efuse_purpose_t::ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY`:
.. code-block:: c
docs/en/api-reference/peripherals/hmac.rst
+12 -3
View File
@@ -26,7 +26,13 @@ However, the HMAC itself is not bound to this use case. It can also be used for
HMAC on {IDF_TARGET_NAME}
-----------------------------
On {IDF_TARGET_NAME}, the HMAC module works with a secret key burnt into the eFuses. This eFuse key can be made completely inaccessible for any resources outside the cryptographic modules, thus avoiding key leakage.
On {IDF_TARGET_NAME}, the HMAC module works with a secret key burnt into the eFuses.
.. only:: SOC_KEY_MANAGER_SUPPORTED
On {IDF_TARGET_NAME}, the HMAC module also supports storing a secret key in the Key Manager. Refer to :ref:`key-manager` for more details.
This key can be made completely inaccessible for any resources outside the cryptographic modules, thus avoiding key leakage.
Furthermore, {IDF_TARGET_NAME} has three different application scenarios for its HMAC module:
@@ -142,6 +148,8 @@ Application Outline
The following code is an outline of how to set an eFuse key and then use it to calculate an HMAC for software usage.
Using eFuses to store the HMAC key:
We use ``esp_efuse_write_key`` to set physical key block 4 in the eFuse for the HMAC module together with its purpose. ``ESP_EFUSE_KEY_PURPOSE_HMAC_UP`` (8) means that this key can only be used for HMAC generation for software usage:
.. code-block:: c
@@ -162,6 +170,8 @@ We use ``esp_efuse_write_key`` to set physical key block 4 in the eFuse for the
Now we can calculate an HMAC for software usage with the saved key through the PSA Crypto API.
Using an eFuse-based HMAC key:
.. code-block:: c
#include "psa/crypto.h"
@@ -181,9 +191,8 @@ Now we can calculate an HMAC for software usage with the saved key through the P
psa_set_key_bits(&attributes, 256);
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_ESP_HMAC_VOLATILE);
// Create opaque key reference
// Create opaque key reference for eFuse-based key
esp_hmac_opaque_key_t opaque_key = {
.use_km_key = false,
.efuse_key_id = HMAC_KEY4,
};
docs/en/api-reference/peripherals/index.rst
+1
View File
@@ -27,6 +27,7 @@ Peripherals API
:SOC_I3C_MASTER_SUPPORTED: i3c_master
:SOC_ISP_SUPPORTED: isp
:SOC_JPEG_CODEC_SUPPORTED: jpeg
:SOC_KEY_MANAGER_SUPPORTED: key_manager
lcd/index
:SOC_GP_LDO_SUPPORTED: ldo_regulator
ledc
docs/en/api-reference/peripherals/key_manager.rst
+171
View File
@@ -0,0 +1,171 @@
.. _key-manager:
Key Manager
===========
:link_to_translation:`zh_CN:[中文]`
The {IDF_TARGET_NAME}'s Key Manager peripheral provides hardware-assisted **key deployment and recovery** for cryptographic keys. It allows cryptographic keys to be provisioned and used without storing plaintext key material in flash, RAM, or eFuses.
The Key Manager is intended for applications that require secure handling of long-term cryptographic keys.
.. only:: esp32p4
.. note::
The Key Manager peripheral is only supported on ESP32-P4 chip revision >= v3.0.
.. only:: esp32c5
.. note::
The Key Manager peripheral is only supported on ESP32-C5 chip revision >= v1.2.
Key Manager provides the following properties:
- **Device uniqueness**
Keys are cryptographically bound to a Hardware Unique Key (HUK) that is unique to each chip.
- **No plaintext key storage**
Key material is never exposed to software accessible memory.
- **Flexible key lifecycle**
Keys can be deployed, recovered, or replaced by a newer key without reprogramming the eFuses for each key.
- **Resistance to physical extraction**
Reading flash or eFuses contents would not reveal usable key material.
Hardware Unique Key (HUK)
-------------------------
The Hardware Unique Key (HUK) is a device-specific unique key generated entirely in hardware HUK peripheral. It is generated using SRAM Physical Unclonable Function (PUF) and is reconstructed using the HUK recovery info stored in the key recovery info of a Key Manager deployed key. See **{IDF_TARGET_NAME} Technical Reference Manual** > **Chapter Key Manager** [`PDF <{IDF_TARGET_TRM_EN_URL}>`__] > **HUK Generator** for more details about the HUK peripheral.
The HUK acts as the root of trust for all keys deployed through the Key Manager.
Key Deployment and Key Recovery
-------------------------------
The Key Manager operates in two distinct phases:
- **Key deployment**
A cryptographic key is generated or securely introduced into the chip, and it gets bound to the HUK. This step is usually performed during manufacturing, first boot up or when generating transient or persistent keys during the application runtime.
- **Key recovery**
On subsequent boots, a Key Manager-deployed persistent key is restored using the previously generated key recovery information, without exposing the key value.
During deployment, the Key Manager generates a data structure referred to as :cpp:type:`esp_key_mgr_key_recovery_info_t`. In case of persistent keys, the applications must store this data in non-volatile storage (for example, flash) in order to recover the key on later boots.
Supported Key Types
-------------------
The Key Manager can manage keys for the following key types:
.. list::
:SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY: - ECDSA
:SOC_KEY_MANAGER_FE_KEY_DEPLOY: - Flash Encryption (XTS-AES)
:SOC_KEY_MANAGER_HMAC_KEY_DEPLOY: - HMAC
:SOC_KEY_MANAGER_DS_KEY_DEPLOY: - Digital Signature peripherals
:SOC_KEY_MANAGER_FE_KEY_DEPLOY: - PSRAM Encryption
Each key is associated with a :cpp:type:`esp_key_mgr_key_purpose_t`, which defines how the key can be used by hardware peripherals.
Key Deployment Modes
--------------------
The Key Manager provides multiple key deployment modes to support different provisioning and security requirements.
Random Deploy Mode
^^^^^^^^^^^^^^^^^^
In this mode, the Key Manager generates a random private key internally.
- The key value is never known to the application software.
- No external key material is required.
- Intended for use cases where the key does not need to be backed up or exported.
AES Deploy Mode
^^^^^^^^^^^^^^^
In this mode, a user-specified private key is securely deployed.
- The key is encrypted before being transmitted to the chip.
- Auxiliary key material is used to protect the deployment process.
- Intended for factory provisioning scenarios where the key value must be predefined.
ECDH0 Deploy Mode
^^^^^^^^^^^^^^^^^
In this mode, a private key is negotiated using Elliptic Curve Diffie-Hellman (ECDH).
- The final private key is never transmitted.
- The deployment process can occur over an untrusted channel.
- Intended for high-security provisioning environments.
For detailed information various deployment modes, see **{IDF_TARGET_NAME} Technical Reference Manual** > **Chapter Key Manager** [`PDF <{IDF_TARGET_TRM_EN_URL}>`__] > **Section Key Manager**.
.. ECDH1 Deploy Mode
.. ~~~~~~~~~~~~~~~~~
..
.. This mode is similar to ECDH0 Deploy Mode, with additional flexibility for manufacturing workflows.
..
.. - Supports negotiated key deployment using auxiliary recovery data
.. - Allows updating deployed keys by replacing auxiliary information
.. - Intended for large-scale manufacturing with controlled trust assumptions
Typical Workflows
-----------------
First Boot or Manufacturing
^^^^^^^^^^^^^^^^^^^^^^^^^^^
A typical provisioning flow includes:
1. Generating the Hardware Unique Key (HUK)
2. Deploying required cryptographic keys using an appropriate deployment mode
3. Storing the generated ``key_recovery_info`` in non-volatile storage
4. Locking relevant security configuration eFuses, if required
This process is usually performed once per device.
Normal Boot
^^^^^^^^^^^
During a normal boot:
1. The application provides the previously generated and stored ``key_recovery_info`` of a Key Manager-deployed key.
2. The HUK is reconstructed automatically by hardware.
3. The Key Manager recovers the deployed key internally.
4. Cryptographic peripherals can use the recovered key.
Security Considerations
-----------------------
Applications using the Key Manager should consider the following:
- Protect the ``key_recovery_info`` of a Key Manager-deployed key against unauthorized modification or loss.
- Lock Key Manager's security-related eFuses after successful key deployment to prevent re-deployment of a key of the same type.
- Avoid deploying new XTS-AES keys when Flash Encryption is already enabled unless explicitly intended.
API Reference
-------------
.. include-build-file:: inc/esp_key_mgr.inc
.. include-build-file:: inc/key_mgr_types.inc
Examples
--------
See :example:`security/key_manager` for an example demonstrating key deployment using the Key Manager and using the deployed key to perform signing operations.
This example shows how to:
- Initialize the Key Manager
- Deploy keys using the AES deployment mode
- Use the PSA interface to perform signing operations using the Key Manager deployed key
docs/en/security/esp32c5_log.inc
+138 -58
View File
@@ -66,68 +66,72 @@
------
.. first_boot_enc_km
.. code-block:: none
ESP-ROM:esp32c5-eco3-20250704
Build:Jul 4 2025
rst:0x1 (POWERON),boot:0x18 (SPI_FAST_FLASH_BOOT)
SPI mode:DIO, clock div:1
load:0x40855820,len:0x3a60
load:0x4084bba0,len:0xdf4
load:0x4084e5a0,len:0x566c
entry 0x4084bbaa
I (23) boot: ESP-IDF v6.0-dev-3140-ge16a2fb13ad-dirt 2nd stage bootloader
I (24) boot: compile time Oct 27 2025 15:35:09
I (67) boot: chip revision: v1.1
I (70) boot: efuse block revision: v0.3
I (88) boot.esp32c5: SPI Speed : 80MHz
I (92) boot.esp32c5: SPI Mode : DIO
I (96) boot.esp32c5: SPI Flash Size : 2MB
I (103) boot: Enabling RNG early entropy source...
I (138) boot: Partition Table:
I (141) boot: ## Label Usage Type ST Offset Length
I (154) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (168) boot: 1 phy_init RF data 01 01 00014000 00001000
I (182) boot: 2 factory factory app 00 00 00020000 00100000
I (189) boot: End of partition table
I (283) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (377) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636) load
I (445) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468) load
I (512) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (580) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=63804h (407556) map
I (761) boot: Loaded app from partition at offset 0x20000
I (764) boot: Checking flash encryption...
I (788) efuse: Batch mode of writing fields is enabled
I (807) flash_encrypt: Deploying new flash encryption key using Key Manager
W (898) flash_encrypt: Not disabling UART bootloader encryption
I (904) flash_encrypt: Disable UART bootloader cache...
W (917) flash_encrypt: Not disabling JTAG - SECURITY COMPROMISED
I (930) efuse: BURN BLOCK0
I (935) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (938) efuse: Batch mode. Prepared fields are committed
I (1028) esp_image: segment 0: paddr=00002020 vaddr=40855820 size=03a60h ( 14944)
I (1096) esp_image: segment 1: paddr=00005a88 vaddr=4084bba0 size=00df4h ( 3572)
I (1165) esp_image: segment 2: paddr=00006884 vaddr=4084e5a0 size=0566ch ( 22124)
I (1508) flash_encrypt: bootloader encrypted successfully
I (1535) flash_encrypt: partition table encrypted and loaded successfully
I (1616) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (1711) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636)
I (1779) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468)
I (1847) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (1916) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=63804h (407556) map
I (2096) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0xa3850)...
I (5652) flash_encrypt: Done encrypting
I (5667) efuse: BURN BLOCK0
I (5671) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (5675) flash_encrypt: Flash encryption completed
I (5679) boot: Resetting with flash encryption enabled...
------
.. already_en_enc
.. code-block:: none
rst:0x1 (POWERON),boot:0x3d (SPI_FAST_FLASH_BOOT)
SPI mode:DIO, clock div:2
load:0x40855c10,len:0x2be8
load:0x4084c7a0,len:0x6f8
load:0x4084e9a0,len:0x418c
entry 0x4084c804
I (32) boot: ESP-IDF v5.3-dev-3860-g5d36288649 2nd stage bootloader
I (33) boot: compile time May 7 2024 17:24:43
I (34) boot: chip revision: v0.0
I (37) boot.esp32c5: SPI Speed : 40MHz
I (42) boot.esp32c5: SPI Mode : DIO
I (46) boot.esp32c5: SPI Flash Size : 2MB
I (51) boot: Enabling RNG early entropy source...
I (64) boot: Partition Table:
I (67) boot: ## Label Usage Type ST Offset Length
I (74) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (82) boot: 1 storage Unknown data 01 ff 00014000 00001000
I (89) boot: 2 factory factory app 00 00 00020000 00100000
I (97) boot: 3 nvs_key NVS keys 01 04 00120000 00001000
I (104) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000
I (113) boot: End of partition table
I (116) esp_image: segment 0: paddr=00020020 vaddr=42010020 size=095c4h ( 38340) map
I (169) esp_image: segment 1: paddr=000295ec vaddr=40800000 size=06a2ch ( 27180) load
I (197) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=0f4d4h ( 62676) map
I (256) esp_image: segment 3: paddr=0003f4fc vaddr=40806a2c size=00b78h ( 2936) load
I (261) esp_image: segment 4: paddr=0004007c vaddr=408075b0 size=00d18h ( 3352) load
I (269) boot: Loaded app from partition at offset 0x20000
I (270) boot: Checking flash encryption...
I (273) efuse: Batch mode of writing fields is enabled
I (278) flash_encrypt: Generating new flash encryption key...
I (295) efuse: Writing EFUSE_BLK_KEY0 with purpose 4
W (300) flash_encrypt: Not disabling UART bootloader encryption
I (305) flash_encrypt: Disable JTAG...
I (312) efuse: BURN BLOCK4
I (317) efuse: BURN BLOCK4 - OK (write block == read block)
I (319) efuse: BURN BLOCK0
I (325) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (330) efuse: Batch mode. Prepared fields are committed
I (335) esp_image: segment 0: paddr=00002020 vaddr=40855c10 size=02be8h ( 11240)
I (353) esp_image: segment 1: paddr=00004c10 vaddr=4084c7a0 size=006f8h ( 1784)
I (356) esp_image: segment 2: paddr=00005310 vaddr=4084e9a0 size=0418ch ( 16780)
I (1131) flash_encrypt: bootloader encrypted successfully
I (1229) flash_encrypt: partition table encrypted and loaded successfully
I (1230) flash_encrypt: Encrypting partition 1 at offset 0x14000 (length 0x1000)...
I (1325) flash_encrypt: Done encrypting
I (1325) esp_image: segment 0: paddr=00020020 vaddr=42010020 size=095c4h ( 38340) map
I (1362) esp_image: segment 1: paddr=000295ec vaddr=40800000 size=06a2ch ( 27180)
I (1389) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=0f4d4h ( 62676) map
I (1448) esp_image: segment 3: paddr=0003f4fc vaddr=40806a2c size=00b78h ( 2936)
I (1453) esp_image: segment 4: paddr=0004007c vaddr=408075b0 size=00d18h ( 3352)
I (1458) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)...
I (24332) flash_encrypt: Done encrypting
I (24332) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)...
I (24422) flash_encrypt: Done encrypting
I (24423) efuse: BURN BLOCK0
I (24425) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (24427) flash_encrypt: Flash encryption completed
I (24431) boot: Resetting with flash encryption enabled...
ESP-ROM:esp32c5-20240329
Build:Mar 29 2024
rst:0x3 (RTC_SW_HPSYS),boot:0x3d (SPI_FAST_FLASH_BOOT)
@@ -193,3 +197,79 @@
------
.. already_en_enc_km
.. code-block:: none
ESP-ROM:esp32c5-eco3-20250704
Build:Jul 4 2025
rst:0x1 (POWERON),boot:0x18 (SPI_FAST_FLASH_BOOT)
use sector0 for km info
use KM derived key
SPI mode:DIO, clock div:1
load:0x40855820,len:0x3a94
load:0x4084bba0,len:0xd84
load:0x4084e5a0,len:0x5670
entry 0x4084bbaa
I (27) boot: ESP-IDF v6.0-dev-3139-gb813f413096-dirt 2nd stage bootloader
I (28) boot: compile time Oct 27 2025 18:14:49
W (39) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (53) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (67) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (80) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (94) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (108) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
I (116) boot: chip revision: v1.1
I (119) boot: efuse block revision: v0.3
I (137) boot.esp32c5: SPI Speed : 80MHz
I (141) boot.esp32c5: SPI Mode : DIO
I (145) boot.esp32c5: SPI Flash Size : 2MB
I (149) boot: Enabling RNG early entropy source...
W (163) MMU: mmu_ll_write_entry mmu_id=0, entry_id=0, mmu_val=0x00000000, target=1
I (191) boot: Partition Table:
I (194) boot: ## Label Usage Type ST Offset Length
I (208) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (222) boot: 1 phy_init RF data 01 01 00014000 00001000
I (235) boot: 2 factory factory app 00 00 00020000 00100000
I (242) boot: End of partition table
I (396) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (539) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636) load
I (629) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468) load
I (719) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (816) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=6378ch (407436) map
I (1114) boot: Loaded app from partition at offset 0x20000
I (1116) boot: Checking flash encryption...
I (1133) flash_encrypt: flash encryption is enabled (1 plaintext flashes left)
I (1140) boot: Disabling RNG early entropy source...
I (1301) MSPI Timing: Enter flash timing tuning
I (1434) cpu_start: Unicore app
I (1468) cpu_start: GPIO 12 and 11 are used as console UART I/O pins
I (1479) cpu_start: Pro cpu start user code
I (1483) cpu_start: cpu freq: 240000000 Hz
I (1493) app_init: Application information:
I (1496) app_init: Project name: mbedtls_test
I (1501) app_init: App version: qa-test-esp32c61-master-2025070
I (1507) app_init: Compile time: Oct 27 2025 15:56:18
I (1512) app_init: ELF file SHA256: c5f7f520c...
I (1517) app_init: ESP-IDF: v6.0-dev-3140-ge16a2fb13ad-dirt
I (1528) efuse_init: Min chip rev: v1.0
I (1532) efuse_init: Max chip rev: v1.99
I (1536) efuse_init: Chip rev: v1.1
I (1669) heap_init: Initializing. RAM available for dynamic allocation:
I (1680) heap_init: At 4080FCB0 len 0004C8F0 (306 KiB): RAM
I (1685) heap_init: At 4085C5A0 len 00002F58 (11 KiB): RAM
I (1695) heap_init: At 50000000 len 00003FE8 (15 KiB): RTCRAM
I (1800) spi_flash: detected chip: generic
I (1804) spi_flash: flash io: dio
W (1807) spi_flash: Detected size(8192k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
W (1833) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (1867) sleep_gpio: Configure to isolate all GPIO pins in sleep state
I (1873) sleep_gpio: Enable automatic switching of GPIO sleep configuration
I (1926) main_task: Started on CPU0
I (1926) main_task: Calling app_main()
I (1936) main_task: Returned from app_main()
------
docs/en/security/esp32p4_log.inc
+140
View File
@@ -70,6 +70,72 @@
------
.. first_boot_enc_km
.. code-block:: none
ESP-ROM:esp32p4-eco5-20250430
Build:Apr 30 2025
rst:0x17 (CHIP_USB_UART_RESET),boot:0xc (SPI_FAST_FLASH_BOOT)
Core0 Saved PC:0x4fc0130e
Core1 Saved PC:0x4fc05fa4
SPI mode:DIO, clock div:1
load:0x4ffb6240,len:0x3870
load:0x4ffac2c0,len:0x179c
load:0x4ffaefc0,len:0x4ed8
entry 0x4ffac2ca
I (38) boot: ESP-IDF v6.0-dev-2918-g6629f96afca-dirt 2nd stage bootloader
I (38) boot: compile time Oct 14 2025 08:50:07
I (39) boot: Multicore bootloader
I (85) boot: chip revision: v3.0
I (88) boot: efuse block revision: v1.0
I (106) boot.esp32p4: SPI Speed : 80MHz
I (110) boot.esp32p4: SPI Mode : DIO
I (114) boot.esp32p4: SPI Flash Size : 2MB
I (121) boot: Enabling RNG early entropy source...
I (156) boot: Partition Table:
I (159) boot: ## Label Usage Type ST Offset Length
I (173) boot: 0 factory factory app 00 00 00010000 00150000
I (187) boot: 1 storage Unknown data 01 81 00160000 00050000
I (194) boot: End of partition table
I (287) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (355) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68) load
I (423) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708) load
I (491) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (567) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120) load
I (635) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644) load
I (750) boot: Loaded app from partition at offset 0x10000
I (752) boot: Checking flash encryption...
I (777) efuse: Batch mode of writing fields is enabled
I (796) flash_encrypt: Deploying new flash encryption key using Key Manager
W (933) flash_encrypt: Not disabling UART bootloader encryption
I (939) flash_encrypt: Disable UART bootloader cache...
W (952) flash_encrypt: Not disabling JTAG - SECURITY COMPROMISED
I (965) efuse: BURN BLOCK0
I (970) efuse: BURN BLOCK0 - OK (write block == read block)
I (973) efuse: Batch mode. Prepared fields are committed
I (1063) esp_image: segment 0: paddr=00002020 vaddr=4ffb6240 size=03870h ( 14448)
I (1132) esp_image: segment 1: paddr=00005898 vaddr=4ffac2c0 size=0179ch ( 6044)
I (1200) esp_image: segment 2: paddr=0000703c vaddr=4ffaefc0 size=04ed8h ( 20184)
I (1725) flash_encrypt: bootloader encrypted successfully
I (1769) flash_encrypt: partition table encrypted and loaded successfully
I (1851) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (1919) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68)
I (1988) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708)
I (2056) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (2133) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120)
I (2202) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644)
I (2315) flash_encrypt: Encrypting partition 0 at offset 0x10000 (length 0x3f260)...
I (4978) flash_encrypt: Done encrypting
I (4992) efuse: BURN BLOCK0
I (4997) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (5001) flash_encrypt: Flash encryption completed
I (5005) boot: Resetting with flash encryption enabled...
------
.. already_en_enc
.. code-block:: none
@@ -152,3 +218,77 @@
I (595) main_task: Returned from app_main()
------
.. already_en_enc_km
.. code-block:: none
ESP-ROM:esp32p4-eco5-20250430
Build:Apr 30 2025
rst:0x3 (SW_SYS_RESET),boot:0xc (SPI_FAST_FLASH_BOOT)
Core0 Saved PC:0x4ffb0910
Core1 Saved PC:0x4fc05fa4
SPI mode:DIO, clock div:1
load:0x4ffb6240,len:0x3870
load:0x4ffac2c0,len:0x179c
load:0x4ffaefc0,len:0x4ed8
entry 0x4ffac2ca
I (37) boot: ESP-IDF v6.0-dev-2918-g6629f96afca-dirt 2nd stage bootloader
I (38) boot: compile time Oct 14 2025 08:50:07
I (38) boot: Multicore bootloader
I (84) boot: chip revision: v3.0
I (87) boot: efuse block revision: v1.0
I (106) boot.esp32p4: SPI Speed : 80MHz
I (110) boot.esp32p4: SPI Mode : DIO
I (113) boot.esp32p4: SPI Flash Size : 2MB
I (121) boot: Enabling RNG early entropy source...
I (155) boot: Partition Table:
I (158) boot: ## Label Usage Type ST Offset Length
I (172) boot: 0 factory factory app 00 00 00010000 00150000
I (186) boot: 1 storage Unknown data 01 81 00160000 00050000
I (193) boot: End of partition table
I (287) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (355) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68) load
I (422) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708) load
I (491) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (567) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120) load
I (635) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644) load
I (750) boot: Loaded app from partition at offset 0x10000
I (752) boot: Checking flash encryption...
I (769) flash_encrypt: flash encryption is enabled (1 plaintext flashes left)
I (776) boot: Disabling RNG early entropy source...
W (847) pmu_pvt: blk_version is less than 2, pvt auto dbias init not supported in efuse.
I (855) cpu_start: Multicore app
I (890) cpu_start: GPIO 38 and 37 are used as console UART I/O pins
I (901) cpu_start: Pro cpu start user code
I (905) cpu_start: cpu freq: 400000000 Hz
I (914) app_init: Application information:
I (918) app_init: Project name: crypto_test
I (922) app_init: App version: qa-test-esp32c61-master-2025070
I (928) app_init: Compile time: Oct 14 2025 08:50:07
I (933) app_init: ELF file SHA256: 847005dd4...
I (938) app_init: ESP-IDF: v6.0-dev-2918-g6629f96afca-dirt
I (949) efuse_init: Min chip rev: v3.0
I (953) efuse_init: Max chip rev: v3.99
I (957) efuse_init: Chip rev: v3.0
I (1126) heap_init: Initializing. RAM available for dynamic allocation:
I (1137) heap_init: At 4FF33B20 len 000874A0 (541 KiB): RAM
I (1143) heap_init: At 4FFBAFC0 len 00004BF0 (18 KiB): RAM
I (1153) heap_init: At 50108080 len 00007F80 (31 KiB): RTCRAM
I (1163) heap_init: At 30100044 len 00001FBC (7 KiB): TCM
I (1261) spi_flash: detected chip: gd
I (1264) spi_flash: flash io: dio
W (1267) spi_flash: Detected size(16384k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
W (1293) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (1357) main_task: Started on CPU0
I (1407) main_task: Calling app_main()
I (1407) main_task: Returned from app_main()
Example to check Flash Encryption status
This is esp32p4 chip with 2 CPU core(s), WiFi, silicon revision v0.0, 2MB external flash
FLASH_CRYPT_CNT eFuse value is 1
Flash encryption feature is enabled in DEVELOPMENT mode
------
docs/en/security/flash-encryption.rst
+303 -98
View File
@@ -13,7 +13,7 @@ This is a quick start guide to {IDF_TARGET_NAME}'s flash encryption feature. Usi
.. note::
In this guide, most used commands are in the form of ``idf.py secure-<command>``, which is a wrapper around corresponding ``espsecure <command>``. The ``idf.py`` based commands provides more user-friendly experience, although may lack some of the advanced functionality of their ``espsecure`` based counterparts.
In this guide, most used commands are in the form of ``idf.py secure-<command>``, which is a wrapper around corresponding ``espsecure <command>``. The ``idf.py`` based commands provide a more user-friendly experience, although may lack some of the advanced functionality of their ``espsecure`` based counterparts.
Introduction
------------
@@ -26,7 +26,7 @@ Flash encryption is intended for encrypting the contents of the {IDF_TARGET_NAME
.. important::
For production use, flash encryption should be enabled in the "Release" mode only.
For production use, flash encryption should be enabled in the release mode only.
.. important::
@@ -73,7 +73,7 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- 2
* - ``flash_encryption`` (block1)
- AES key storage.
- 256 bit key block
- 256-bit key block
* - ``FLASH_CRYPT_CONFIG``
- Controls the AES encryption process.
- 4
@@ -84,7 +84,7 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- If set, disables flash decryption while running in UART Firmware Download mode.
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- A :math:`2^n` number that indicating whether the contents of flash have been encrypted.
- A :math:`2^n` number indicating whether the contents of flash have been encrypted.
* If an odd number of bits are set (e.g., ``0b0000001`` or ``0b0000111``), this indicates the contents of flash are encrypted. The contents will need to be transparently decrypted when read.
* If an even number of bits are set (e.g., ``0b0000000`` or ``0b0000011``), this indicates the contents of flash are unencrypted (i.e., plain text).
@@ -93,7 +93,35 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- 7
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED
.. list-table:: eFuses Used in Flash Encryption
:widths: 25 40 10
:header-rows: 0
* - **eFuse**
- **Description**
- **Bit Depth**
* - ``BLOCK_KEYN``
- AES key storage. N is between 0 and 5. When using a Key Manager-based key, this eFuse is not used.
- One 256-bit key block for XTS_AES_128; two 256-bit key blocks for XTS_AES_256 (512-bit total).
* - ``KEY_PURPOSE_N``
- Controls the purpose of eFuse block ``BLOCK_KEYN``, where N is between 0 and 5. Possible values: ``2`` for ``XTS_AES_256_KEY_1``, ``3`` for ``XTS_AES_256_KEY_2``, and ``4`` for ``XTS_AES_128_KEY``. Final AES key is derived based on the value of one or two of these purpose eFuses. For a detailed description of the possible combinations, see **{IDF_TARGET_NAME} Technical Reference Manual** > **External Memory Encryption and Decryption (XTS_AES)** [`PDF <{IDF_TARGET_TRM_EN_URL}#extmemencr>`__]. When enabling Flash Encryption using a Key Manager-based key, this eFuse is not used.
- 4
* - ``KM_XTS_KEY_LENGTH_256``
- When enabling Flash Encryption using a Key Manager-based key, this eFuse is used to control the length of the XTS-AES key. Set this eFuse to 1 to use a 128-bit key, and to 0 to use a 256-bit key. This eFuse field is unused when enabling Flash Encryption using an eFuse-based key.
- 1
* - ``FORCE_USE_KEY_MANAGER_KEY``
- When enabling Flash Encryption using a Key Manager-based key, this eFuse is used to force the Key Manager to use the XTS-AES key. Set the bit 1 of this eFuse to use the Key Manager-based key. This eFuse field is unused when enabling Flash Encryption using an eFuse-based key.
- 1
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- If set, disables Flash Encryption when in download bootmodes.
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- Enables encryption and decryption, when an SPI boot mode is set. Feature is enabled if 1 or 3 bits are set in the eFuse, disabled otherwise.
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED
.. list-table:: eFuses Used in Flash Encryption
:widths: 25 40 10
@@ -104,9 +132,9 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- **Bit Depth**
* - ``BLOCK_KEYN``
- AES key storage. N is between 0 and 5.
- One 256 bit key block for XTS_AES_128, Two 256 bit key blocks for XTS_AES_256 (512 bit total)
- One 256-bit key block for XTS_AES_128, Two 256-bit key blocks for XTS_AES_256 (512 bit total)
* - ``KEY_PURPOSE_N``
- Controls the purpose of eFuse block ``BLOCK_KEYN``, where N is between 0 and 5. Possible values: ``2`` for ``XTS_AES_256_KEY_1`` , ``3`` for ``XTS_AES_256_KEY_2``, and ``4`` for ``XTS_AES_128_KEY``. Final AES key is derived based on the value of one or two of these purpose eFuses. For a detailed description of the possible combinations, see *{IDF_TARGET_NAME} Technical Reference Manual* > *External Memory Encryption and Decryption (XTS_AES)* [`PDF <{IDF_TARGET_TRM_EN_URL}#extmemencr>`__].
- Controls the purpose of eFuse block ``BLOCK_KEYN``, where N is between 0 and 5. Possible values: ``2`` for ``XTS_AES_256_KEY_1`` , ``3`` for ``XTS_AES_256_KEY_2``, and ``4`` for ``XTS_AES_128_KEY``. Final AES key is derived based on the value of one or two of these purpose eFuses. For a detailed description of the possible combinations, see **{IDF_TARGET_NAME} Technical Reference Manual** > **External Memory Encryption and Decryption (XTS_AES)** [`PDF <{IDF_TARGET_TRM_EN_URL}#extmemencr>`__].
- 4
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- If set, disables flash encryption when in download bootmodes.
@@ -115,7 +143,35 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- Enables encryption and decryption, when an SPI boot mode is set. Feature is enabled if 1 or 3 bits are set in the eFuse, disabled otherwise.
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and SOC_KEY_MANAGER_SUPPORTED
.. list-table:: eFuses Used in Flash Encryption
:widths: 25 40 10
:header-rows: 0
* - **eFuse**
- **Description**
- **Bit Depth**
* - ``BLOCK_KEYN``
- AES key storage. N is between 0 and 5. When using a Key Manager-based key, this eFuse is not used.
- 256-bit key block.
* - ``KEY_PURPOSE_N``
- Control the purpose of eFuse block ``BLOCK_KEYN``, where N is between 0 and 5. For flash encryption, the only valid value is ``4`` for ``XTS_AES_128_KEY``. When enabling Flash Encryption using a Key Manager-based key, this eFuse is not used.
- 4
* - ``KM_XTS_KEY_LENGTH_256``
- When enabling Flash Encryption using a Key Manager-based key, this eFuse is used to control the length of the XTS-AES key. Set this eFuse to 1 to use a 128-bit key, and to 0 to use a 256-bit key. This eFuse field is unused when enabling Flash Encryption using an eFuse-based key.
- 1
* - ``FORCE_USE_KEY_MANAGER_KEY``
- When enabling Flash Encryption using a Key Manager-based key, this eFuse is used to force the Key Manager to use the XTS-AES key. Set the bit 1 of this eFuse to use the Key Manager-based key. This eFuse field is unused when enabling Flash Encryption using an eFuse-based key.
- 1
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- If set, disable flash encryption when in download bootmodes.
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- Enable encryption and decryption, when an SPI boot mode is set. Feature is enabled if 1 or 3 bits are set in the eFuse, disabled otherwise.
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and not SOC_KEY_MANAGER_SUPPORTED
.. list-table:: eFuses Used in Flash Encryption
:widths: 25 40 10
@@ -126,7 +182,7 @@ The flash encryption operation is controlled by various eFuses available on {IDF
- **Bit Depth**
* - ``BLOCK_KEYN``
- AES key storage. N is between 0 and 5.
- 256 bit key block
- 256-bit key block
* - ``KEY_PURPOSE_N``
- Control the purpose of eFuse block ``BLOCK_KEYN``, where N is between 0 and 5. For flash encryption, the only valid value is ``4`` for ``XTS_AES_128_KEY``.
- 4
@@ -181,7 +237,7 @@ Assuming that the eFuse values are in their default states and the second stage
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b0000000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. It also sets the ``FLASH_CRYPT_CONFIG`` eFuse to 0xF. For more information on the flash encryption block, see *{IDF_TARGET_NAME} Technical Reference Manual* > *eFuse Controller (eFuse)* > *Flash Encryption Block* [`PDF <{IDF_TARGET_TRM_EN_URL}#efuse>`__].
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b0000000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. It also sets the ``FLASH_CRYPT_CONFIG`` eFuse to 0xF. For more information on the flash encryption block, see **{IDF_TARGET_NAME} Technical Reference Manual** > **eFuse Controller (eFuse)** > **Flash Encryption Block** [`PDF <{IDF_TARGET_TRM_EN_URL}#efuse>`__].
3. Second stage bootloader first checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool), then the process of key generation is skipped and the same key is used for flash encryption process. Otherwise, Second stage bootloader uses RNG (random) module to generate an AES-256 bit key and then writes it into the ``flash_encryption`` eFuse. The key cannot be accessed via software as the write and read protection bits for the ``flash_encryption`` eFuse are set. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software.
@@ -195,13 +251,46 @@ Assuming that the eFuse values are in their default states and the second stage
8. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see *{IDF_TARGET_NAME} Technical Reference Manual* > *eFuse Controller (eFuse)* > *Auto Encryption Block* [`PDF <{IDF_TARGET_TRM_EN_URL}#efuse>`__].
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see **{IDF_TARGET_NAME} Technical Reference Manual** > **eFuse Controller (eFuse)** > **Manual Encryption Block** [`PDF <{IDF_TARGET_TRM_EN_URL}#efuse>`__].
3. Second stage bootloader first checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool) then the process of key generation is skipped and the same key is used for flash encryption process. Otherwise, second stage bootloader uses RNG (random) module to generate an 256 bit or 512 bit key, depending on the value of :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`, and then writes it into respectively one or two `BLOCK_KEYN` eFuses. The software also updates the ``KEY_PURPOSE_N`` for the blocks where the keys were stored. The key cannot be accessed via software as the write and read protection bits for one or two `BLOCK_KEYN` eFuses are set. ``KEY_PURPOSE_N`` field is write-protected as well. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software.
3. Second stage bootloader first checks if a valid key already exists, to decide whether to skip the key generation step:
- If Flash Encryption is intended to be enabled using an eFuse-based key, it checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool).
- If Flash Encryption is intended to be enabled using a Key Manager-based key, it checks if there exists a valid key recovery info in the flash memory at the addresses: 0x0 and 0x1000.
If the check passes, the process of key generation is skipped and the same key is used for the flash encryption process.
4. Otherwise, if using an eFuse-based key, second stage bootloader uses RNG (random) module to generate an 256-bit or 512-bit key, depending on the value of :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`, and then writes it into respectively one or two ``BLOCK_KEYN`` eFuses. The software also updates the ``KEY_PURPOSE_N`` for the blocks where the keys were stored. The key cannot be accessed via software as the write and read protection bits for one or two ``BLOCK_KEYN`` eFuses are set. ``KEY_PURPOSE_N`` field is write-protected as well. Whereas if using a Key Manager-based key, second stage bootloader writes the key recovery info to the flash memory at the address 0x0, followed by programming the ``KM_XTS_KEY_LENGTH_256`` and the ``FORCE_USE_KEY_MANAGER_KEY`` eFuses. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software.
5. Flash encryption block encrypts the flash contents the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
6. Second stage bootloader sets the first available bit in ``{IDF_TARGET_CRYPT_CNT}`` (0b001) to mark the flash contents as encrypted. Odd number of bits is set.
7. For :ref:`flash-enc-development-mode`, the second stage bootloader allows the UART bootloader to re-flash encrypted binaries. Also, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits are NOT write-protected. In addition, the second stage bootloader by default sets the following eFuse bits:
.. list::
:esp32s2: - ``DIS_BOOT_REMAP``
- ``DIS_DOWNLOAD_ICACHE``
- ``DIS_DOWNLOAD_DCACHE``
- ``HARD_DIS_JTAG``
- ``DIS_LEGACY_SPI_BOOT``
8. For :ref:`flash-enc-release-mode`, the second stage bootloader sets all the eFuse bits set under development mode as well as ``DIS_DOWNLOAD_MANUAL_ENCRYPT``. It also write-protects the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits. To modify this behavior, see :ref:`uart-bootloader-encryption`.
9. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see **{IDF_TARGET_NAME} Technical Reference Manual** > **eFuse Controller (eFuse)** > **Auto Encryption Block** [`PDF <{IDF_TARGET_TRM_EN_URL}#efuse>`__].
3. Second stage bootloader first checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool) then the process of key generation is skipped and the same key is used for flash encryption process. Otherwise, second stage bootloader uses RNG (random) module to generate a 256-bit or 512-bit key, depending on the value of :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`, and then writes it into respectively one or two ``BLOCK_KEYN`` eFuses. The software also updates the ``KEY_PURPOSE_N`` for the blocks where the keys were stored. The key cannot be accessed via software as the write and read protection bits for one or two `BLOCK_KEYN` eFuses are set. ``KEY_PURPOSE_N`` field is write-protected as well. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software.
4. Flash encryption block encrypts the flash contents - the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
@@ -221,31 +310,58 @@ Assuming that the eFuse values are in their default states and the second stage
8. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and SOC_KEY_MANAGER_SUPPORTED
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see `{IDF_TARGET_NAME} Technical Reference Manual <{IDF_TARGET_TRM_EN_URL}>`_.
3. Second stage bootloader first checks if a valid key already exists, to decide whether to skip the key generation step:
- If Flash Encryption is intended to be enabled using an eFuse-based key, it checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool).
- If Flash Encryption is intended to be enabled using a Key Manager-based key, it checks if there exists a valid key recovery info in the flash memory at the addresses: 0x0 and 0x1000.
If the check passes, the process of key generation is skipped and the same key is used for the flash encryption process.
4. Otherwise, if using an eFuse-based key second stage bootloader uses RNG (random) module to generate a 256-bit key, and then writes it into respectively one ``BLOCK_KEYN`` eFuse block. The software also updates the ``KEY_PURPOSE_N`` for the block where the key were stored. The key cannot be accessed via software as the write and read protection bits for the ``BLOCK_KEYN`` eFuse block is set. ``KEY_PURPOSE_N`` field is write-protected as well. Whereas if using a Key Manager-based key, second stage bootloader writes the key recovery info to the flash memory at the address 0x0, followed by programming the ``KM_XTS_KEY_LENGTH_256`` and the ``FORCE_USE_KEY_MANAGER_KEY`` eFuses. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software.
5. Flash encryption block encrypts the flash contents - the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
6. Second stage bootloader sets the first available bit in ``{IDF_TARGET_CRYPT_CNT}`` (0b001) to mark the flash contents as encrypted. Odd number of bits is set.
7. For :ref:`flash-enc-development-mode`, the second stage bootloader allows the UART bootloader to re-flash encrypted binaries. Also, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits are NOT write-protected. In addition, the second stage bootloader by default sets the eFuse bits ``DIS_DOWNLOAD_ICACHE``, ``DIS_PAD_JTAG``, ``DIS_USB_JTAG`` and ``DIS_LEGACY_SPI_BOOT``.
8. For :ref:`flash-enc-release-mode`, the second stage bootloader sets all the eFuse bits set under development mode as well as ``DIS_DOWNLOAD_MANUAL_ENCRYPT``. It also write-protects the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits. To modify this behavior, see :ref:`uart-bootloader-encryption`.
9. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. Second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see `{IDF_TARGET_NAME} Technical Reference Manual <{IDF_TARGET_TRM_EN_URL}>`_.
3. Second stage bootloader uses RNG (random) module to generate an 256 bit key and then writes it into `BLOCK_KEYN` eFuse. The software also updates the ``KEY_PURPOSE_N`` for the block where the key is stored. The key cannot be accessed via software as the write and read protection bits for `BLOCK_KEYN` eFuse are set. ``KEY_PURPOSE_N`` field is write-protected as well. The flash encryption is completely conducted by hardware, and the key cannot be accessed via software. If a valid key is already present in the eFuse (e.g., burned using espefuse tool) then the process of key generation is skipped and the same key is used for flash encryption process.
3. Second stage bootloader first checks if a valid key is already present in the eFuse (e.g., burned using espefuse tool), then the process of key generation is skipped and the same key is used for flash encryption process.
4. Flash encryption block encrypts the flash contents - the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
4. Otherwise, second stage bootloader uses RNG (random) module to generate a 256-bit key and then writes it into ``BLOCK_KEYN`` eFuse. The software also updates the ``KEY_PURPOSE_N`` for the block where the key is stored. The key cannot be accessed via software as the write and read protection bits for ``BLOCK_KEYN`` eFuse are set. ``KEY_PURPOSE_N`` field is write-protected as well. The flash encryption is completely conducted by hardware, and the key cannot be accessed via software.
5. Second stage bootloader sets the first available bit in ``{IDF_TARGET_CRYPT_CNT}`` (0b001) to mark the flash contents as encrypted. Odd number of bits is set.
5. Flash encryption block encrypts the flash contents - the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
6. For :ref:`flash-enc-development-mode`, the second stage bootloader allows the UART bootloader to re-flash encrypted binaries. Also, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits are NOT write-protected. In addition, the second stage bootloader by default sets the eFuse bits ``DIS_DOWNLOAD_ICACHE``, ``DIS_PAD_JTAG``, ``DIS_USB_JTAG`` and ``DIS_LEGACY_SPI_BOOT``.
6. Second stage bootloader sets the first available bit in ``{IDF_TARGET_CRYPT_CNT}`` (0b001) to mark the flash contents as encrypted. Odd number of bits is set.
7. For :ref:`flash-enc-release-mode`, the second stage bootloader sets all the eFuse bits set under development mode as well as ``DIS_DOWNLOAD_MANUAL_ENCRYPT``. It also write-protects the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits. To modify this behavior, see :ref:`uart-bootloader-encryption`.
7. For :ref:`flash-enc-development-mode`, the second stage bootloader allows the UART bootloader to re-flash encrypted binaries. Also, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits are NOT write-protected. In addition, the second stage bootloader by default sets the eFuse bits ``DIS_DOWNLOAD_ICACHE``, ``DIS_PAD_JTAG``, ``DIS_USB_JTAG`` and ``DIS_LEGACY_SPI_BOOT``.
8. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
8. For :ref:`flash-enc-release-mode`, the second stage bootloader sets all the eFuse bits set under development mode as well as ``DIS_DOWNLOAD_MANUAL_ENCRYPT``. It also write-protects the ``{IDF_TARGET_CRYPT_CNT}`` eFuse bits. To modify this behavior, see :ref:`uart-bootloader-encryption`.
9. The device is then rebooted to start executing the encrypted image. The second stage bootloader calls the flash decryption block to decrypt the flash contents and then loads the decrypted contents into IRAM.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloaders loads the second stage bootloader.
1. On the first power-on reset, all data in flash is un-encrypted (plaintext). The first stage (ROM) bootloader loads the second stage bootloader.
2. The second stage bootloader reads the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value (``0b000``). Since the value is ``0`` (even number of bits set), it configures and enables the flash encryption block. For more information on the flash encryption block, see `{IDF_TARGET_NAME} Technical Reference Manual <{IDF_TARGET_TRM_EN_URL}>`_.
3. The second stage bootloader uses RNG (random) module to generate an 256 or 128 bit key (depends on :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`) and then writes it into `BLOCK_KEY0` eFuse. The software also updates the ``XTS_KEY_LENGTH_256`` according to the chosen option. The key cannot be accessed via software as the write and read protection bits for ``BLOCK_KEY0`` eFuse are set. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software. If 128-bit flash encryption key is used, then only the lower 128 bits of the eFuse key block are read-protected, the remaining 128 bits are readable, which is required for secure boot. The entire eFuse block is write-protected. If the FE key is 256 bits long, then ``XTS_KEY_LENGTH_256`` is 1, otherwise it is 0. To prevent this eFuse from being accidentally changed in the future (from 0 to 1), we set a write-protect bit for the RELEASE mode. If a valid key is already present in the eFuse (e.g., burned using espefuse tool) then the process of key generation is skipped and the same key is used for flash encryption process.
3. The second stage bootloader uses RNG (random) module to generate an 256 or 128 bit key (depends on :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`) and then writes it into `BLOCK_KEY0` eFuse. The software also updates the ``XTS_KEY_LENGTH_256`` according to the chosen option. The key cannot be accessed via software as the write and read protection bits for ``BLOCK_KEY0`` eFuse are set. The flash encryption operations happen entirely by hardware, and the key cannot be accessed via software. If 128-bit flash encryption key is used, then only the lower 128 bits of the eFuse key block are read-protected, the remaining 128 bits are readable, which is required for secure boot. The entire eFuse block is write-protected. If the FE key is 256 bits long, then ``XTS_KEY_LENGTH_256`` is 1, otherwise it is 0. To prevent this eFuse from being accidentally changed in the future (from 0 to 1), we set a write-protect bit for the release mode. If a valid key is already present in the eFuse (e.g., burned using espefuse tool) then the process of key generation is skipped and the same key is used for flash encryption process.
4. Flash encryption block encrypts the flash contents - the second stage bootloader, applications and partitions marked as ``encrypted``. Encrypting in-place can take time, up to a minute for large partitions.
@@ -297,14 +413,15 @@ To test flash encryption process, take the following steps:
.. list::
- :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`.
- :ref:`Select encryption mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (**Development mode** by default).
- :ref:`Select encryption mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (**development mode** by default).
:esp32: - :ref:`Select UART ROM download mode <CONFIG_SECURE_UART_ROM_DL_MODE>` (**enabled** by default). Note that for the ESP32 target, the choice is only available when :ref:`CONFIG_ESP32_REV_MIN` level is set to 3 (ESP32 V3).
:not esp32: - :ref:`Select UART ROM download mode <CONFIG_SECURE_UART_ROM_DL_MODE>` (**enabled** by default).
:SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS: - Set :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`.
:SOC_KEY_MANAGER_SUPPORTED: - :ref:`Select the key source for the Flash Encryption key <CONFIG_SECURE_FLASH_ENCRYPTION_KEY_SOURCE>`.
- :ref:`Select the appropriate bootloader log verbosity <CONFIG_BOOTLOADER_LOG_LEVEL>`.
- Save the configuration and exit.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
3. Run the command given below to build and flash the complete images.
@@ -318,13 +435,27 @@ Enabling flash encryption will increase the size of bootloader, which might requ
This command will write to flash memory unencrypted images: the second stage bootloader, the partition table and applications. Once the flashing is complete, {IDF_TARGET_NAME} will reset. On the next boot, the second stage bootloader encrypts: the second stage bootloader, application partitions and partitions marked as ``encrypted`` then resets. Encrypting in-place can take time, up to a minute for large partitions. After that, the application is decrypted at runtime and executed.
A sample output of the first {IDF_TARGET_NAME} boot after enabling flash encryption is given below:
.. only:: SOC_KEY_MANAGER_SUPPORTED
A sample output of the first {IDF_TARGET_NAME} boot after enabling flash encryption using a Key Manager-based key is given below:
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: first_boot_enc_km
:end-before: ------
A sample output of subsequent {IDF_TARGET_NAME} boot mentions that Flash Encryption is already enabled (ESP-ROM log mentions that the Key Manager-based key is being used):
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: already_en_enc_km
:end-before: ------
A sample output of the first {IDF_TARGET_NAME} boot after enabling flash encryption using an eFuse-based key is given below:
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: first_boot_enc
:end-before: ------
A sample output of subsequent {IDF_TARGET_NAME} boots just mentions that flash encryption is already enabled:
A sample output of subsequent {IDF_TARGET_NAME} boot mentions that Flash Encryption is already enabled:
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: already_en_enc
@@ -338,7 +469,7 @@ At this stage, if you need to update and re-flash binaries, see :ref:`encrypt-pa
Using Host Generated Key
""""""""""""""""""""""""
It is possible to pre-generate a flash encryption key on the host computer and burn it into the eFuse. This allows you to pre-encrypt data on the host and flash already encrypted data without needing a plaintext flash update. This feature can be used in both :ref:`flash-enc-development-mode` and :ref:`flash-enc-release-mode`. Without a pre-generated key, data is flashed in plaintext and then {IDF_TARGET_NAME} encrypts the data in-place.
It is possible to pre-generate a flash encryption key on the host computer and program it into the device. This allows you to pre-encrypt data on the host and flash already encrypted data without needing a plaintext flash update. This feature can be used in both :ref:`flash-enc-development-mode` and :ref:`flash-enc-release-mode`. Without a pre-generated key, data is flashed in plaintext and then {IDF_TARGET_NAME} encrypts the data in-place.
.. note::
@@ -350,7 +481,7 @@ It is possible to pre-generate a flash encryption key on the host computer and b
Note that {IDF_TARGET_NAME} only has one eFuse key block for both Secure Boot and Flash Encryption keys. Therefore, writing the host-generated Flash Encryption key must be done with Secure Boot key (if used), otherwise Secure Boot cannot be used.
To use a host generated key, take the following steps:
To use a host generated key and program it into the eFuses of the device, take the following steps:
1. Ensure that you have an {IDF_TARGET_NAME} device with default flash encryption eFuse settings as shown in :ref:`flash-encryption-efuse`.
@@ -421,13 +552,13 @@ To use a host generated key, take the following steps:
idf.py --port PORT efuse-burn-key BLOCK my_flash_encryption_key.bin XTS_AES_128_KEY
For AES-256 (512-bit key) - ``XTS_AES_256_KEY_1`` and ``XTS_AES_256_KEY_2``. ``idf.py`` supports burning both these two key purposes together with a 512 bit key to two separate key blocks via the virtual key purpose ``XTS_AES_256_KEY``. When this is used ``idf.py`` will burn the first 256 bit of the key to the specified ``BLOCK`` and burn the corresponding block key purpose to ``XTS_AES_256_KEY_1``. The last 256 bit of the key will be burned to the first free key block after ``BLOCK`` and the corresponding block key purpose to ``XTS_AES_256_KEY_2``
For AES-256 (512-bit key) - ``XTS_AES_256_KEY_1`` and ``XTS_AES_256_KEY_2``. ``idf.py`` supports burning both these two key purposes together with a 512 bit key to two separate key blocks via the virtual key purpose ``XTS_AES_256_KEY``. When this is used ``idf.py`` will burn the first 256 bits of the key to the specified ``BLOCK`` and burn the corresponding block key purpose to ``XTS_AES_256_KEY_1``. The last 256 bits of the key will be burned to the first free key block after ``BLOCK`` and the corresponding block key purpose to ``XTS_AES_256_KEY_2``
.. code-block:: bash
idf.py --port PORT efuse-burn-key BLOCK my_flash_encryption_key.bin XTS_AES_256_KEY
If you wish to specify exactly which two blocks are used then it is possible to divide key into two 256 bit keys, and manually burn each half with ``XTS_AES_256_KEY_1`` and ``XTS_AES_256_KEY_2`` as key purposes:
If you wish to specify exactly which two blocks are used then it is possible to divide key into two 256-bit keys, and manually burn each half with ``XTS_AES_256_KEY_1`` and ``XTS_AES_256_KEY_2`` as key purposes:
.. code-block:: bash
@@ -469,12 +600,12 @@ To use a host generated key, take the following steps:
4. In :ref:`project-configuration-menu`, do the following:
- :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`Select encryption mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (**Development mode** by default)
- :ref:`Select the appropriate bootloader log verbosity <CONFIG_BOOTLOADER_LOG_LEVEL>`
- Save the configuration and exit.
- :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`Select encryption mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (**development mode** by default)
- :ref:`Select the appropriate bootloader log verbosity <CONFIG_BOOTLOADER_LOG_LEVEL>`
- Save the configuration and exit.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
5. Run the command given below to build and flash the complete images.
@@ -488,9 +619,75 @@ Enabling flash encryption will increase the size of bootloader, which might requ
This command will write to flash memory unencrypted images: the second stage bootloader, the partition table and applications. Once the flashing is complete, {IDF_TARGET_NAME} will reset. On the next boot, the second stage bootloader encrypts: the second stage bootloader, application partitions and partitions marked as ``encrypted`` then resets. Encrypting in-place can take time, up to a minute for large partitions. After that, the application is decrypted at runtime and executed.
If using Development Mode, then the easiest way to update and re-flash binaries is :ref:`encrypt-partitions`.
.. only:: SOC_KEY_MANAGER_SUPPORTED
If using Release Mode, then it is possible to pre-encrypt the binaries on the host and then flash them as ciphertext. See :ref:`manual-encryption`.
To use a host generated key and deploy it into the device's Key Manager of the device, take the following steps:
1. Ensure that you have an {IDF_TARGET_NAME} device with default flash encryption eFuse settings as shown in :ref:`flash-encryption-efuse`.
See how to check :ref:`flash-encryption-status`.
2. Generate a random key by running:
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
If :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` is AES-128 (256-bit key):
.. code-block:: bash
idf.py secure-generate-flash-encryption-key my_flash_encryption_key.bin
else if :ref:`Size of generated XTS-AES key <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` is AES-256 (512-bit key):
.. code-block:: bash
idf.py secure-generate-flash-encryption-key --keylen 512 my_flash_encryption_key.bin
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
.. code-block:: bash
idf.py secure-generate-flash-encryption-key my_flash_encryption_key.bin
3. **Before the first encrypted boot**, deploy the key into your device's Key Manager via its AES-deploy mode, using an init key and an auxiliary key.
4. The deployment process will generate key recovery information for the deployed key. Store the information at the flash address 0x0 using the following command:
.. code-block:: bash
esptool --port PORT --baud BAUD write-flash 0x0 key_recovery_info.bin
If the key is not deployed and the device is started after enabling Flash Encryption, the {IDF_TARGET_NAME} will generate and deploy a random key that software cannot access or modify.
.. note::
This command does not include any user files which should be written to the partitions on the flash memory. Please write them manually before running this command. Otherwise, the files should be encrypted separately before writing.
5. In :ref:`project-configuration-menu`, do the following:
- :ref:`Enable Flash Encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`Select encryption mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (**development mode** by default)
- :ref:`Select Flash Encryption key source as the Key Manager <CONFIG_SECURE_FLASH_ENCRYPTION_KEY_SOURCE>`
- :ref:`Select the appropriate bootloader log verbosity <CONFIG_BOOTLOADER_LOG_LEVEL>`
- Save the configuration and exit.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
6. Run the command given below to build and flash the complete images.
.. code-block:: bash
idf.py flash monitor
.. note::
This command does not include any user files which should be written to the partitions on the flash memory. Please write them manually before running this command. Otherwise, the files should be encrypted separately before writing.
If using development mode, then the easiest way to update and re-flash binaries is :ref:`encrypt-partitions`.
If using release mode, then it is possible to pre-encrypt the binaries on the host and then flash them as ciphertext. See :ref:`manual-encryption`.
.. _encrypt-partitions:
@@ -504,7 +701,7 @@ If you update your application code (done in plaintext) and want to re-flash it,
idf.py encrypted-app-flash monitor
If all partitions needs to be updated in encrypted format, run:
If all partitions need to be updated in encrypted format, run:
.. code-block:: bash
@@ -519,7 +716,7 @@ If all partitions needs to be updated in encrypted format, run:
Release Mode
^^^^^^^^^^^^
In Release mode, UART bootloader cannot perform flash encryption operations. New plaintext images can ONLY be downloaded using the over-the-air (OTA) scheme which will encrypt the plaintext image before writing to flash.
In release mode, UART bootloader cannot perform flash encryption operations. New plaintext images can ONLY be downloaded using the over-the-air (OTA) scheme which will encrypt the plaintext image before writing to flash.
To use this mode, take the following steps:
@@ -531,16 +728,16 @@ To use this mode, take the following steps:
.. list::
- :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`.
:esp32: - :ref:`Select Release mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>`. (Note that once Release mode is selected, the ``DISABLE_DL_ENCRYPT`` and ``DISABLE_DL_DECRYPT`` eFuse bits will be burned to disable flash encryption hardware in ROM Download Mode.)
- :ref:`Enable Flash Encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`.
:esp32: - :ref:`Select release mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>`. (Note that once release mode is selected, the ``DISABLE_DL_ENCRYPT`` and ``DISABLE_DL_DECRYPT`` eFuse bits will be burned to disable flash encryption hardware in ROM Download Mode.)
:esp32: - :ref:`Select UART ROM download mode (Permanently disabled (recommended)) <CONFIG_SECURE_UART_ROM_DL_MODE>` (Note that this option is only available when :ref:`CONFIG_ESP32_REV_MIN` is set to 3 (ESP32 V3).) The default choice is to keep UART ROM download mode enabled, however it is recommended to permanently disable this mode to reduce the options available to an attacker.
:not esp32: - :ref:`Select Release mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>`. (Note that once Release mode is selected, the ``EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT`` eFuse bit will be burned to disable flash encryption hardware in ROM Download Mode.)
:not esp32: - :ref:`Select release mode <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>`. (Note that once release mode is selected, the ``EFUSE_DIS_DOWNLOAD_MANUAL_ENCRYPT`` eFuse bit will be burned to disable flash encryption hardware in ROM Download Mode.)
:not esp32: - :ref:`Select UART ROM download mode (Permanently switch to Secure mode (recommended)) <CONFIG_SECURE_UART_ROM_DL_MODE>`. This is the default option, and is recommended. It is also possible to change this configuration setting to permanently disable UART ROM download mode, if this mode is not needed.
:SOC_FLASH_ENCRYPTION_XTS_AES_SUPPORT_PSEUDO_ROUND: - :ref:`Select enable XTS-AES's pseudo rounds function <CONFIG_SECURE_FLASH_PSEUDO_ROUND_FUNC>`. This option is selected by default and its strength is configured to level low considering the performance impact on the flash encryption/decryption operations. Please refer to :ref:`xts-aes-pseudo-round-func` for more information regarding the performance impact per security level.
- :ref:`Select the appropriate bootloader log verbosity <CONFIG_BOOTLOADER_LOG_LEVEL>`.
- Save the configuration and exit.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
3. Run the command given below to build and flash the complete images.
@@ -555,7 +752,7 @@ Enabling flash encryption will increase the size of bootloader, which might requ
This command will write to flash memory unencrypted images: the second stage bootloader, the partition table and applications. Once the flashing is complete, {IDF_TARGET_NAME} will reset. On the next boot, the second stage bootloader encrypts: the second stage bootloader, application partitions and partitions marked as ``encrypted`` then resets. Encrypting in-place can take time, up to a minute for large partitions. After that, the application is decrypted at runtime and executed.
Once the flash encryption is enabled in Release mode, the bootloader will write-protect the ``{IDF_TARGET_CRYPT_CNT}`` eFuse.
Once the flash encryption is enabled in release mode, the bootloader will write-protect the ``{IDF_TARGET_CRYPT_CNT}`` eFuse.
For subsequent plaintext field updates, use :ref:`OTA scheme <updating-encrypted-flash-ota>`.
@@ -574,7 +771,7 @@ When using Flash Encryption in production:
- Do not reuse the same flash encryption key between multiple devices. This means that an attacker who copies encrypted data from one device cannot transfer it to a second device.
:esp32: - When using ESP32 V3, if the UART ROM Download Mode is not needed for a production device then it should be disabled to provide an extra level of protection. Do this by calling :cpp:func:`esp_efuse_disable_rom_download_mode` during application startup. Alternatively, configure the project :ref:`CONFIG_ESP32_REV_MIN` level to 3 (targeting ESP32 V3 only) and select the :ref:`CONFIG_SECURE_UART_ROM_DL_MODE` to "Permanently disable ROM Download Mode (recommended)". The ability to disable ROM Download Mode is not available on earlier ESP32 versions.
:not esp32: - The UART ROM Download Mode should be disabled entirely if it is not needed, or permanently set to "Secure Download Mode" otherwise. Secure Download Mode permanently limits the available commands to updating SPI config, changing baud rate, basic flash write, and returning a summary of the currently enabled security features with the `get-security-info` command. The default behaviour is to set Secure Download Mode on first boot in Release mode. To disable Download Mode entirely, select :ref:`CONFIG_SECURE_UART_ROM_DL_MODE` to "Permanently disable ROM Download Mode (recommended)" or call :cpp:func:`esp_efuse_disable_rom_download_mode` at runtime.
:not esp32: - The UART ROM Download Mode should be disabled entirely if it is not needed, or permanently set to "Secure Download Mode" otherwise. Secure Download Mode permanently limits the available commands to updating SPI config, changing baud rate, basic flash write, and returning a summary of the currently enabled security features with the `get-security-info` command. The default behaviour is to set Secure Download Mode on first boot in release mode. To disable Download Mode entirely, select :ref:`CONFIG_SECURE_UART_ROM_DL_MODE` to "Permanently disable ROM Download Mode (recommended)" or call :cpp:func:`esp_efuse_disable_rom_download_mode` at runtime.
- Enable :doc:`Secure Boot <secure-boot-v2>` as an extra layer of protection, and to prevent an attacker from selectively corrupting any part of the flash before boot.
Enable Flash Encryption Externally
@@ -589,55 +786,55 @@ Once flash encryption is enabled, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value wil
1. If the bootloader partition is re-flashed with a **plaintext second stage bootloader image**, the first stage (ROM) bootloader will fail to load the second stage bootloader resulting in the following failure:
.. only:: esp32
.. only:: esp32
.. code-block:: bash
.. code-block:: bash
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
.. only:: not esp32
.. only:: not esp32
.. code-block:: bash
.. code-block:: bash
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
.. note::
.. note::
The value of invalid header will be different for every application.
The value of invalid header will be different for every application.
.. note::
.. note::
This error also appears if the flash contents are erased or corrupted.
This error also appears if the flash contents are erased or corrupted.
2. If the second stage bootloader is encrypted, but the partition table is re-flashed with a **plaintext partition table image**, the bootloader will fail to read the partition table resulting in the following failure:
@@ -700,7 +897,7 @@ Once flash encryption is enabled, the ``{IDF_TARGET_CRYPT_CNT}`` eFuse value wil
{IDF_TARGET_NAME} Flash Encryption Status
-----------------------------------------
1. Ensure that you have an {IDF_TARGET_NAME} device with default flash encryption eFuse settings as shown in :ref:`flash-encryption-efuse`.
Ensure that you have an {IDF_TARGET_NAME} device with default flash encryption eFuse settings as shown in :ref:`flash-encryption-efuse`.
To check if flash encryption on your {IDF_TARGET_NAME} device is enabled, do one of the following:
@@ -758,7 +955,7 @@ It is recommended to use the partition write function :cpp:func:`esp_partition_w
You can also pre-encrypt and write data using the function :cpp:func:`esp_flash_write_encrypted`
Also, the following ROM function exist but not supported in esp-idf applications:
Also, the following ROM functions exist but are not supported in ESP-IDF applications:
- ``esp_rom_spiflash_write_encrypted`` pre-encrypts and writes data to flash
- ``SPIWrite`` writes unencrypted data to flash
@@ -790,9 +987,9 @@ Updating Encrypted Flash via Serial
Flashing an encrypted device via serial bootloader requires that the serial bootloader download interface has not been permanently disabled via eFuse.
In Development Mode, the recommended method is :ref:`encrypt-partitions`.
In development mode, the recommended method is :ref:`encrypt-partitions`.
In Release Mode, if a copy of the same key stored in eFuse is available on the host then it is possible to pre-encrypt files on the host and then flash them. See :ref:`manual-encryption`.
In release mode, if a copy of the same key stored in eFuse is available on the host then it is possible to pre-encrypt files on the host and then flash them. See :ref:`manual-encryption`.
Disabling Flash Encryption
--------------------------
@@ -801,11 +998,11 @@ If flash encryption was enabled accidentally, flashing of plaintext data will so
.. only:: esp32
For flash encryption in Development mode, encryption can be disabled by burning the ``{IDF_TARGET_CRYPT_CNT}`` eFuse. It can only be done three times per chip by taking the following steps:
For flash encryption in development mode, encryption can be disabled by burning the ``{IDF_TARGET_CRYPT_CNT}`` eFuse. It can only be done three times per chip by taking the following steps:
.. only:: not esp32
For flash encryption in Development mode, encryption can be disabled by burning the ``{IDF_TARGET_CRYPT_CNT}`` eFuse. It can only be done one time per chip by taking the following steps:
For flash encryption in development mode, encryption can be disabled by burning the ``{IDF_TARGET_CRYPT_CNT}`` eFuse. It can only be done one time per chip by taking the following steps:
#. In :ref:`project-configuration-menu`, disable :ref:`Enable flash encryption on boot <CONFIG_SECURE_FLASH_ENC_ENABLED>`, then save and exit.
#. Open project configuration menu again and **double-check** that you have disabled this option! If this option is left enabled, the bootloader will immediately re-enable encryption when it boots.
@@ -828,7 +1025,9 @@ Key Points About Flash Encryption
:esp32: - The flash encryption algorithm is AES-256, where the key is "tweaked" with the offset address of each 32 byte block of flash. This means that every 32-byte block (two consecutive 16 byte AES blocks) is encrypted with a unique key derived from the flash encryption key.
:SOC_FLASH_ENCRYPTION_XTS_AES_256: - Flash memory contents is encrypted using XTS-AES-128 or XTS-AES-256. The flash encryption key is 256 bits and 512 bits respectively and stored in one or two ``BLOCK_KEYN`` eFuses internal to the chip and, by default, is protected from software access.
:SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED: - Flash memory contents are encrypted using XTS-AES-128 or XTS-AES-256. The flash encryption key is 256 bits and 512 bits respectively and stored in one or two ``BLOCK_KEYN`` eFuses internal to the chip and, by default, is protected from software access.
:SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED: - Flash memory contents are encrypted using XTS-AES-128 or XTS-AES-256, with respective key sizes of 256 or 512 bits. If using an eFuse-based key, the key is stored in one or two internal ``BLOCK_KEYN`` eFuses. However, if using a Key Manager-based key, the key is stored within the Key Manager itself. In either case, the key is protected from software access by default.
:SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED: - Flash memory contents is encrypted using XTS-AES-128. The flash encryption key is 256 bits and stored in one ``BLOCK_KEYN`` eFuse internal to the chip and, by default, is protected from software access.
@@ -844,9 +1043,9 @@ Key Points About Flash Encryption
Enabling flash encryption will increase the size of bootloader, which might require updating partition table offset. See :ref:`bootloader-size`.
.. important::
.. important::
Do not interrupt power to the {IDF_TARGET_NAME} while the first boot encryption pass is running. If power is interrupted, the flash contents will be corrupted and will require flashing with unencrypted data again. In this case, re-flashing will not count towards the flashing limit.
Do not interrupt power to the {IDF_TARGET_NAME} while the first boot encryption pass is running. If power is interrupted, the flash contents will be corrupted and will require flashing with unencrypted data again. In this case, re-flashing will not count towards the flashing limit.
.. _flash-encryption-limitations:
@@ -993,7 +1192,7 @@ However, before the first boot you can choose to keep any of these features enab
JTAG Debugging
^^^^^^^^^^^^^^
By default, when Flash Encryption is enabled (in either Development or Release mode) then JTAG debugging is disabled via eFuse. The bootloader does this on first boot, at the same time it enables flash encryption.
By default, when Flash Encryption is enabled (in either development or release mode) then JTAG debugging is disabled via eFuse. The bootloader does this on first boot, at the same time it enables flash encryption.
See :ref:`jtag-debugging-security-features` for more information about using JTAG Debugging with Flash Encryption.
@@ -1003,7 +1202,13 @@ See :ref:`jtag-debugging-security-features` for more information about using JTA
Manually Encrypting Files
^^^^^^^^^^^^^^^^^^^^^^^^^
Manually encrypting or decrypting files requires the flash encryption key to be pre-burned in eFuse (see :ref:`pregenerated-flash-encryption-key`) and a copy to be kept on the host. If the flash encryption is configured in Development Mode then it is not necessary to keep a copy of the key or follow these steps, the simpler :ref:`encrypt-partitions` steps can be used.
.. only:: SOC_KEY_MANAGER_SUPPORTED
Manually encrypting or decrypting files require the flash encryption key to be deployed in the Key Manager or pre-burned in eFuses (see :ref:`pregenerated-flash-encryption-key`) and a copy to be kept on the host. If the flash encryption is configured in development mode, then it is not necessary to keep a copy of the key or follow these steps. The simpler :ref:`encrypt-partitions` steps can be used.
.. only:: not SOC_KEY_MANAGER_SUPPORTED
Manually encrypting or decrypting files require the flash encryption key to be pre-burned in eFuse (see :ref:`pregenerated-flash-encryption-key`) and a copy to be kept on the host. If the flash encryption is configured in development mode, then it is not necessary to keep a copy of the key or follow these steps. The simpler :ref:`encrypt-partitions` steps can be used.
The key file should be a single raw binary file (example: ``key.bin``).
@@ -1025,11 +1230,11 @@ The file ``my-app-ciphertext.bin`` can then be flashed to offset 0x10000 using `
.. note::
If the flashed ciphertext file is not recognized by the {IDF_TARGET_NAME} when it boots, check that the keys match and that the command line arguments match exactly, including the correct offset.
If the flashed ciphertext file is not recognized by the {IDF_TARGET_NAME} when it boots, check that the keys match and that the command line arguments match exactly, including the correct offset.
.. only:: esp32
.. only:: esp32
If your ESP32 uses non-default :ref:`FLASH_CRYPT_CONFIG value in eFuse <setting-flash-crypt-config>` then you will need to pass the ``--flash-crypt-conf`` argument to ``idf.py`` command to set the matching value. This will not happen if the device configured flash encryption by itself, but may happen if burning eFuses manually to enable flash encryption.
If your ESP32 uses non-default :ref:`FLASH_CRYPT_CONFIG value in eFuse <setting-flash-crypt-config>` then you will need to pass the ``--flash-crypt-conf`` argument to ``idf.py`` command to set the matching value. This will not happen if the device configured flash encryption by itself, but may happen if burning eFuses manually to enable flash encryption.
The command ``idf.py decrypt-flash-data`` can be used with the same options (and different input/output files), to decrypt ciphertext flash contents or a previously encrypted file.
@@ -1098,13 +1303,13 @@ The following sections provide some reference information about the operation of
Flash Encryption Algorithm
^^^^^^^^^^^^^^^^^^^^^^^^^^
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256 bit or 512 bit key size for flash encryption.
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256-bit or 512-bit key size for flash encryption.
- XTS-AES is a block cipher mode specifically designed for disc encryption and addresses the weaknesses other potential modes (e.g., AES-CTR) have for this use case. A detailed description of the XTS-AES algorithm can be found in `IEEE Std 1619-2007 <https://ieeexplore.ieee.org/document/4493450>`_.
- The flash encryption key is stored in one or two ``BLOCK_KEYN`` eFuses and, by default, is protected from further writes or software readout.
- To see the full flash encryption algorithm implemented in Python, refer to the `_flash_encryption_operation()` function in the ``espsecure`` source code.
- To see the full flash encryption algorithm implemented in Python, refer to the ``_flash_encryption_operation()`` function in the ``espsecure`` source code.
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
@@ -1114,7 +1319,7 @@ The following sections provide some reference information about the operation of
Flash Encryption Algorithm
^^^^^^^^^^^^^^^^^^^^^^^^^^
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256 bit size for flash encryption.
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256-bit size for flash encryption.
- XTS-AES is a block cipher mode specifically designed for disc encryption and addresses the weaknesses other potential modes (e.g., AES-CTR) have for this use case. A detailed description of the XTS-AES algorithm can be found in `IEEE Std 1619-2007 <https://ieeexplore.ieee.org/document/4493450>`_.
@@ -1129,7 +1334,7 @@ The following sections provide some reference information about the operation of
Flash Encryption Algorithm
^^^^^^^^^^^^^^^^^^^^^^^^^^
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256 bit size for flash encryption. In case the 128-bit key is stored in the eFuse key block, the final 256-bit AES key is obtained as SHA256(EFUSE_KEY0_FE_128BIT).
- {IDF_TARGET_NAME} use the XTS-AES block cipher mode with 256-bit size for flash encryption. In case the 128-bit key is stored in the eFuse key block, the final 256-bit AES key is obtained as SHA256(EFUSE_KEY0_FE_128BIT).
- XTS-AES is a block cipher mode specifically designed for disc encryption and addresses the weaknesses other potential modes (e.g., AES-CTR) have for this use case. A detailed description of the XTS-AES algorithm can be found in `IEEE Std 1619-2007 <https://ieeexplore.ieee.org/document/4493450>`_.
docs/en/security/security-features-enablement-workflows.rst
+50 -12
View File
@@ -61,19 +61,19 @@ Enable Flash Encryption and Secure Boot v2 Externally
It is recommended to enable both Flash Encryption and Secure Boot v2 for a production use case.
When enabling the Flash Encryption and Secure Boot v2 together, they need to enable them in the following order:
When enabling the Flash Encryption and Secure Boot v2 together, they must be enabled in the following order:
#. Enable the Flash Encryption feature by following the steps listed in :ref:`enable-flash-encryption-externally`.
#. Enable the Secure Boot v2 feature by following the steps listed in :ref:`enable-secure-boot-v2-externally`.
The reason this particular ordering is that when enabling Secure Boot (SB) v2, it is necessary to keep the SB v2 key readable. To protect the key's readability, the write protection for ``RD_DIS`` (``ESP_EFUSE_WR_DIS_RD_DIS``) is applied. However, this action poses a challenge when attempting to enable Flash Encryption, as the Flash Encryption (FE) key needs to remain unreadable. This conflict arises because the ``RD_DIS`` is already write-protected, making it impossible to read protect the FE key.
The reason for this particular ordering is that when enabling Secure Boot (SB) v2, it is necessary to keep the SB v2 key readable. To protect the key's readability, the write protection for ``RD_DIS`` (``ESP_EFUSE_WR_DIS_RD_DIS``) is applied. However, this action poses a challenge when attempting to enable Flash Encryption, as the Flash Encryption (FE) key needs to remain unreadable. This conflict arises because the ``RD_DIS`` is already write-protected, making it impossible to read protect the FE key.
.. _enable-flash-encryption-externally:
Enable Flash Encryption Externally
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In this case all the eFuses related to Flash Encryption are written with help of the espefuse tool. More details about Flash Encryption can process can be found in :doc:`/security/flash-encryption`.
In this case, all the eFuses related to Flash Encryption are written with help of the espefuse tool. More details about Flash Encryption process can be found in :doc:`/security/flash-encryption`.
1. Ensure that you have an {IDF_TARGET_NAME} device with default Flash Encryption eFuse settings as shown in :ref:`flash-encryption-efuse`
@@ -130,14 +130,52 @@ In this case all the eFuses related to Flash Encryption are written with help of
espsecure generate-flash-encryption-key --keylen 128 my_flash_encryption_key.bin
3. Burn the Flash Encryption key into eFuse
3. Program the generated Flash Encryption key into the device
.. only:: SOC_KEY_MANAGER_SUPPORTED
a. If you intend to use the Key Manager to store the Flash Encryption key, generate the Key Recovery Information for the Flash Encryption key and store it in the flash memory at the address 0x0 using the command:
.. code-block:: bash
esptool --port PORT write-flash 0x0 key_recovery_info.bin
After storing the Key Recovery Information in flash memory, you also need to program the ``KM_XTS_KEY_LENGTH_256`` and the ``FORCE_USE_KEY_MANAGER_KEY`` eFuses.
.. warning::
This action **cannot be reverted**.
Bit 1 of the ``FORCE_USE_KEY_MANAGER_KEY`` eFuse is used to force using a Key Manager-based XTS-AES key. Once this eFuse is burned, eFuse-based Flash Encryption keys can no longer be used; the device will exclusively use the Key Manager for Flash Encryption key management.
.. code-block:: bash
espefuse --port PORT burn-efuse FORCE_USE_KEY_MANAGER_KEY 2
The ``KM_XTS_KEY_LENGTH_256`` eFuse controls the length of the Key-Manager based XTS-AES key. Set this eFuse to 1 to use a 128-bit key, and to 0 to use a 256-bit key.
To use a 128-bit key, set the ``KM_XTS_KEY_LENGTH_256`` eFuse to 1.
.. code-block:: bash
espefuse --port PORT burn-efuse KM_XTS_KEY_LENGTH_256 1
Otherwise, to use a 256-bit key, set the ``KM_XTS_KEY_LENGTH_256`` eFuse to 0.
.. code-block:: bash
espefuse --port PORT burn-efuse KM_XTS_KEY_LENGTH_256 0
b. To store the Flash Encryption key in the eFuses, run the following commands:
.. only:: not SOC_KEY_MANAGER_SUPPORTED
To store the Flash Encryption key in the eFuses, run the following commands:
.. warning::
This action **cannot be reverted**.
It can be done by running:
.. only:: not SOC_FLASH_ENCRYPTION_XTS_AES
.. code-block:: bash
@@ -183,13 +221,13 @@ In this case all the eFuses related to Flash Encryption are written with help of
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
For AES-128 (256-bit key) - ``XTS_AES_128_KEY`` (the ``XTS_KEY_LENGTH_256`` eFuse will be burn to 1):
For AES-128 (256-bit key) - ``XTS_AES_128_KEY`` (the ``XTS_KEY_LENGTH_256`` eFuse will be burned to 1):
.. code-block:: bash
espefuse --port PORT burn-key BLOCK_KEY0 flash_encryption_key256.bin XTS_AES_128_KEY
For AES-128 key derived from SHA256(128 eFuse bits) - ``XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS``. The FE key will be written in the lower part of eFuse BLOCK_KEY0. The upper 128 bits are not used and will remain available for reading by software. Using the special mode of the espefuse tool, shown in the ``For burning both keys together`` section below, the user can write their data to it using any espefuse commands.
For AES-128 key derived from SHA256 (128 eFuse bits) - ``XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS``. The FE key will be written in the lower part of eFuse BLOCK_KEY0. The upper 128 bits are not used and will remain available for reading by software. Using the special mode of the espefuse tool, shown in the ``For burning both keys together`` section below, the user can write their data to it using any espefuse commands.
.. code-block:: bash
@@ -244,7 +282,7 @@ In this case all the eFuses related to Flash Encryption are written with help of
:SOC_EFUSE_DIS_DOWNLOAD_ICACHE: - ``DIS_DOWNLOAD_ICACHE``: Disable UART cache
:SOC_EFUSE_DIS_DOWNLOAD_DCACHE: - ``DIS_DOWNLOAD_DCACHE``: Disable UART cache
:SOC_EFUSE_HARD_DIS_JTAG: - ``HARD_DIS_JTAG``: Hard disable JTAG peripheral
:SOC_EFUSE_DIS_DIRECT_BOOT:- ``DIS_DIRECT_BOOT``: Disable direct boot (legacy SPI boot mode)
:SOC_EFUSE_DIS_DIRECT_BOOT: - ``DIS_DIRECT_BOOT``: Disable direct boot (legacy SPI boot mode)
:SOC_EFUSE_DIS_LEGACY_SPI_BOOT: - ``DIS_LEGACY_SPI_BOOT``: Disable legacy SPI boot mode
:SOC_EFUSE_DIS_USB_JTAG: - ``DIS_USB_JTAG``: Disable USB switch to JTAG
:SOC_EFUSE_DIS_PAD_JTAG: - ``DIS_PAD_JTAG``: Disable JTAG permanently
@@ -266,7 +304,7 @@ In this case all the eFuses related to Flash Encryption are written with help of
B) Write protect security eFuses
After burning the respective eFuses we need to write_protect the security configurations. It can be done by burning following eFuse:
After burning the respective eFuses we need to write-protect the security configurations. It can be done by burning following eFuse:
.. code:: bash
@@ -499,12 +537,12 @@ In this workflow we shall use ``espsecure`` tool to generate signing keys and us
:SOC_EFUSE_DIS_BOOT_REMAP: - ``DIS_BOOT_REMAP``: Disable capability to remap ROM to RAM address space.
:SOC_EFUSE_HARD_DIS_JTAG: - ``HARD_DIS_JTAG``: Hard disable JTAG peripheral.
:SOC_EFUSE_SOFT_DIS_JTAG: - ``SOFT_DIS_JTAG``: Disable software access to JTAG peripheral.
:SOC_EFUSE_DIS_DIRECT_BOOT:- ``DIS_DIRECT_BOOT``: Disable direct boot (legacy SPI boot mode).
:SOC_EFUSE_DIS_DIRECT_BOOT: - ``DIS_DIRECT_BOOT``: Disable direct boot (legacy SPI boot mode).
:SOC_EFUSE_DIS_LEGACY_SPI_BOOT: - ``DIS_LEGACY_SPI_BOOT``: Disable legacy SPI boot mode.
:SOC_EFUSE_DIS_USB_JTAG: - ``DIS_USB_JTAG``: Disable USB switch to JTAG.
:SOC_EFUSE_DIS_PAD_JTAG: - ``DIS_PAD_JTAG``: Disable JTAG permanently.
:SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS: - ``SECURE_BOOT_AGGRESSIVE_REVOKE``: Aggressive revocation of key digests, see :ref:`secure-boot-v2-aggressive-key-revocation` for more details.
:SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED: - ``WR_DIS_ECDSA_CURVE_MODE``: Disable writing to the ECDSA curve mode eFuse bit. As this write protection bit is shared with ``ECC_FORCE_CONST_TIME``, it is recommended to write protect this bit only after configuring the ``ECC_FORCE_CONST_TIME`` eFuse.
:SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED: - ``WR_DIS_ECDSA_CURVE_MODE``: Disable writing to the ECDSA curve mode eFuse bit. As this write protection bit is shared with ``ECC_FORCE_CONST_TIME``, it is recommended to write-protect this bit only after configuring the ``ECC_FORCE_CONST_TIME`` eFuse.
:SOC_ECDSA_SUPPORT_CURVE_P384: - ``WR_DIS_SECURE_BOOT_SHA384_EN``: Disable writing to the SHA-384 Secure Boot eFuse bit. As this write protection bit is shared with ``XTS_DPA_PSEUDO_LEVEL`` and ``ECC_FORCE_CONST_TIME``, it is recommended to write protect this bit only after configuring all the other shared eFuses.
The respective eFuses can be burned by running:
docs/en/security/security.rst
+22 -4
View File
@@ -11,7 +11,7 @@ This guide provides an overview of the overall security features available in va
.. note::
In this guide, most used commands are in the form of ``idf.py secure-<command>``, which is a wrapper around corresponding ``espsecure <command>``. The ``idf.py`` based commands provides more user-friendly experience, although may lack some of the advanced functionality of their ``espsecure`` based counterparts.
In this guide, most used commands are in the form of ``idf.py secure-<command>``, which is a wrapper around corresponding ``espsecure <command>``. The ``idf.py`` based commands provides a more user-friendly experience, although may lack some of the advanced functionality of their ``espsecure`` based counterparts.
.. only:: TARGET_SUPPORT_QEMU
@@ -70,7 +70,7 @@ Please refer to :doc:`flash-encryption` for detailed information about this feat
.. only:: SOC_SPIRAM_SUPPORTED and not esp32
If {IDF_TARGET_NAME} is connected to an external SPI RAM, the contents written to or read from the SPI RAM will also be encrypted and decrypted respectively (via the MMU's flash cache, provided that FLash Encryption is enabled). This provides an additional safety layer for the data stored in SPI RAM, hence configurations like ``CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC`` can be safely enabled in this case.
If {IDF_TARGET_NAME} is connected to an external SPI RAM, the contents written to or read from the SPI RAM will also be encrypted and decrypted respectively (via the MMU's flash cache, provided that Flash Encryption is enabled). This provides an additional safety layer for the data stored in SPI RAM, hence configurations like ``CONFIG_MBEDTLS_EXTERNAL_MEM_ALLOC`` can be safely enabled in this case.
Flash Encryption Best Practices
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -101,6 +101,24 @@ Flash Encryption Best Practices
Please refer to the :doc:`../api-reference/peripherals/ecdsa` and :doc:`../api-reference/peripherals/ds` guides for detailed documentation.
.. only:: SOC_KEY_MANAGER_SUPPORTED
Key Manager
~~~~~~~~~~~
The Key Manager peripheral in {IDF_TARGET_NAME} provides hardware-assisted **key deployment and recovery** for cryptographic keys. Keys are cryptographically bound to a Hardware Unique Key (HUK) that is unique to each chip, ensuring that key material is never exposed to software-accessible memory.
The Key Manager supports key management for the following cryptographic peripherals: :doc:`ECDSA <../api-reference/peripherals/ecdsa>`, :doc:`HMAC <../api-reference/peripherals/hmac>`, :doc:`Digital Signature (DS) <../api-reference/peripherals/ds>`, and Flash Encryption.
Please refer to :doc:`../api-reference/peripherals/key_manager` for detailed documentation.
Key Manager Best Practices
^^^^^^^^^^^^^^^^^^^^^^^^^^
* Protect the ``key_recovery_info`` of a Key Manager-deployed key against unauthorized modification or loss.
* Lock Key Manager's security-related eFuses after successful key deployment to prevent re-deployment of a key of the same type.
* Avoid deploying new XTS-AES keys when Flash Encryption is already enabled unless explicitly intended.
.. only:: SOC_MEMPROT_SUPPORTED or SOC_CPU_IDRAM_SPLIT_USING_PMP
Memory Protection
@@ -124,7 +142,7 @@ Flash Encryption Best Practices
DPA (Differential Power Analysis) Protection
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
{IDF_TARGET_NAME} has support for protection mechanisms against the Differential Power Analysis related security attacks. DPA protection dynamically adjusts the clock frequency of the crypto peripherals, thereby blurring the power consumption trajectory during its operation. Based on the configured DPA security level, the clock variation range changes. Please refer to the *{IDF_TARGET_NAME} Technical Reference Manual* [`PDF <{IDF_TARGET_TRM_EN_URL}>`__]. for more details on this topic.
{IDF_TARGET_NAME} has support for protection mechanisms against the Differential Power Analysis related security attacks. DPA protection dynamically adjusts the clock frequency of the crypto peripherals, thereby blurring the power consumption trajectory during its operation. Based on the configured DPA security level, the clock variation range changes. Please refer to the **{IDF_TARGET_NAME} Technical Reference Manual** [`PDF <{IDF_TARGET_TRM_EN_URL}>`__] for more details on this topic.
:ref:`CONFIG_ESP_CRYPTO_DPA_PROTECTION_LEVEL` can help to select the DPA level. Higher level means better security, but it can also have an associated performance impact. By default, the lowest DPA level is kept enabled but it can be modified based on the security requirement.
@@ -140,7 +158,7 @@ Flash Encryption Best Practices
{IDF_TARGET_NAME} incorporates a pseudo-round function in the AES peripheral, thus enabling the peripheral to randomly insert pseudo-rounds before and after the original operation rounds and also generate a pseudo key to perform these dummy operations.
These operations do not alter the original result, but they increase the complexity to perform side channel analysis attacks by randomizing the power profile.
:ref:`CONFIG_MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH` can be used to select the strength of the pseudo-round function. Increasing the strength improves the security provided, but would slow down the encrryption/decryption operations.
:ref:`CONFIG_MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH` can be used to select the strength of the pseudo-round function. Increasing the strength improves the security provided, but would slow down the encryption/decryption operations.
.. list-table:: Performance impact on AES operations per strength level
docs/zh_CN/api-reference/peripherals/ds.rst
+12 -2
View File
@@ -3,7 +3,13 @@
:link_to_translation:`en:[English]`
数字签名 (DS) 模块利用 RSA 硬件加速器为信息签名。HMAC 作为密钥派生函数,使用 eFuse 作为输入密钥,输出一组加密参数。随后,数字签名模块利用这组预加密参数计算签名。以上过程均在硬件中完成,因此在计算签名时,软件无法获取 RSA 参数的解密密钥,也无法获取 HMAC 密钥派生函数输入密钥。
数字签名 (DS) 模块提供基于 RSA 的消息签名硬件加速,并使用预加密参数计算签名。这些参数通过 HMAC 作为密钥派生函数进行加密,而 HMAC 则以 eFuse 作为输入密钥。
.. only:: SOC_KEY_MANAGER_SUPPORTED
在 {IDF_TARGET_NAME} 上,数字签名 (DS) 模块也可以使用存储在密钥管理器中的密钥,而非 eFuse 密钥块。AES 加密密钥可以通过密钥管理器直接部署,类型为 :cpp:enumerator:`ESP_KEY_MGR_DS_KEY`。详情请参阅 :ref:`key-manager`
以上过程均在硬件中完成,因此在计算签名时,软件无法获取 RSA 参数的解密密钥,也无法获取 HMAC 密钥派生函数的输入密钥。
签名计算所涉及的硬件信息以及所用寄存器的有关信息,请参阅 **{IDF_TARGET_NAME} 技术参考手册** > **数字签名 (DS)** [`PDF <{IDF_TARGET_TRM_CN_URL}#digsig>`__]。
@@ -112,7 +118,11 @@ TLS 连接所需的 DS 外设配置
此前位于 ``examples/protocols/mqtt/ssl_ds`` 目录下的 SSL 双向认证示例现已随独立的 `espressif/mqtt <https://components.espressif.com/components/espressif/mqtt>`__ 组件一同提供。请参照该组件文档获取 SSL DS 示例,并与 ESP-MQTT 一同构建。该示例仍使用 ``mqtt_client`` (由 ESP-MQTT 实现),通过双向认证 TLS 连接至 ``test.mosquitto.org``,其中 TLS 通信层仍由 ESP-TLS 实现。
.. only:: SOC_KEY_MANAGER_SUPPORTED
如果 :cpp:member:`esp_ds_data_ctx_t::efuse_key_id`:cpp:member:`esp_rsa_ds_opaque_key_t::key_recovery_info` 均已设置,ESP-DS PSA 驱动程序将优先使用基于密钥管理器的 DS 密钥,而非基于 eFuse 的 DS 密钥。
API 参考
--------
.. include-build-file:: inc/esp_ds.inc
.. include-build-file:: inc/psa_crypto_driver_esp_rsa_ds_contexts.inc
docs/zh_CN/api-reference/peripherals/ecdsa.rst
+19 -1
View File
@@ -24,7 +24,13 @@ ECDSA 外设可以为 TLS 双向身份验证等用例建立 **安全设备身份
{IDF_TARGET_NAME} 上的 ECDSA
----------------------------
在 {IDF_TARGET_NAME} 上,ECDSA 模块使用烧录到 eFuse 块中的密钥。密码模块外的任何资源都不可访问此密钥(默认模式),从而避免密钥泄露。
在 {IDF_TARGET_NAME} 上,ECDSA 模块使用烧录到 eFuse 块中的密钥。
.. only:: SOC_KEY_MANAGER_SUPPORTED
在 {IDF_TARGET_NAME} 上,ECDSA 模块也支持将密钥存储在密钥管理器中,详情请参阅 :ref:`key-manager`
密码模块外的任何资源都不可访问此密钥(默认模式),从而避免密钥泄露。
ECDSA 密钥存储
^^^^^^^^^^^^^^
@@ -53,6 +59,8 @@ ECDSA 密钥存储
ECDSA 密钥可以通过 ``idf.py`` 脚本在外部编程。以下是关于编程 ECDSA 密钥的示例:
使用 eFuse 存储 ECDSA 密钥:
.. code:: bash
idf.py efuse-burn-key <BLOCK_NUM> </path/to/ecdsa_private_key.pem> ECDSA_KEY
@@ -70,8 +78,18 @@ ECDSA 密钥可以通过 ``idf.py`` 脚本在外部编程。以下是关于编
六个物理 eFuse 块可作为 ECDSA 模块的密钥:块 4 ~ 块 9。例如,对于块 4(第一个密钥块),参数为 ``BLOCK_KEY0``
.. only:: SOC_KEY_MANAGER_SUPPORTED
使用密钥管理器存储 ECDSA 密钥:
ECDSA 私钥可以存储在密钥管理器中,详情请参阅 :ref:`key-manager`
将 ECDSA 密钥部署到密钥管理器中。对于持久密钥,需将生成的密钥恢复信息存储在 flash 中。
另外,ECDSA 密钥也可以通过在目标上运行的应用程序进行编程。
使用 eFuse 存储 ECDSA 密钥:
以下代码片段使用 :cpp:func:`esp_efuse_write_key` 将 eFuse 中的物理密钥块 0 的密钥目的设置为 :cpp:enumerator:`esp_efuse_purpose_t::ESP_EFUSE_KEY_PURPOSE_ECDSA_KEY`:
.. code-block:: c
docs/zh_CN/api-reference/peripherals/hmac.rst
+12 -3
View File
@@ -26,7 +26,13 @@
{IDF_TARGET_NAME} 上的 HMAC
-----------------------------
在 {IDF_TARGET_NAME} HMAC 模块的 eFuse 中会烧录一个密钥,可将该 eFuse 密钥设置为禁止所有外部资源访问,避免密钥泄露
在 {IDF_TARGET_NAME} 上,HMAC 模块会使用烧录到 eFuse 中的密钥
.. only:: SOC_KEY_MANAGER_SUPPORTED
在 {IDF_TARGET_NAME} 上,HMAC 模块也支持将密钥存储在密钥管理器中,详情请参阅 :ref:`key-manager`
可将该密钥设置为禁止所有外部资源访问,避免密钥泄露。
此外,在 {IDF_TARGET_NAME} 上的 HMAC 有以下三种应用场景:
@@ -142,6 +148,8 @@ HMAC 的第三种应用场景是将其作为密钥,启用软禁用的 JTAG 接
以下为针对特定应用场景的实例代码,可用于设置 eFuse 密钥,并将其用于计算支持软件使用的 HMAC。
使用 eFuse 存储 HMAC 密钥:
``esp_efuse_write_key`` 可以设置 eFuse 中的物理密钥块 4,并设置其功能。``ESP_EFUSE_KEY_PURPOSE_HMAC_UP`` (8) 表明,该密钥仅适用于生成支持软件使用的 HMAC。
.. code-block:: c
@@ -162,6 +170,8 @@ HMAC 的第三种应用场景是将其作为密钥,启用软禁用的 JTAG 接
接下来可以通过 PSA Crypto API,使用已存储的密钥来计算供软件使用的 HMAC。
使用基于 eFuse 的 HMAC 密钥:
.. code-block:: c
#include "psa/crypto.h"
@@ -181,9 +191,8 @@ HMAC 的第三种应用场景是将其作为密钥,启用软禁用的 JTAG 接
psa_set_key_bits(&attributes, 256);
psa_set_key_lifetime(&attributes, PSA_KEY_LIFETIME_ESP_HMAC_VOLATILE);
// 创建不透明密钥引用
// 为基于 eFuse 的密钥创建不透明密钥引用
esp_hmac_opaque_key_t opaque_key = {
.use_km_key = false,
.efuse_key_id = HMAC_KEY4,
};
docs/zh_CN/api-reference/peripherals/index.rst
+3 -2
View File
@@ -11,6 +11,7 @@
:SOC_GDMA_SUPPORT_CRC: async_crc
:SOC_ASYNC_MEMCPY_SUPPORTED: async_memcpy
:SOC_BITSCRAMBLER_SUPPORTED: bitscrambler
:SOC_MIPI_CSI_SUPPORTED: camera_driver
:SOC_CLK_TREE_SUPPORTED: clk_tree
:SOC_CORDIC_SUPPORTED: cordic
:SOC_DAC_SUPPORTED: dac
@@ -25,10 +26,11 @@
:SOC_I2S_SUPPORTED: i2s
:SOC_I3C_MASTER_SUPPORTED: i3c_master
:SOC_ISP_SUPPORTED: isp
:SOC_JPEG_CODEC_SUPPORTED: jpeg
:SOC_KEY_MANAGER_SUPPORTED: key_manager
lcd/index
:SOC_GP_LDO_SUPPORTED: ldo_regulator
ledc
:SOC_MIPI_CSI_SUPPORTED: camera_driver
:SOC_MCPWM_SUPPORTED: mcpwm
:SOC_PARLIO_SUPPORTED: parlio/index
:SOC_PCNT_SUPPORTED: pcnt
@@ -45,7 +47,6 @@
:SOC_SPI_SUPPORT_SLAVE_HD_VER2: spi_slave_hd
:SOC_LP_I2S_SUPPORTED: lp_i2s
:SOC_LP_VAD_SUPPORTED: vad
:SOC_JPEG_CODEC_SUPPORTED: jpeg
:SOC_TEMP_SENSOR_SUPPORTED: temp_sensor
:SOC_TOUCH_SENSOR_SUPPORTED: cap_touch_sens
:SOC_TWAI_SUPPORTED: twai
docs/zh_CN/api-reference/peripherals/key_manager.rst
+171
View File
@@ -0,0 +1,171 @@
.. _key-manager:
密钥管理器
==========
:link_to_translation:`en:[English]`
{IDF_TARGET_NAME} 中的密钥管理器外设为加密密钥提供了硬件辅助的 **密钥部署和密钥恢复** 功能,用于配置和使用加密密钥,而无需将明文密钥内容存储在 flash、RAM 或 eFuse 中。
密钥管理器适用于需要安全处理常驻加密密钥的应用程序。
.. only:: esp32p4
.. note::
密钥管理器外设仅支持 ESP32-P4 芯片版本 v3.x (rev >= 3)。
.. only:: esp32c5
.. note::
密钥管理器外设仅支持 ESP32-C5 芯片版本 >= v1.2。
密钥管理器具有以下特性:
- **设备唯一性**
密钥通过每块芯片独有的硬件唯一密钥 (HUK) 进行加密绑定。
- **无明文密钥存储**
密钥材料不会暴露于软件可访问的内存中。
- **灵活的密钥生命周期**
密钥可以被部署、恢复或替换为新密钥,无需为每个密钥重新烧录 eFuse。
- **抗物理提取**
读取 flash 或 eFuse 的内容不会泄露可用的密钥材料。
硬件唯一密钥 (HUK)
-------------------
硬件唯一密钥 (HUK) 是完全由硬件 HUK 外设生成的设备专属密钥,源自 SRAM 物理不可克隆函数 (PUF)。重建 HUK 时,需要用到 HUK 恢复信息,该信息包含在密钥管理器为已部署密钥生成的密钥恢复信息中。有关 HUK 外设的更多信息,请参阅 **《{IDF_TARGET_NAME} 技术参考手册》** > **密钥管理器章节** [`PDF <{IDF_TARGET_TRM_CN_URL}>`__] > **HUK 生成器**
HUK 是所有通过密钥管理器部署的密钥的信任根。
密钥部署与恢复
--------------
密钥管理器分为两个不同的阶段运行:
- **密钥部署**
加密密钥在芯片内部生成或被安全导入,并与 HUK 绑定。此步骤通常在生产阶段、首次启动时,或在应用程序运行并生成临时/持久密钥时执行。
- **密钥恢复**
在后续启动过程中,密钥管理器部署的持久密钥会使用先前生成的密钥恢复信息进行还原,而不会暴露密钥值。
在部署过程中,密钥管理器生成 :cpp:type:`esp_key_mgr_key_recovery_info_t` 数据结构。对于持久密钥,应用程序必须将此数据保存在非易失性存储器(例如 flash)中,以便在后续启动时恢复密钥。
支持的密钥类型
--------------
密钥管理器可以管理以下密钥类型:
.. list::
:SOC_KEY_MANAGER_ECDSA_KEY_DEPLOY: - ECDSA
:SOC_KEY_MANAGER_FE_KEY_DEPLOY: - flash 加密 (XTS-AES)
:SOC_KEY_MANAGER_HMAC_KEY_DEPLOY: - HMAC
:SOC_KEY_MANAGER_DS_KEY_DEPLOY: - 数字签名外设
:SOC_KEY_MANAGER_FE_KEY_DEPLOY: - PSRAM 加密
每个密钥都与一个 :cpp:type:`esp_key_mgr_key_purpose_t` 相关联,该类型定义了硬件外设如何使用密钥。
密钥部署模式
------------
密钥管理器提供多种密钥部署模式,以满足不同的配置和安全需求。
随机部署模式
^^^^^^^^^^^^
在此模式下,密钥管理器在内部生成一个随机私钥。
- 应用程序软件无法获取密钥值。
- 不需要外部密钥材料。
- 适用于不需要备份或导出密钥的场景。
AES 部署模式
^^^^^^^^^^^^
在此模式下,可以安全部署用户指定的私钥。
- 密钥在传输到芯片之前进行加密。
- 使用辅助密钥材料保护部署过程。
- 适用于需要预定义密钥值的出厂配置场景。
ECDH0 部署模式
^^^^^^^^^^^^^^
在此模式下,私钥通过椭圆曲线 Diffie-Hellman (ECDH) 协商生成。
- 最终私钥不会被传输。
- 部署过程可以通过不受信任的信道进行。
- 适用于高安全性的配置环境。
有关各种部署模式的详细信息,请参阅 **《{IDF_TARGET_NAME} 技术参考手册》** > **密钥管理器章节** [`PDF <{IDF_TARGET_TRM_EN_URL}>`__] > **密钥管理器小节**
.. ECDH1 Deploy Mode
.. ~~~~~~~~~~~~~~~~~
..
.. This mode is similar to ECDH0 Deploy Mode, with additional flexibility for manufacturing workflows.
..
.. - Supports negotiated key deployment using auxiliary recovery data
.. - Allows updating deployed keys by replacing auxiliary information
.. - Intended for large-scale manufacturing with controlled trust assumptions
典型工作流程
------------
首次启动或生产配置
^^^^^^^^^^^^^^^^^^
典型的配置流程包括:
1. 生成硬件唯一密钥 (HUK)
2. 使用恰当的部署模式部署所需的加密密钥
3. 将生成的 ``key_recovery_info`` 保存至非易失性存储器中
4. 如有需要,锁定相关安全配置 eFuse
此过程通常每台设备仅执行一次。
正常启动
^^^^^^^^
在正常启动过程中:
1. 应用程序提供先前由密钥管理器部署的密钥所生成的 ``key_recovery_info``
2. HUK 由硬件自动重建
3. 密钥管理器在内部恢复已部署的密钥
4. 密码外设可以使用已恢复的密钥
安全注意事项
------------
使用密钥管理器的应用程序应注意以下事项:
- 防止密钥管理器部署密钥的 ``key_recovery_info`` 遭受未授权的修改或丢失。
- 密钥部署成功后,锁定密钥管理器安全相关的 eFuse,防止重新部署同类型密钥。
- 除非明确需要,否则在已启用 flash 加密时,应避免部署新的 XTS-AES 密钥。
API 参考
--------
.. include-build-file:: inc/esp_key_mgr.inc
.. include-build-file:: inc/key_mgr_types.inc
应用示例
--------
:example:`security/key_manager` 演示了如何使用密钥管理器进行密钥部署,以及如何使用已部署的密钥执行签名操作。
该示例展示了如何:
- 初始化密钥管理器
- 使用 AES 部署模式部署密钥
- 使用 PSA 接口通过密钥管理器部署的密钥执行签名操作
docs/zh_CN/security/esp32c5_log.inc
+138 -58
View File
@@ -66,68 +66,72 @@
------
.. first_boot_enc_km
.. code-block:: none
ESP-ROM:esp32c5-eco3-20250704
Build:Jul 4 2025
rst:0x1 (POWERON),boot:0x18 (SPI_FAST_FLASH_BOOT)
SPI mode:DIO, clock div:1
load:0x40855820,len:0x3a60
load:0x4084bba0,len:0xdf4
load:0x4084e5a0,len:0x566c
entry 0x4084bbaa
I (23) boot: ESP-IDF v6.0-dev-3140-ge16a2fb13ad-dirt 2nd stage bootloader
I (24) boot: compile time Oct 27 2025 15:35:09
I (67) boot: chip revision: v1.1
I (70) boot: efuse block revision: v0.3
I (88) boot.esp32c5: SPI Speed : 80MHz
I (92) boot.esp32c5: SPI Mode : DIO
I (96) boot.esp32c5: SPI Flash Size : 2MB
I (103) boot: Enabling RNG early entropy source...
I (138) boot: Partition Table:
I (141) boot: ## Label Usage Type ST Offset Length
I (154) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (168) boot: 1 phy_init RF data 01 01 00014000 00001000
I (182) boot: 2 factory factory app 00 00 00020000 00100000
I (189) boot: End of partition table
I (283) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (377) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636) load
I (445) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468) load
I (512) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (580) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=63804h (407556) map
I (761) boot: Loaded app from partition at offset 0x20000
I (764) boot: Checking flash encryption...
I (788) efuse: Batch mode of writing fields is enabled
I (807) flash_encrypt: Deploying new flash encryption key using Key Manager
W (898) flash_encrypt: Not disabling UART bootloader encryption
I (904) flash_encrypt: Disable UART bootloader cache...
W (917) flash_encrypt: Not disabling JTAG - SECURITY COMPROMISED
I (930) efuse: BURN BLOCK0
I (935) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (938) efuse: Batch mode. Prepared fields are committed
I (1028) esp_image: segment 0: paddr=00002020 vaddr=40855820 size=03a60h ( 14944)
I (1096) esp_image: segment 1: paddr=00005a88 vaddr=4084bba0 size=00df4h ( 3572)
I (1165) esp_image: segment 2: paddr=00006884 vaddr=4084e5a0 size=0566ch ( 22124)
I (1508) flash_encrypt: bootloader encrypted successfully
I (1535) flash_encrypt: partition table encrypted and loaded successfully
I (1616) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (1711) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636)
I (1779) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468)
I (1847) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (1916) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=63804h (407556) map
I (2096) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0xa3850)...
I (5652) flash_encrypt: Done encrypting
I (5667) efuse: BURN BLOCK0
I (5671) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (5675) flash_encrypt: Flash encryption completed
I (5679) boot: Resetting with flash encryption enabled...
------
.. already_en_enc
.. code-block:: none
rst:0x1 (POWERON),boot:0x3d (SPI_FAST_FLASH_BOOT)
SPI mode:DIO, clock div:2
load:0x40855c10,len:0x2be8
load:0x4084c7a0,len:0x6f8
load:0x4084e9a0,len:0x418c
entry 0x4084c804
I (32) boot: ESP-IDF v5.3-dev-3860-g5d36288649 2nd stage bootloader
I (33) boot: compile time May 7 2024 17:24:43
I (34) boot: chip revision: v0.0
I (37) boot.esp32c5: SPI Speed : 40MHz
I (42) boot.esp32c5: SPI Mode : DIO
I (46) boot.esp32c5: SPI Flash Size : 2MB
I (51) boot: Enabling RNG early entropy source...
I (64) boot: Partition Table:
I (67) boot: ## Label Usage Type ST Offset Length
I (74) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (82) boot: 1 storage Unknown data 01 ff 00014000 00001000
I (89) boot: 2 factory factory app 00 00 00020000 00100000
I (97) boot: 3 nvs_key NVS keys 01 04 00120000 00001000
I (104) boot: 4 custom_nvs WiFi data 01 02 00121000 00006000
I (113) boot: End of partition table
I (116) esp_image: segment 0: paddr=00020020 vaddr=42010020 size=095c4h ( 38340) map
I (169) esp_image: segment 1: paddr=000295ec vaddr=40800000 size=06a2ch ( 27180) load
I (197) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=0f4d4h ( 62676) map
I (256) esp_image: segment 3: paddr=0003f4fc vaddr=40806a2c size=00b78h ( 2936) load
I (261) esp_image: segment 4: paddr=0004007c vaddr=408075b0 size=00d18h ( 3352) load
I (269) boot: Loaded app from partition at offset 0x20000
I (270) boot: Checking flash encryption...
I (273) efuse: Batch mode of writing fields is enabled
I (278) flash_encrypt: Generating new flash encryption key...
I (295) efuse: Writing EFUSE_BLK_KEY0 with purpose 4
W (300) flash_encrypt: Not disabling UART bootloader encryption
I (305) flash_encrypt: Disable JTAG...
I (312) efuse: BURN BLOCK4
I (317) efuse: BURN BLOCK4 - OK (write block == read block)
I (319) efuse: BURN BLOCK0
I (325) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (330) efuse: Batch mode. Prepared fields are committed
I (335) esp_image: segment 0: paddr=00002020 vaddr=40855c10 size=02be8h ( 11240)
I (353) esp_image: segment 1: paddr=00004c10 vaddr=4084c7a0 size=006f8h ( 1784)
I (356) esp_image: segment 2: paddr=00005310 vaddr=4084e9a0 size=0418ch ( 16780)
I (1131) flash_encrypt: bootloader encrypted successfully
I (1229) flash_encrypt: partition table encrypted and loaded successfully
I (1230) flash_encrypt: Encrypting partition 1 at offset 0x14000 (length 0x1000)...
I (1325) flash_encrypt: Done encrypting
I (1325) esp_image: segment 0: paddr=00020020 vaddr=42010020 size=095c4h ( 38340) map
I (1362) esp_image: segment 1: paddr=000295ec vaddr=40800000 size=06a2ch ( 27180)
I (1389) esp_image: segment 2: paddr=00030020 vaddr=42000020 size=0f4d4h ( 62676) map
I (1448) esp_image: segment 3: paddr=0003f4fc vaddr=40806a2c size=00b78h ( 2936)
I (1453) esp_image: segment 4: paddr=0004007c vaddr=408075b0 size=00d18h ( 3352)
I (1458) flash_encrypt: Encrypting partition 2 at offset 0x20000 (length 0x100000)...
I (24332) flash_encrypt: Done encrypting
I (24332) flash_encrypt: Encrypting partition 3 at offset 0x120000 (length 0x1000)...
I (24422) flash_encrypt: Done encrypting
I (24423) efuse: BURN BLOCK0
I (24425) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (24427) flash_encrypt: Flash encryption completed
I (24431) boot: Resetting with flash encryption enabled...
ESP-ROM:esp32c5-20240329
Build:Mar 29 2024
rst:0x3 (RTC_SW_HPSYS),boot:0x3d (SPI_FAST_FLASH_BOOT)
@@ -193,3 +197,79 @@
------
.. already_en_enc_km
.. code-block:: none
ESP-ROM:esp32c5-eco3-20250704
Build:Jul 4 2025
rst:0x1 (POWERON),boot:0x18 (SPI_FAST_FLASH_BOOT)
use sector0 for km info
use KM derived key
SPI mode:DIO, clock div:1
load:0x40855820,len:0x3a94
load:0x4084bba0,len:0xd84
load:0x4084e5a0,len:0x5670
entry 0x4084bbaa
I (27) boot: ESP-IDF v6.0-dev-3139-gb813f413096-dirt 2nd stage bootloader
I (28) boot: compile time Oct 27 2025 18:14:49
W (39) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (53) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (67) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (80) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (94) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
W (108) MMU: mmu_ll_write_entry mmu_id=0, entry_id=511, mmu_val=0x00000000, target=1
I (116) boot: chip revision: v1.1
I (119) boot: efuse block revision: v0.3
I (137) boot.esp32c5: SPI Speed : 80MHz
I (141) boot.esp32c5: SPI Mode : DIO
I (145) boot.esp32c5: SPI Flash Size : 2MB
I (149) boot: Enabling RNG early entropy source...
W (163) MMU: mmu_ll_write_entry mmu_id=0, entry_id=0, mmu_val=0x00000000, target=1
I (191) boot: Partition Table:
I (194) boot: ## Label Usage Type ST Offset Length
I (208) boot: 0 nvs WiFi data 01 02 0000e000 00006000
I (222) boot: 1 phy_init RF data 01 01 00014000 00001000
I (235) boot: 2 factory factory app 00 00 00020000 00100000
I (242) boot: End of partition table
I (396) esp_image: segment 0: paddr=00020020 vaddr=42070020 size=32f1ch (208668) map
I (539) esp_image: segment 1: paddr=00052f44 vaddr=40800000 size=0a2a4h ( 41636) load
I (629) esp_image: segment 2: paddr=0005d1f0 vaddr=4080a300 size=02ccch ( 11468) load
I (719) esp_image: segment 3: paddr=0005fec4 vaddr=00000000 size=00154h ( 340)
I (816) esp_image: segment 4: paddr=00060020 vaddr=42000020 size=6378ch (407436) map
I (1114) boot: Loaded app from partition at offset 0x20000
I (1116) boot: Checking flash encryption...
I (1133) flash_encrypt: flash encryption is enabled (1 plaintext flashes left)
I (1140) boot: Disabling RNG early entropy source...
I (1301) MSPI Timing: Enter flash timing tuning
I (1434) cpu_start: Unicore app
I (1468) cpu_start: GPIO 12 and 11 are used as console UART I/O pins
I (1479) cpu_start: Pro cpu start user code
I (1483) cpu_start: cpu freq: 240000000 Hz
I (1493) app_init: Application information:
I (1496) app_init: Project name: mbedtls_test
I (1501) app_init: App version: qa-test-esp32c61-master-2025070
I (1507) app_init: Compile time: Oct 27 2025 15:56:18
I (1512) app_init: ELF file SHA256: c5f7f520c...
I (1517) app_init: ESP-IDF: v6.0-dev-3140-ge16a2fb13ad-dirt
I (1528) efuse_init: Min chip rev: v1.0
I (1532) efuse_init: Max chip rev: v1.99
I (1536) efuse_init: Chip rev: v1.1
I (1669) heap_init: Initializing. RAM available for dynamic allocation:
I (1680) heap_init: At 4080FCB0 len 0004C8F0 (306 KiB): RAM
I (1685) heap_init: At 4085C5A0 len 00002F58 (11 KiB): RAM
I (1695) heap_init: At 50000000 len 00003FE8 (15 KiB): RTCRAM
I (1800) spi_flash: detected chip: generic
I (1804) spi_flash: flash io: dio
W (1807) spi_flash: Detected size(8192k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
W (1833) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (1867) sleep_gpio: Configure to isolate all GPIO pins in sleep state
I (1873) sleep_gpio: Enable automatic switching of GPIO sleep configuration
I (1926) main_task: Started on CPU0
I (1926) main_task: Calling app_main()
I (1936) main_task: Returned from app_main()
------
docs/zh_CN/security/esp32p4_log.inc
+140
View File
@@ -70,6 +70,72 @@
------
.. first_boot_enc_km
.. code-block:: none
ESP-ROM:esp32p4-eco5-20250430
Build:Apr 30 2025
rst:0x17 (CHIP_USB_UART_RESET),boot:0xc (SPI_FAST_FLASH_BOOT)
Core0 Saved PC:0x4fc0130e
Core1 Saved PC:0x4fc05fa4
SPI mode:DIO, clock div:1
load:0x4ffb6240,len:0x3870
load:0x4ffac2c0,len:0x179c
load:0x4ffaefc0,len:0x4ed8
entry 0x4ffac2ca
I (38) boot: ESP-IDF v6.0-dev-2918-g6629f96afca-dirt 2nd stage bootloader
I (38) boot: compile time Oct 14 2025 08:50:07
I (39) boot: Multicore bootloader
I (85) boot: chip revision: v3.0
I (88) boot: efuse block revision: v1.0
I (106) boot.esp32p4: SPI Speed : 80MHz
I (110) boot.esp32p4: SPI Mode : DIO
I (114) boot.esp32p4: SPI Flash Size : 2MB
I (121) boot: Enabling RNG early entropy source...
I (156) boot: Partition Table:
I (159) boot: ## Label Usage Type ST Offset Length
I (173) boot: 0 factory factory app 00 00 00010000 00150000
I (187) boot: 1 storage Unknown data 01 81 00160000 00050000
I (194) boot: End of partition table
I (287) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (355) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68) load
I (423) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708) load
I (491) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (567) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120) load
I (635) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644) load
I (750) boot: Loaded app from partition at offset 0x10000
I (752) boot: Checking flash encryption...
I (777) efuse: Batch mode of writing fields is enabled
I (796) flash_encrypt: Deploying new flash encryption key using Key Manager
W (933) flash_encrypt: Not disabling UART bootloader encryption
I (939) flash_encrypt: Disable UART bootloader cache...
W (952) flash_encrypt: Not disabling JTAG - SECURITY COMPROMISED
I (965) efuse: BURN BLOCK0
I (970) efuse: BURN BLOCK0 - OK (write block == read block)
I (973) efuse: Batch mode. Prepared fields are committed
I (1063) esp_image: segment 0: paddr=00002020 vaddr=4ffb6240 size=03870h ( 14448)
I (1132) esp_image: segment 1: paddr=00005898 vaddr=4ffac2c0 size=0179ch ( 6044)
I (1200) esp_image: segment 2: paddr=0000703c vaddr=4ffaefc0 size=04ed8h ( 20184)
I (1725) flash_encrypt: bootloader encrypted successfully
I (1769) flash_encrypt: partition table encrypted and loaded successfully
I (1851) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (1919) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68)
I (1988) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708)
I (2056) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (2133) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120)
I (2202) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644)
I (2315) flash_encrypt: Encrypting partition 0 at offset 0x10000 (length 0x3f260)...
I (4978) flash_encrypt: Done encrypting
I (4992) efuse: BURN BLOCK0
I (4997) efuse: BURN BLOCK0 - OK (all write block bits are set)
I (5001) flash_encrypt: Flash encryption completed
I (5005) boot: Resetting with flash encryption enabled...
------
.. already_en_enc
.. code-block:: none
@@ -152,3 +218,77 @@
I (595) main_task: Returned from app_main()
------
.. already_en_enc_km
.. code-block:: none
ESP-ROM:esp32p4-eco5-20250430
Build:Apr 30 2025
rst:0x3 (SW_SYS_RESET),boot:0xc (SPI_FAST_FLASH_BOOT)
Core0 Saved PC:0x4ffb0910
Core1 Saved PC:0x4fc05fa4
SPI mode:DIO, clock div:1
load:0x4ffb6240,len:0x3870
load:0x4ffac2c0,len:0x179c
load:0x4ffaefc0,len:0x4ed8
entry 0x4ffac2ca
I (37) boot: ESP-IDF v6.0-dev-2918-g6629f96afca-dirt 2nd stage bootloader
I (38) boot: compile time Oct 14 2025 08:50:07
I (38) boot: Multicore bootloader
I (84) boot: chip revision: v3.0
I (87) boot: efuse block revision: v1.0
I (106) boot.esp32p4: SPI Speed : 80MHz
I (110) boot.esp32p4: SPI Mode : DIO
I (113) boot.esp32p4: SPI Flash Size : 2MB
I (121) boot: Enabling RNG early entropy source...
I (155) boot: Partition Table:
I (158) boot: ## Label Usage Type ST Offset Length
I (172) boot: 0 factory factory app 00 00 00010000 00150000
I (186) boot: 1 storage Unknown data 01 81 00160000 00050000
I (193) boot: End of partition table
I (287) esp_image: segment 0: paddr=00010020 vaddr=40030020 size=0d1e8h ( 53736) map
I (355) esp_image: segment 1: paddr=0001d210 vaddr=30100000 size=00044h ( 68) load
I (422) esp_image: segment 2: paddr=0001d25c vaddr=4ff20000 size=02dbch ( 11708) load
I (491) esp_image: segment 3: paddr=00020020 vaddr=40000020 size=21834h (137268) map
I (567) esp_image: segment 4: paddr=0004185c vaddr=4ff22dbc size=094e8h ( 38120) load
I (635) esp_image: segment 5: paddr=0004ad4c vaddr=4ff2c300 size=044ech ( 17644) load
I (750) boot: Loaded app from partition at offset 0x10000
I (752) boot: Checking flash encryption...
I (769) flash_encrypt: flash encryption is enabled (1 plaintext flashes left)
I (776) boot: Disabling RNG early entropy source...
W (847) pmu_pvt: blk_version is less than 2, pvt auto dbias init not supported in efuse.
I (855) cpu_start: Multicore app
I (890) cpu_start: GPIO 38 and 37 are used as console UART I/O pins
I (901) cpu_start: Pro cpu start user code
I (905) cpu_start: cpu freq: 400000000 Hz
I (914) app_init: Application information:
I (918) app_init: Project name: crypto_test
I (922) app_init: App version: qa-test-esp32c61-master-2025070
I (928) app_init: Compile time: Oct 14 2025 08:50:07
I (933) app_init: ELF file SHA256: 847005dd4...
I (938) app_init: ESP-IDF: v6.0-dev-2918-g6629f96afca-dirt
I (949) efuse_init: Min chip rev: v3.0
I (953) efuse_init: Max chip rev: v3.99
I (957) efuse_init: Chip rev: v3.0
I (1126) heap_init: Initializing. RAM available for dynamic allocation:
I (1137) heap_init: At 4FF33B20 len 000874A0 (541 KiB): RAM
I (1143) heap_init: At 4FFBAFC0 len 00004BF0 (18 KiB): RAM
I (1153) heap_init: At 50108080 len 00007F80 (31 KiB): RTCRAM
I (1163) heap_init: At 30100044 len 00001FBC (7 KiB): TCM
I (1261) spi_flash: detected chip: gd
I (1264) spi_flash: flash io: dio
W (1267) spi_flash: Detected size(16384k) larger than the size in the binary image header(2048k). Using the size in the binary image header.
W (1293) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (1357) main_task: Started on CPU0
I (1407) main_task: Calling app_main()
I (1407) main_task: Returned from app_main()
Example to check Flash Encryption status
This is esp32p4 chip with 2 CPU core(s), WiFi, silicon revision v0.0, 2MB external flash
FLASH_CRYPT_CNT eFuse value is 1
Flash encryption feature is enabled in DEVELOPMENT mode
------
docs/zh_CN/security/flash-encryption.rst
+307 -102
View File
@@ -26,7 +26,7 @@ flash 加密功能用于加密与 {IDF_TARGET_NAME} 搭载使用的片外 flash
.. important::
对于生产用途,flash 加密仅应在“发布”模式下启用。
对于生产用途,flash 加密仅应在量产模式下启用。
.. important::
@@ -52,8 +52,8 @@ flash 加密功能用于加密与 {IDF_TARGET_NAME} 搭载使用的片外 flash
.. _flash-encryption-efuse:
相关 eFuses
------------------------------
相关 eFuse
----------
flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse 名称及其描述请参见下表。``espefuse`` 工具和基于 ``idf.py`` 的 eFuse 指令也会使用下表中的 eFuse 名。为了能在 eFuse API 中使用,请在名称前加上 ``ESP_EFUSE_``,如:esp_efuse_read_field_bit (ESP_EFUSE_DISABLE_DL_ENCRYPT)。
@@ -61,7 +61,7 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
.. only:: not SOC_FLASH_ENCRYPTION_XTS_AES
.. list-table:: flash 加密过程中使用的 eFuses
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
@@ -69,7 +69,7 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
- **描述**
- **位深**
* - ``CODING_SCHEME``
- 控制用于产生最终 256 位 AES 密钥的 block1 的实际位数。可能的值:``0`` 代表 256 位,``1`` 代表 192 位,``2`` 代表 128 位。最终的 AES 密钥根据 ``FLASH_CRYPT_CONFIG`` 值得出。
- 控制用于产生最终 256 位 AES 密钥的 block1 的实际位数。可值:``0`` 代表 256 位,``1`` 代表 192 位,``2`` 代表 128 位。最终的 AES 密钥根据 ``FLASH_CRYPT_CONFIG`` 值得出。
- 2
* - ``flash_encryption`` (block1)
- AES 密钥存储。
@@ -86,16 +86,16 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
* - ``{IDF_TARGET_CRYPT_CNT}``
- 通过 :math:`2^n` 数字来表示 flash 的内容是否已被加密.
* 如果设置了奇数个比特位(例如 ``0b0000001````0b0000111``, 表示 flash 的内容已加密。读取时,内容需要进行透明解密。
* 如果设置了偶数个比特位(例如 ``0b0000000````0b0000011``, 表示 flash 的内容未被加密 (即明文)
* 如果设置了奇数个比特位(例如 ``0b0000001````0b0000111``表示 flash 的内容已加密。读取时,内容需要进行透明解密。
* 如果设置了偶数个比特位(例如 ``0b0000000````0b0000011``表示 flash 的内容未被加密即明文
随着每次连续的 flash 未加密(例如烧录一个新的未加密二进制文件)与进行 flash 加密(通过 :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>` 选项, ``{IDF_TARGET_CRYPT_CNT}`` 的下一个最高有效位 (MSB) 会被置。
每次进行未加密的 flash 更新(例如烧录新的未加密二进制文件),并通过 :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>` 选项对 flash 进行加密后,``{IDF_TARGET_CRYPT_CNT}`` 的下一个最高有效位 (MSB) 会被置为 1
- 7
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED
.. list-table:: flash 加密过程中使用的 eFuses
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
@@ -103,21 +103,49 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
- **描述**
- **位深**
* - ``BLOCK_KEYN``
- AES 密钥存储,N 在 0-5 之间。
- AES 密钥存储,其中 N 在 0~5 之间。使用基于密钥管理器的密钥时,不会使用此 eFuse。
- XTS_AES_128 有一个 256 位密钥块,XTS_AES_256 有两个 256 位密钥块(共 512 位)。
* - ``KEY_PURPOSE_N``
- 控制 eFuse 块 ``BLOCK_KEYN``目的,其中 N 在 0-5 之间。可能的值:``2`` 代表 ``XTS_AES_256_KEY_1````3`` 代表 ``XTS_AES_256_KEY_2````4`` 代表 ``XTS_AES_128_KEY``。最终 AES 密钥是基于其中一个或两个的 eFuses 值推导。有关各种可能的组合,请参阅 *{IDF_TARGET_NAME} 技术参考手册* > *外部内存加密解密XTS_AES)* [`PDF <{IDF_TARGET_TRM_CN_URL}#extmemencr>`__]。
- 控制 eFuse 块 ``BLOCK_KEYN``用途,其中 N 在 0~5 之间。可值:``2`` 代表 ``XTS_AES_256_KEY_1````3`` 代表 ``XTS_AES_256_KEY_2````4`` 代表 ``XTS_AES_128_KEY``。最终 AES 密钥通过其中一个或两个用于指定密钥用途的 eFuse 字段值推导得出。有关各种可能的组合,请参阅 **《{IDF_TARGET_NAME} 技术参考手册》** > **片外存储器加密解密 (XTS_AES)** [`PDF <{IDF_TARGET_TRM_CN_URL}#extmemencr>`__]。若使用基于密钥管理器的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 4
* - ``KM_XTS_KEY_LENGTH_256``
- 使用基于密钥管理器的密钥启用 flash 加密时,此 eFuse 字段用于控制 XTS-AES 密钥的长度。将此 eFuse 字段设置为 1 表示使用 128 位密钥,设置为 0 表示使用 256 位密钥。若使用基于 eFuse 的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 1
* - ``FORCE_USE_KEY_MANAGER_KEY``
- 使用基于密钥管理器的密钥启用 flash 加密时,此 eFuse 用于强制密钥管理器使用 XTS-AES 密钥。将此 eFuse 的位 1 置为 1 以使用基于密钥管理器的密钥。若使用基于 eFuse 的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 1
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- 设置后,在下载启动模式下禁用 flash 加密。
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了一个或三个位,则启用此功能,否则将禁用。
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
* - **eFuse**
- **描述**
- **位深**
* - ``BLOCK_KEYN``
- AES 密钥存储,其中 N 在 0~5 之间。
- XTS_AES_128 有一个 256 位密钥块,XTS_AES_256 有两个 256 位密钥块(共 512 位)。
* - ``KEY_PURPOSE_N``
- 控制 eFuse 块 ``BLOCK_KEYN`` 的用途,其中 N 在 0~5 之间。可选值:``2`` 代表 ``XTS_AES_256_KEY_1````3`` 代表 ``XTS_AES_256_KEY_2````4`` 代表 ``XTS_AES_128_KEY``。最终 AES 密钥通过其中一个或两个用于指定密钥用途的 eFuse 字段值推导得出。有关各种可能的组合,请参阅 **《{IDF_TARGET_NAME} 技术参考手册》** > **片外存储器加密与解密 (XTS_AES)** [`PDF <{IDF_TARGET_TRM_CN_URL}#extmemencr>`__]。
- 4
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- 设置后,在下载启动模式下禁用 flash 加密。
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了 1 或 3 个比特位,则启用功能,否则将禁用。
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了一个或三个位,则启用功能,否则将禁用。
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and SOC_KEY_MANAGER_SUPPORTED
.. list-table:: flash 加密过程中使用的 eFuses
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
@@ -125,21 +153,49 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
- **描述**
- **位深**
* - ``BLOCK_KEYN``
- AES 密钥存储,N 在 0-5 之间。
- 256 位密钥块
- AES 密钥存储,其中 N 在 0~5 之间。使用基于密钥管理器的密钥时,不会使用此 eFuse。
- 256 位密钥块
* - ``KEY_PURPOSE_N``
- 控制 eFuse 块 ``BLOCK_KEYN``目的,其中 N 在 05 之间。对于 flash 加密,唯一的有效值是 4,代表 ``XTS_AES_128_KEY``
- 控制 eFuse 块 ``BLOCK_KEYN``用途,其中 N 在 0~5 之间。对于 flash 加密,唯一的有效值是 ``4``,代表 ``XTS_AES_128_KEY``若使用基于密钥管理器的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 4
* - ``KM_XTS_KEY_LENGTH_256``
- 使用基于密钥管理器的密钥启用 flash 加密时,此 eFuse 字段用于控制 XTS-AES 密钥的长度。将此 eFuse 字段设置为 1 表示使用 128 位密钥,设置为 0 表示使用 256 位密钥。若使用基于 eFuse 的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 1
* - ``FORCE_USE_KEY_MANAGER_KEY``
- 使用基于密钥管理器的密钥启用 flash 加密时,此 eFuse 用于强制密钥管理器使用 XTS-AES 密钥。将此 eFuse 的位 1 置为 1 以使用基于密钥管理器的密钥。若使用基于 eFuse 的密钥启用 flash 加密,则不会使用此 eFuse 字段。
- 1
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- 设置后,在下载引导模式禁用 flash 加密。
- 设置后,在下载启动模式禁用 flash 加密。
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置 1 或 3 个比特位,则启用功能,否则将禁用。
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了一个或三个位,则启用功能,否则将禁用。
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and not SOC_KEY_MANAGER_SUPPORTED
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
* - **eFuse**
- **描述**
- **位深**
* - ``BLOCK_KEYN``
- AES 密钥存储,N 在 0~5 之间。
- 256 位密钥块
* - ``KEY_PURPOSE_N``
- 控制 eFuse 块 ``BLOCK_KEYN`` 的用途,其中 N 在 0~5 之间。对于 flash 加密,唯一的有效值是 ``4``,代表 ``XTS_AES_128_KEY``
- 4
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- 设置后,在下载引导模式时禁用 flash 加密。
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了一个或三个位,则启用此功能,否则将禁用。
- 3
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
.. list-table:: flash 加密过程中使用的 eFuses
.. list-table:: 用于 flash 加密的 eFuse
:widths: 25 40 10
:header-rows: 0
@@ -147,16 +203,16 @@ flash 加密操作由 {IDF_TARGET_NAME} 上的多个 eFuse 控制,具体 eFuse
- **描述**
- **位深**
* - ``XTS_KEY_LENGTH_256``
- 控制用于得出最终 256 位 AES 密钥的 eFuse 比特的实际数量。可能的值:``1`` 使用 eFuse 块的全部 256 位作为密钥,``0`` 使用 eFuse 块的低 128 位作为密钥(高 128 位保留给安全启动密钥)。对于 128 位选项,最终的 AES 密钥会以 SHA256 (EFUSE_KEY0_FE_128BIT) 的形式得出。
- 控制用于产生最终 256 位 AES 密钥的 eFuse 的实际数量。可值:``1`` 使用 eFuse 块的全部 256 位作为密钥,``0`` 使用 eFuse 块的低 128 位作为密钥(高 128 位保留给安全启动密钥)。对于 128 位选项,最终的 AES 密钥会以 SHA256 (EFUSE_KEY0_FE_128BIT) 的形式得出。
- 1
* - ``BLOCK_KEY0``
- AES 密钥存储
- 256 位或 128 位密钥块
* - ``DIS_DOWNLOAD_MANUAL_ENCRYPT``
- 设置后,在下载引导模式时禁用 flash 加密。
- 设置后,在下载引导模式时禁用 flash 加密。
- 1
* - ``{IDF_TARGET_CRYPT_CNT}``
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置 1 或 3 个比特位,则启用功能,否则将禁用。
- 设置 SPI 启动模式后,可启用加密和解密。如果在 eFuse 中设置了一个或三个位,则启用功能,否则将禁用。
- 3
.. note::
@@ -181,11 +237,11 @@ flash 的加密过程
1. 第一次开机复位时,flash 中的所有数据都是未加密的(明文)。一级 (ROM) 引导加载程序加载二级引导加载程序。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b0000000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块,同时将 ``FLASH_CRYPT_CONFIG`` eFuse 的值编程为 0xF。关于 flash 加密块的更多信息,请参考 *{IDF_TARGET_NAME} 技术参考手册* > *eFuse 控制器 (eFuse)* > *flash 加密块* [`PDF <{IDF_TARGET_TRM_CN_URL}#efuse>`__]。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b0000000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块,同时将 ``FLASH_CRYPT_CONFIG`` eFuse 的值编程为 0xF。关于 flash 加密块的更多信息,请参考 **《{IDF_TARGET_NAME} 技术参考手册》** > **eFuse 控制器 (eFuse)** > **flash 加密块** [`PDF <{IDF_TARGET_TRM_CN_URL}#efuse>`__]。
3. 二级引导加载程序首先检查 eFuse 中是否已经存在有效密钥(例如用 espefuse 工具烧写的密钥),如果存在,则会跳过密钥生成,并将该密钥用于 flash 加密过程。否则,二级引导加载程序会使用 RNG(随机数发生器)模块生成一个 AES-256 位密钥,并将其写入 ``flash_encryption`` eFuse 中。由于已设置了 ``flash_encryption`` eFuse 的读保护位和写保护位,因此无法通过软件访问密钥。flash 加密操作完全在硬件中完成,无法通过软件访问密钥。
4. flash 加密块加密 flash 的内容二级引导加载程序、应用程序、以及``加密`` 标志的分区。就地加密可能会耗些时间对于大分区最多需要一分钟
4. flash 加密块加密 flash 的内容,包括二级引导加载程序、应用程序、以及``encrypted`` 标志的分区。就地加密需要一定时间对于大分区来说最多需要一分钟。
5. 二级引导加载程序将在 ``{IDF_TARGET_CRYPT_CNT}`` (0b0000001) 中设置第一个可用位来对已加密的 flash 内容进行标记。设置奇数个比特位。
@@ -195,15 +251,48 @@ flash 的加密过程
8. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密的内容加载到 IRAM 中。
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED
1. 第一次开机复位时,flash 中的所有数据都是未加密的(明文)。一级 (ROM) 引导加载程序加载二级引导加载程序。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参*{IDF_TARGET_NAME} 技术参考手册* > *eFuse 控制器 (eFuse)* > *自动加密块* [`PDF <{IDF_TARGET_TRM_CN_URL}#efuse>`__]。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参**《{IDF_TARGET_NAME} 技术参考手册》** > **eFuse 控制器 (eFuse)** > **手动加密块** [`PDF <{IDF_TARGET_TRM_CN_URL}#efuse>`__]。
3. 第二阶段引导加载程序会先判断是否已存在可用的密钥,从而决定是否跳过密钥生成步骤:
- 若使用基于 eFuse 的密钥启用 flash 加密,则检查 eFuse 中是否已存在有效密钥(例如通过 espefuse 工具烧录的密钥)。
- 若使用基于密钥管理器的密钥启用 flash 加密,则检查 flash 存储器的地址 0x0 和 0x1000 处是否存在有效的密钥恢复信息。
检查通过,则跳过密钥生成过程,直接使用现有密钥进行 flash 加密。
4. 如果使用基于 eFuse 的密钥,二级引导加载程序将使用 RNG(随机数发生器)模块生成 256 位或 512 位的密钥(具体位数取决于 :ref:`生成的 XTS-AES 密钥的大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`),然后将其分别写入一个或两个 ``BLOCK_KEYN`` eFuse 块中。软件也为存储密钥的块更新了 ``KEY_PURPOSE_N``。由于上述一个或两个 ``BLOCK_KEYN`` eFuse 块已设置了读写保护位,因此无法通过软件访问密钥。``KEY_PURPOSE_N`` 字段也受写保护。如果使用基于密钥管理器的密钥,二级引导加载程序则将密钥恢复信息写入 flash 内存地址 0x0,随后烧录 ``KM_XTS_KEY_LENGTH_256````FORCE_USE_KEY_MANAGER_KEY`` eFuse 字段。flash 加密操作全部在硬件中完成,因此无法通过软件访问密钥。
5. flash 加密块会加密 flash 中的内容,包括二级引导加载程序、应用程序、以及带有 ``encrypted`` 标志的分区。就地加密需要一定时间,对于大分区来说最多需要一分钟。
6. 二级引导加载程序将 ``{IDF_TARGET_CRYPT_CNT}`` (0b001) 中的第一个可用位设置为 1,以标记 flash 内容为加密状态,此时位数为奇数。
7. 对于 :ref:`flash-enc-development-mode`,二级引导加载程序允许 UART 引导加载程序重新烧录加密后的二进制文件。同时,``{IDF_TARGET_CRYPT_CNT}`` eFuse 位不受写入保护。此外,二级引导加载程序默认置位以下 eFuse 位:
.. list::
:esp32s2: - ``DIS_BOOT_REMAP``
- ``DIS_DOWNLOAD_ICACHE``
- ``DIS_DOWNLOAD_DCACHE``
- ``HARD_DIS_JTAG``
- ``DIS_LEGACY_SPI_BOOT``
8. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位以及 ``DIS_DOWNLOAD_MANUAL_ENCRYPT``,同时写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。若要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
9. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密后的内容加载到 IRAM 中。
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED
1. 第一次开机复位时,flash 中的所有数据都是未加密的(明文)。一级 (ROM) 引导加载程序加载二级引导加载程序。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参考 **《{IDF_TARGET_NAME} 技术参考手册》** > **eFuse 控制器 (eFuse)** > **自动加密块** [`PDF <{IDF_TARGET_TRM_CN_URL}#efuse>`__]。
3. 二级引导加载程序首先检查 eFuse 中是否已经存在有效密钥(例如用 espefuse 工具烧写的密钥),如果存在,则会跳过密钥生成,并将该密钥用于 flash 加密过程。否则,二级引导加载程序使用 RNG(随机数发生器)模块生成一个 256 位或 512 位的密钥,具体位数取决于 :ref:`生成的 XTS-AES 密钥的大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`,然后将其分别写入一个或两个 `BLOCK_KEYN` eFuse 中。软件也为存储密钥的块更新了 ``KEY_PURPOSE_N``。由于上述一个或两个 ``BLOCK_KEYN`` eFuse 已设置了读保护和写保护位,因此无法通过软件访问密钥。``KEY_PURPOSE_N`` 字段也受写保护。flash 加密操作完全在硬件中完成,无法通过软件访问密钥。
4. flash 加密块将加密 flash 的内容(二级引导加载程序、应用程序、以及标有加密”标志的分区)。就地加密可能会耗些时间(对于大分区最多需要一分钟)。
4. flash 加密块将加密 flash 的内容(二级引导加载程序、应用程序、以及标有加密”标志的分区)。就地加密可能会耗些时间(对于大分区最多需要一分钟)。
5. 二级引导加载程序将在 ``{IDF_TARGET_CRYPT_CNT}`` (0b001) 中设置第一个可用位来对已加密的 flash 内容进行标记。设置奇数位。
@@ -217,27 +306,54 @@ flash 的加密过程
- ``HARD_DIS_JTAG``
- ``DIS_LEGACY_SPI_BOOT``
7. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位。它还写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
7. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位以及 ``DIS_DOWNLOAD_MANUAL_ENCRYPT``。它还写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
8. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密的内容加载到 IRAM 中。
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK and SOC_KEY_MANAGER_SUPPORTED
1. 第一次开机复位时,flash 中的所有数据都是未加密的(明文)。一级 (ROM) 引导加载程序加载二级引导加载程序。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参阅 `{IDF_TARGET_NAME} 技术参考手册 <{IDF_TARGET_TRM_CN_URL}>`_
3. 第二阶段引导加载程序会先判断是否已存在可用的密钥,从而决定是否跳过密钥生成步骤:
- 若使用基于 eFuse 的密钥启用 flash 加密,则检查 eFuse 中是否已存在有效密钥(例如通过 espefuse 工具烧录的密钥)。
- 若使用基于密钥管理器的密钥启用 flash 加密,则检查 flash 存储器的地址 0x0 和 0x1000 处是否存在有效的密钥恢复信息。
检查通过,则跳过密钥生成过程,直接使用现有密钥进行 flash 加密。
4. 如果使用基于 eFuse 的密钥,二级引导加载程序将使用 RNG(随机数发生器)模块生成一个 256 位密钥,然后将其写入 ``BLOCK_KEYN`` eFuse 块。软件也为存储密钥的块更新了 ``KEY_PURPOSE_N``。该 ``BLOCK_KEYN`` eFuse 已设置了读写保护位,因此无法通过软件访问密钥。``KEY_PURPOSE_N`` 字段也受写保护。如果使用基于密钥管理器的密钥,二级引导加载程序则将密钥恢复信息写入 flash 内存地址 0x0,随后烧录 ``KM_XTS_KEY_LENGTH_256````FORCE_USE_KEY_MANAGER_KEY`` eFuse 字段。flash 加密操作全部在硬件中完成,因此无法通过软件访问密钥。
5. flash 加密块会加密 flash 中的内容,包括二级引导加载程序、应用程序、以及带有 ``encrypted`` 标志的分区。就地加密需要一定时间,对于大分区来说最多需要一分钟。
6. 二级引导加载程序将 ``{IDF_TARGET_CRYPT_CNT}`` (0b001) 中的第一个可用位设置为 1,以标记 flash 内容为加密状态,此时位数为奇数。
7. 对于 :ref:`flash-enc-development-mode`,二级引导加载程序允许 UART 引导加载程序重新烧录加密后的二进制文件。同时,``{IDF_TARGET_CRYPT_CNT}`` eFuse 位不受写入保护。此外,二级引导加载程序默认置位 ``DIS_DOWNLOAD_ICACHE````DIS_PAD_JTAG````DIS_USB_JTAG````DIS_LEGACY_SPI_BOOT``
8. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位以及 ``DIS_DOWNLOAD_MANUAL_ENCRYPT``,同时写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
9. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密后的内容加载到 IRAM 中。
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
1. 第一次开机复位时,flash 中的所有数据都是未加密的(明文)。一级 (ROM) 引导加载程序加载二级引导加载程序。
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参 `{IDF_TARGET_NAME} 技术参考手册 <{IDF_TARGET_TRM_CN_URL}>`_
2. 二级引导加载程序将读取 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 值 (``0b000``)。因为该值为 0(偶数位),二级引导加载程序将配置并启用 flash 加密块。关于 flash 加密块的更多信息,请参 `{IDF_TARGET_NAME} 技术参考手册 <{IDF_TARGET_TRM_CN_URL}>`_
3. 二级引导加载程序使用 RNG(随机数发生器)模块生成 256 位密钥,然后将其写入 `BLOCK_KEYN` eFuse。软件也为存储密钥的块更新了 ``KEY_PURPOSE_N``。由于 ``BLOCK_KEYN`` eFuse 已设置了读保护和写保护位,因此无法通过软件访问密钥。``KEY_PURPOSE_N`` 字段也受写保护。flash 加密操作完全在硬件中完成,无法通过软件访问密钥。如果 eFuse 中已经存在有效密钥(例如用 espefuse 工具烧的密钥),则会跳过密钥生成,并将该密钥用于 flash 加密过程
3. 二级引导加载程序会先判断 eFuse 中是否已经存在有效密钥(例如用 espefuse 工具烧的密钥),如果存在,则会跳过密钥生成,直接使用现有密钥进行 flash 加密。
4. flash 加密块将加密 flash 的内容(二级引导加载程序、应用程序、以及标有“加密”标志的分区)。就地加密可能会耗些时间(对于大分区最多需要一分钟)
4. 如果 eFuse 中不存在可用密钥,则二级引导加载程序使用 RNG(随机数发生器)模块生成 256 位密钥,然后将其写入 ``BLOCK_KEYN`` eFuse。软件也为存储密钥的块更新了 ``KEY_PURPOSE_N````BLOCK_KEYN`` eFuse 已设置了读写保护位,因此无法通过软件访问密钥。``KEY_PURPOSE_N`` 字段也受写保护。flash 加密操作全部在硬件中完成,因此无法通过软件访问密钥
5. 二级引导加载程序将在 ``{IDF_TARGET_CRYPT_CNT}`` (0b001) 中设置第一个可用位来对已加密的 flash 内容进行标记。设置奇数位
5. flash 加密块会加密 flash 中的内容,包括二级引导加载程序、应用程序、以及带有 ``encrypted`` 标志的分区。就地加密需要一定时间,对于大分区来说最多需要一分钟
6. 对于 :ref:`flash-enc-development-mode`,二级引导加载程序允许 UART 引导加载程序重新烧录加密后的二进制文件。同时,``{IDF_TARGET_CRYPT_CNT}`` eFuse 位不受写入保护。此外,默认情况下,二级引导加载程序设置 ``DIS_DOWNLOAD_ICACHE````DIS_PAD_JTAG````DIS_USB_JTAG````DIS_LEGACY_SPI_BOOT`` eFuse 位
6. 二级引导加载程序将 ``{IDF_TARGET_CRYPT_CNT}`` (0b001) 中的第一个可用位设置为 1,以标记 flash 内容为加密状态,此时位数为奇数
7. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位以及 ``DIS_DOWNLOAD_MANUAL_ENCRYPT``。它还写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
7. 对于 :ref:`flash-enc-development-mode`,二级引导加载程序允许 UART 引导加载程序重新烧录加密后的二进制文件。同时,``{IDF_TARGET_CRYPT_CNT}`` eFuse 位不受写入保护。此外,二级引导加载程序默认置位 ``DIS_DOWNLOAD_ICACHE````DIS_PAD_JTAG````DIS_USB_JTAG````DIS_LEGACY_SPI_BOOT``
8. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密的内容加载到 IRAM 中
8. 对于 :ref:`flash-enc-release-mode`,二级引导加载程序设置所有在开发模式下设置的 eFuse 位以及 ``DIS_DOWNLOAD_MANUAL_ENCRYPT``,同时写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse 位。要修改此行为,请参阅 :ref:`uart-bootloader-encryption`
9. 重新启动设备以开始执行加密镜像。二级引导加载程序调用 flash 解密块来解密 flash 内容,然后将解密后的内容加载到 IRAM 中。
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
@@ -301,10 +417,11 @@ flash 加密设置
:esp32: - :ref:`选择 UART ROM 下载模式 <CONFIG_SECURE_UART_ROM_DL_MODE>` (默认是 **启用**)。请注意,对于 ESP32 芯片,该选项仅在 :ref:`CONFIG_ESP32_REV_MIN` 级别设置为 3 时 (ESP32 V3) 可用。
:not esp32: - :ref:`选择 UART ROM 下载模式 <CONFIG_SECURE_UART_ROM_DL_MODE>` (默认是 **启用**)。
:SOC_FLASH_ENCRYPTION_XTS_AES_OPTIONS: - 设置 :ref:`生成的 XTS-AES 密钥大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>`。
:SOC_KEY_MANAGER_SUPPORTED: - :ref:`选择 flash 加密密钥的来源 <CONFIG_SECURE_FLASH_ENCRYPTION_KEY_SOURCE>`。
- :ref:`选择适当详细程度的引导加载程序日志 <CONFIG_BOOTLOADER_LOG_LEVEL>`
- 保存配置并退出。
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
3. 运行以下命令来构建和烧录完整的镜像。
@@ -316,15 +433,29 @@ flash 加密设置
这个命令不包括任何应该写入 flash 分区的用户文件。请在运行此命令前手动写入这些文件,否则在写入前应单独对这些文件进行加密。
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为“加密”的分区,然后复位。就地加密可能需要时间,对于大分区最多需要一分钟。之后,应用程序在运行时解密并执行命令
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为 ``encrypted`` 分区,然后复位。就地加密可能需要时间,对于大分区最多需要一分钟。之后,应用程序在运行时解密并执行。
下面是启用 flash 加密后 {IDF_TARGET_NAME} 首次启动时的样例输出:
.. only:: SOC_KEY_MANAGER_SUPPORTED
下面是使用基于密钥管理器的密钥启用 flash 加密后,{IDF_TARGET_NAME} 首次启动时的样例输出:
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: first_boot_enc_km
:end-before: ------
下面是 {IDF_TARGET_NAME} 后续启动时的样例输出,说明 flash 加密已启用(ESP-ROM 日志会提示正在使用基于密钥管理器的密钥):
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: already_en_enc_km
:end-before: ------
下面是使用基于 eFuse 的密钥启用 flash 加密后,{IDF_TARGET_NAME} 首次启动时的样例输出:
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: first_boot_enc
:end-before: ------
启用 flash 加密后,在下次启动时输出将显示已启用 flash 加密,样例输出如下:
下面是 {IDF_TARGET_NAME} 后续启动时的样例输出,说明 flash 加密已启用
.. include:: {IDF_TARGET_PATH_NAME}_log.inc
:start-after: already_en_enc
@@ -338,7 +469,7 @@ flash 加密设置
使用主机生成的密钥
""""""""""""""""""""""""
可在主机中预生成 flash 加密密钥,并将其烧录到 eFuse 密钥块中。这样,无需明文 flash 更新便可以在主机上预加密数据并将其烧录。该功能可在 :ref:`flash-enc-development-mode`:ref:`flash-enc-release-mode` 两模式下使用。如果没有预生成的密钥,数据将以明文形式烧录,然后 {IDF_TARGET_NAME} 对数据进行就地加密。
可在主机中预生成 flash 加密密钥,并将其烧录到设备中。这样,无需明文 flash 更新便可以在主机上预加密数据并将其烧录。该功能可在 :ref:`flash-enc-development-mode`:ref:`flash-enc-release-mode` 两模式下使用。如果没有预生成的密钥,数据将以明文形式烧录,然后 {IDF_TARGET_NAME} 对数据进行就地加密。
.. note::
@@ -350,7 +481,7 @@ flash 加密设置
请注意, {IDF_TARGET_NAME} 只有一个 eFuse 密钥块,同时用于安全启动和 flash 加密密钥。因此,如果使用了安全启动密钥,则主机生成的 flash 加密密钥必须与安全启动密钥一起写入,否则将无法使用安全启动。
使用主机生成的密钥完成以下步骤:
如需使用主机生成的密钥并将其烧录至设备的 eFuse 中,请完成以下步骤:
1. 确保你的 {IDF_TARGET_NAME} 设备有 :ref:`flash-encryption-efuse` 中所示的 flash 加密 eFuse 的默认设置。
@@ -469,12 +600,12 @@ flash 加密设置
4. 在 :ref:`项目配置菜单 <project-configuration-menu>` 中进行如下设置:
- :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`选择加密模式 <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (默认为 **开发模式**
- :ref:`选择适当详细程度的引导加载程序日志 <CONFIG_BOOTLOADER_LOG_LEVEL>`
- 保存配置并退出
- :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`选择加密模式 <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (默认为 **开发模式**
- :ref:`选择适当详细程度的引导加载程序日志 <CONFIG_BOOTLOADER_LOG_LEVEL>`
- 保存配置并退出
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
5. 运行以下命令来构建并烧录完整的镜像:
@@ -486,7 +617,73 @@ flash 加密设置
这个命令不包括任何应该被写入 flash 上的分区的用户文件。请在运行此命令前手动写入这些文件,否则在写入前应单独对这些文件进行加密。
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为 ``加密`` 的分区,然后复位。就地加密可能需要时间,对于大的分区来说可能耗时一分钟。之后,应用程序在运行时被解密并执行。
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为 ``encrypted`` 的分区,然后复位。就地加密可能需要时间,对于大的分区来说可能耗时一分钟。之后,应用程序在运行时被解密并执行。
.. only:: SOC_KEY_MANAGER_SUPPORTED
如需使用主机生成的密钥并将其部署至设备的密钥管理器,请完成以下步骤:
1. 确保你的 {IDF_TARGET_NAME} 设备有 :ref:`flash-encryption-efuse` 中所示的 flash 加密 eFuse 的默认设置。
请参考如何检查 :ref:`flash-encryption-status`
2. 通过运行以下命令生成一个随机密钥:
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
如果 :ref:`生成的 XTS-AES 密钥大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` 是 AES-128256 位密钥):
.. code-block:: bash
idf.py secure-generate-flash-encryption-key my_flash_encryption_key.bin
如果 :ref:`生成的 XTS-AES 密钥大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` 是 AES-256512 位密钥):
.. code-block:: bash
idf.py secure-generate-flash-encryption-key --keylen 512 my_flash_encryption_key.bin
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
.. code-block:: bash
idf.py secure-generate-flash-encryption-key my_flash_encryption_key.bin
3. **在首次加密启动前**,使用密钥管理器的 AES 部署模式,通过初始化密钥和辅助密钥将密钥部署到设备的密钥管理器中。
4. 部署过程将为已部署的密钥生成密钥恢复信息。使用以下命令将该信息存储到 flash 地址 0x0 处:
.. code-block:: bash
esptool --port PORT --baud BAUD write-flash 0x0 key_recovery_info.bin
如果未部署密钥就在启用 flash 加密后启动设备,{IDF_TARGET_NAME} 将生成并部署一个软件无法访问或修改的随机密钥。
.. note::
上述命令不包括任何应该被写入 flash 分区的用户文件。请在运行此命令前手动写入这些文件,或者在写入前单独对这些文件进行加密。
5. 在 :ref:`project-configuration-menu` 中进行如下设置:
- :ref:`启动时启用 flash 加密功能 <CONFIG_SECURE_FLASH_ENC_ENABLED>`
- :ref:`选择加密模式 <CONFIG_SECURE_FLASH_ENCRYPTION_MODE>` (默认为 **开发模式**
- :ref:`选择 flash 加密密钥来源为密钥管理器 <CONFIG_SECURE_FLASH_ENCRYPTION_KEY_SOURCE>`
- :ref:`选择适当详细程度的引导加载程序日志 <CONFIG_BOOTLOADER_LOG_LEVEL>`
- 保存配置并退出。
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。详情请参阅 :ref:`bootloader-size`
6. 运行以下命令来构建并烧录完整的镜像:
.. code-block:: bash
idf.py flash monitor
.. note::
上述命令不包括任何应该被写入 flash 分区的用户文件。请在运行此命令前手动写入这些文件,或者在写入前单独对这些文件进行加密。
如果使用开发模式,那么更新和重新烧录二进制文件最简单的方法是 :ref:`encrypt-partitions`
@@ -540,7 +737,7 @@ flash 加密设置
- :ref:`选择适当详细程度的引导加载程序日志级别 <CONFIG_BOOTLOADER_LOG_LEVEL>`
- 保存配置并退出。
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
启用 flash 加密将增大引导加载程序,因而可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
3. 运行以下命令来构建并烧录完整的镜像:
@@ -553,7 +750,7 @@ flash 加密设置
这个命令不包括任何应该被写入 flash 分区的用户文件。请在运行此命令前手动写入这些文件,否则在写入前应单独对这些文件进行加密。
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为 ``加密`` 的分区,然后复位。就地加密可能需要时间,对于大的分区来说可能耗时一分钟。之后,应用程序在运行时被解密并执行。
该命令将向 flash 写入未加密的镜像:二级引导加载程序、分区表和应用程序。烧录完成后,{IDF_TARGET_NAME} 将复位。在下一次启动时,二级引导加载程序会加密:二级引导加载程序、应用程序分区和标记为 ``encrypted`` 的分区,然后复位。就地加密可能需要时间,对于大的分区来说可能耗时一分钟。之后,应用程序在运行时被解密并执行。
一旦在量产模式下启用 flash 加密,引导加载程序将写保护 ``{IDF_TARGET_CRYPT_CNT}`` eFuse。
@@ -589,55 +786,55 @@ flash 加密设置
1. 如果通过 **明文二级引导加载程序镜像** 重新烧录了引导加载程序分区,则 ROM 加载器将无法加载二级引导加载程序,并会显示以下错误类型:
.. only:: esp32
.. only:: esp32
.. code-block:: bash
.. code-block:: bash
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
rst:0x7 (TG0WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
flash read err, 1000
ets_main.c 371
ets Jun 8 2016 00:22:57
.. only:: not esp32
.. only:: not esp32
.. code-block:: bash
.. code-block:: bash
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
invalid header: 0xb414f76b
.. note::
.. note::
不同应用程序中无效头文件的值不同。
不同应用程序中无效头文件的值不同。
.. note::
.. note::
如果 flash 内容被擦除或损坏,也会出现这个错误。
如果 flash 内容被擦除或损坏,也会出现这个错误。
2. 如果二级引导加载程序已加密,但通过 **明文分区表镜像** 重新烧录了分区表,引导加载程序将无法读取分区表,从而出现以下错误:
@@ -700,7 +897,7 @@ flash 加密设置
{IDF_TARGET_NAME} flash 加密状态
-----------------------------------------
1. 确保你的 {IDF_TARGET_NAME} 设备有 :ref:`flash-encryption-efuse` 中所示的 flash 加密 eFuse 的默认设置。
确保你的 {IDF_TARGET_NAME} 设备有 :ref:`flash-encryption-efuse` 中所示的 flash 加密 eFuse 的默认设置。
要检查你的 {IDF_TARGET_NAME} 设备上是否启用了 flash 加密,请执行以下操作之一:
@@ -758,7 +955,7 @@ flash 加密范围
也可以使用函数 :cpp:func:`esp_flash_write_encrypted` 预加密和写入数据。
此外,esp-idf 应用程序中存在但不支持以下 ROM 函数:
此外,ESP-IDF 应用程序中存在但不支持以下 ROM 函数:
- ``esp_rom_spiflash_write_encrypted`` 预加密并将数据写入 flash
- ``SPIWrite`` 将未加密的数据写入 flash
@@ -828,11 +1025,13 @@ flash 加密的要点
:esp32: - flash 加密算法采用的是 AES-256,其中密钥随着 flash 的每个 32 字节块的偏移地址“调整”。这意味着,每个 32 字节块(2 个连续的 16 字节 AES 块)使用从 flash 加密密钥中产生的一个特殊密钥进行加密。
:esp32s2 or esp32s3: - 使用 XTS-AES-128 或 XTS-AES-256 加密 flash。flash 加密密钥分别为 256 位和 512 位,存储于芯片内部一个或两个 ``BLOCK_KEYN`` eFuse 中,并(默认)受保护,防止软件访问。
:SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_KEY_MANAGER_SUPPORTED: - 使用 XTS-AES-128 或 XTS-AES-256 加密 flash。flash 加密密钥分别为 256 位和 512 位,存储于芯片内部一个或两个 ``BLOCK_KEYN`` eFuse 块中。默认情况下,这些密钥受硬件保护,软件无法访问。
:esp32c3: - 使用 XTS-AES-128 加密 flash。 flash 加密密钥为 256 位存储于芯片内部的 ``BLOCK_KEYN`` eFuse 中,并(默认)受保护,防止软件访问。
:SOC_FLASH_ENCRYPTION_XTS_AES_256 and SOC_KEY_MANAGER_SUPPORTED: - 使用 XTS-AES-128 或 XTS-AES-256 加密 flash。flash 加密密钥分别为 256 位和 512 位。若 flash 加密使用基于 eFuse 的密钥启用,则密钥存储于芯片内部的一个或两个 ``BLOCK_KEYN`` eFuse 块中;若 flash 加密使用基于密钥管理器的密钥启用,则 flash 加密密钥存储于密钥管理器中。默认情况下,这些密钥受硬件保护,软件无法访问。
:esp32c2: - 使用 XTS-AES-128 加密 flash。 flash 加密密钥为 128 位或 256 位,存储于芯片内部的 ``BLOCK_KEY0`` eFuse 中,并(默认)受保护,防止软件访问。
:SOC_FLASH_ENCRYPTION_XTS_AES_128 and not SOC_FLASH_ENCRYPTION_XTS_AES_256 and not SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED: - 使用 XTS-AES-128 加密 flash。flash 加密密钥为 256 位,存储于芯片内部的 ``BLOCK_KEYN`` eFuse 块中。默认情况下,该密钥受硬件保护,软件无法访问。
:SOC_FLASH_ENCRYPTION_XTS_AES_128_DERIVED: - 使用 XTS-AES-128 加密 flash。 flash 加密密钥为 128 位或 256 位,存储于芯片内部的 ``BLOCK_KEY0`` eFuse 块中。默认情况下,该密钥受硬件保护,软件无法访问。
- 通过 {IDF_TARGET_NAME} 的 flash 缓存映射功能,flash 可支持透明访问——任何映射到地址空间的 flash 区域在读取时都将被透明地解密。
@@ -842,11 +1041,11 @@ flash 加密的要点
- 如果已启用安全启动,重新烧录加密设备的引导加载程序则需要“可重新烧录”的安全启动摘要(可参考 :ref:`flash-encryption-and-secure-boot`)。
启用 flash 加密将增大引导加载程序,因此可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
启用 flash 加密将增大引导加载程序,因此可能需更新分区表偏移量。请参考 :ref:`引导加载程序大小 <bootloader-size>`
.. important::
.. important::
在首次启动加密过程中,请勿切断 {IDF_TARGET_NAME} 的电源。如果电源被切断,flash 的内容将受到破坏,并需要重新烧录未加密数据。而这类重新烧录将不计入烧录限制次数。
在首次启动加密过程中,请勿切断 {IDF_TARGET_NAME} 的电源。如果电源被切断,flash 的内容将受到破坏,并需要重新烧录未加密数据。而这类重新烧录将不计入烧录限制次数。
.. _flash-encryption-limitations:
@@ -883,7 +1082,7 @@ flash 加密与安全启动
- 在启用 flash 加密量产模式时,建议在首次启动时就设置 :ref:`xts-aes-pseudo-round-func` 所需的强度。如果你的工作流程需要在首次启动后更新该函数的强度,则应启用 :ref:`CONFIG_SECURE_BOOT_SKIP_WRITE_PROTECTION_SCA`,避免在启动过程中对该位进行写保护。
.. _flash-encryption-without-secure-boot:
.. _flash-encryption-advanced-features:
flash 加密的高级功能
--------------------------------
@@ -934,11 +1133,11 @@ flash 加密的高级功能
.. list::
- ``DIS_DOWNLOAD_MANUAL_ENCRYPT`` 在 UART 引导加载程序启动模式下运行时,禁止 flash 加密操作。
:esp32s2 or esp32s3: - ``DIS_DOWNLOAD_ICACHE`` 和 ``DIS_DOWNLOAD_DCACHE`` 在 UART 引导加载程序模式下运行时禁止整个 MMU flash 缓存。
:esp32c3 or esp32c2: - ``DIS_DOWNLOAD_ICACHE`` 在 UART 引导加载程序模式下运行时禁止整个 MMU flash 缓存。
:SOC_EFUSE_DIS_DOWNLOAD_ICACHE and SOC_EFUSE_DIS_DOWNLOAD_DCACHE: - ``DIS_DOWNLOAD_ICACHE`` 和 ``DIS_DOWNLOAD_DCACHE`` 在 UART 引导加载程序模式下运行时禁止整个 MMU flash 缓存。
:SOC_EFUSE_DIS_DOWNLOAD_ICACHE and not SOC_EFUSE_DIS_DOWNLOAD_DCACHE: - ``DIS_DOWNLOAD_ICACHE`` 在 UART 引导加载程序模式下运行时禁止整个 MMU flash 缓存。
:esp32s2: - ``HARD_DIS_JTAG`` 禁用 JTAG。
:esp32c3: - ``DIS_PAD_JTAG`` 和 ``DIS_USB_JTAG`` 禁用 JTAG。
:esp32s3: - ``HARD_DIS_JTAG`` 和 ``DIS_USB_JTAG`` 禁用 JTAG。
:SOC_EFUSE_DIS_PAD_JTAG and SOC_EFUSE_DIS_USB_JTAG: - ``DIS_PAD_JTAG`` 和 ``DIS_USB_JTAG`` 禁用 JTAG。
:SOC_EFUSE_HARD_DIS_JTAG and SOC_EFUSE_DIS_USB_JTAG: - ``HARD_DIS_JTAG`` 和 ``DIS_USB_JTAG`` 禁用 JTAG。
- ``DIS_DIRECT_BOOT``(即之前的 ``DIS_LEGACY_SPI_BOOT``)禁用传统的 SPI 启动模式。
:SOC_EFUSE_DIS_DOWNLOAD_MSPI: - ``DIS_DOWNLOAD_MSPI`` 在下载模式下禁用 MSPI 访问
@@ -1003,7 +1202,13 @@ JTAG 调试
手动加密文件
^^^^^^^^^^^^^^^^^^^^
手动加密或解密文件需要在 eFuse 中预烧录 flash 加密密钥(请参阅 :ref:`pregenerated-flash-encryption-key`)并在主机上保留一份副本。 如果 flash 加密配置在开发模式下,那么则不需要保留密钥的副本或遵循这些步骤,可以使用更简单的 :ref:`encrypt-partitions` 步骤。
.. only:: SOC_KEY_MANAGER_SUPPORTED
手动加密或解密文件需要将 flash 加密密钥部署到密钥管理器或在 eFuse 中预烧录(请参阅 :ref:`pregenerated-flash-encryption-key`)并在主机上保留一份副本。如果 flash 加密配置在开发模式下,则不需要保留密钥的副本或遵循以下步骤,可以使用更简单的 :ref:`encrypt-partitions` 步骤。
.. only:: not SOC_KEY_MANAGER_SUPPORTED
手动加密或解密文件需要在 eFuse 中预烧录 flash 加密密钥(请参阅 :ref:`pregenerated-flash-encryption-key`)并在主机上保留一份副本。如果 flash 加密配置在开发模式下,则不需要保留密钥的副本或遵循以下步骤,可以使用更简单的 :ref:`encrypt-partitions` 步骤。
密钥文件应该是单个原始二进制文件(例如:``key.bin``)。
@@ -1025,7 +1230,7 @@ JTAG 调试
.. note::
如果 {IDF_TARGET_NAME} 在启动时无法识别烧录进去的密文文件,请检查密钥是否匹配以及命令行参数是否完全匹配,包括偏移量是否正确。
如果 {IDF_TARGET_NAME} 在启动时无法识别烧录进去的密文文件,请检查密钥是否匹配以及命令行参数是否完全匹配,包括偏移量是否正确。
.. only:: esp32
docs/zh_CN/security/security-features-enablement-workflows.rst
+51 -13
View File
@@ -118,7 +118,7 @@
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_128 and SOC_EFUSE_CONSISTS_OF_ONE_KEY_BLOCK
如果 :ref:` 生成的 AES-XTS 密钥的大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` 为 AES-128256 位密钥):
如果 :ref:`生成的 AES-XTS 密钥的大小 <CONFIG_SECURE_FLASH_ENCRYPTION_KEYSIZE>` 为 AES-128256 位密钥):
.. code-block:: bash
@@ -130,19 +130,57 @@
espsecure generate-flash-encryption-key --keylen 128 my_flash_encryption_key.bin
3. 将 flash 加密密钥烧录到 eFuse
3. 将生成的 flash 加密密钥烧录到设备
.. only:: SOC_KEY_MANAGER_SUPPORTED
a. 若使用密钥管理器存储 flash 加密密钥,请为 flash 加密密钥生成密钥恢复信息,并使用以下命令将其保存至 flash 地址 0x0 处:
.. code-block:: bash
esptool --port PORT write-flash 0x0 key_recovery_info.bin
将密钥恢复信息存储至 flash 后,还需要烧录 ``KM_XTS_KEY_LENGTH_256````FORCE_USE_KEY_MANAGER_KEY`` eFuse。
.. warning::
此操作 **无法回退**
``FORCE_USE_KEY_MANAGER_KEY`` eFuse 的第 1 位用于强制使用基于密钥管理器的 XTS-AES 密钥。
.. code-block:: bash
espefuse --port PORT burn-efuse FORCE_USE_KEY_MANAGER_KEY 2
``KM_XTS_KEY_LENGTH_256`` eFuse 用于控制基于密钥管理器的 XTS-AES 密钥长度。将该 eFuse 设置为 1 表示使用 128 位密钥,设置为 0 表示使用 256 位密钥。
若使用 128 位密钥,请将 ``KM_XTS_KEY_LENGTH_256`` eFuse 设置为 1。
.. code-block:: bash
espefuse --port PORT burn-efuse KM_XTS_KEY_LENGTH_256 1
若使用 256 位密钥,请将 ``KM_XTS_KEY_LENGTH_256`` eFuse 设置为 0。
.. code-block:: bash
espefuse --port PORT burn-efuse KM_XTS_KEY_LENGTH_256 0
b. 如需将 flash 加密密钥存储至 eFuse 中,请运行以下命令:
.. only:: not SOC_KEY_MANAGER_SUPPORTED
如需将 flash 加密密钥存储在 eFuse 中,请运行以下命令:
.. warning::
这个操作 **无法回退**
运行以下命令进行烧录:
操作 **无法回退**
.. only:: not SOC_FLASH_ENCRYPTION_XTS_AES
.. code-block:: bash
espefuse --port PORT burn-key flash-encryption my_flash_encryption_key.bin
espefuse --port PORT burn-key flash_encryption my_flash_encryption_key.bin
.. only:: SOC_FLASH_ENCRYPTION_XTS_AES_256
@@ -150,7 +188,7 @@
espefuse --port PORT burn-key BLOCK my_flash_encryption_key.bin KEYPURPOSE
其中, ``BLOCK`` 是位于 ``BLOCK_KEY0````BLOCK_KEY5`` 之间的空闲密钥块, ``KEYPURPOSE````XTS_AES_256_KEY_1`` ``XTS_AES_256_KEY_2````XTS_AES_128_KEY``。有关密钥用途的说明,请参阅 `{IDF_TARGET_NAME} 技术参考手册 <{IDF_TARGET_TRM_EN_URL}>`__。
其中, ``BLOCK`` 是位于 ``BLOCK_KEY0````BLOCK_KEY5`` 之间的空闲密钥块, ``KEYPURPOSE````XTS_AES_256_KEY_1`` ``XTS_AES_256_KEY_2````XTS_AES_128_KEY``。有关密钥用途的说明,请参阅 `{IDF_TARGET_NAME} 技术参考手册 <{IDF_TARGET_TRM_CN_URL}>`__。
对于 AES-128256 位密钥)- ``XTS_AES_128_KEY``
@@ -189,7 +227,7 @@
espefuse --port PORT burn-key BLOCK_KEY0 flash_encryption_key256.bin XTS_AES_128_KEY
对于从 SHA256128 eFuse 位)派生的 AES-128 密钥 - ``XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS``。FE 密钥会被写入 eFuse BLOCK_KEY0 的后半部分。 128 位不会被使用,并保持可供软件读取状态。使用 espefuse 工具的特殊模式,可以用任何 espefuse 命令将数据写入其中,可参考下文 ``同时烧录两个密钥``
对于从 SHA256128 eFuse 位)派生的 AES-128 密钥 - ``XTS_AES_128_KEY_DERIVED_FROM_128_EFUSE_BITS``。FE 密钥会被写入 eFuse BLOCK_KEY0 低位部分。 128 位不会被使用,并保持可供软件读取状态。使用 espefuse 工具的特殊模式,可以用任何 espefuse 命令将数据写入其中,可参考下文 ``同时烧录两个密钥``
.. code-block:: bash
@@ -400,7 +438,7 @@ flash 加密指南
.. code:: bash
espsecure generate-signing-key --version 2 --scheme rsa3072 secure_boot_signinig_key.pem
espsecure generate-signing-key --version 2 --scheme rsa3072 secure_boot_signing_key.pem
.. only:: SOC_SECURE_BOOT_V2_ECC
@@ -499,12 +537,12 @@ flash 加密指南
:SOC_EFUSE_DIS_BOOT_REMAP: - ``DIS_BOOT_REMAP``:禁用将 ROM 重新映射到 RAM 地址空间的功能。
:SOC_EFUSE_HARD_DIS_JTAG: - ``HARD_DIS_JTAG``:硬禁用 JTAG 外设。
:SOC_EFUSE_SOFT_DIS_JTAG: - ``SOFT_DIS_JTAG``:禁止软件对 JTAG 外设的访问。
:SOC_EFUSE_DIS_DIRECT_BOOT:- ``DIS_DIRECT_BOOT``: 禁用直接引导(旧版 SPI 引导模式)。
:SOC_EFUSE_DIS_DIRECT_BOOT: - ``DIS_DIRECT_BOOT``: 禁用直接引导(旧版 SPI 引导模式)。
:SOC_EFUSE_DIS_LEGACY_SPI_BOOT: - ``DIS_LEGACY_SPI_BOOT``:禁用旧版 SPI 引导模式。
:SOC_EFUSE_DIS_USB_JTAG: - ``DIS_USB_JTAG``:禁止从 USB 切换到 JTAG。
:SOC_EFUSE_DIS_PAD_JTAG: - ``DIS_PAD_JTAG``:永久禁用 JTAG。
:SOC_EFUSE_REVOKE_BOOT_KEY_DIGESTS: - ``SECURE_BOOT_AGGRESSIVE_REVOKE``:主动吊销密钥摘要。详请请参阅 :ref:`secure-boot-v2-aggressive-key-revocation`。
:SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED: - ``WR_DIS_ECDSA_CURVE_MODE``:禁止写入 ECDSA 曲线模式的 eFuse 位。由于此写保护位与 ``ECC_FORCE_CONST_TIME`` 共享,建议配置好 ``ECC_FORCE_CONST_TIME`` eFuse 字段后,再设置此写保护位
:SOC_ECDSA_P192_CURVE_DEFAULT_DISABLED: - ``WR_DIS_ECDSA_CURVE_MODE``:禁止写入 ECDSA 曲线模式的 eFuse 位。由于此写保护位与 ``ECC_FORCE_CONST_TIME`` 共享,建议配置好 ``ECC_FORCE_CONST_TIME`` eFuse 字段后,再设置此写保护位。
:SOC_ECDSA_SUPPORT_CURVE_P384: - ``WR_DIS_SECURE_BOOT_SHA384_EN``:禁止写入 SHA-384 Secure Boot 的 eFuse 位。由于此写保护位与 ``XTS_DPA_PSEUDO_LEVEL`` 和 ``ECC_FORCE_CONST_TIME`` 共享,建议先配置好这两个 eFuse,再设置此写保护位。
运行以下命令烧录相应的 eFuse:
@@ -677,7 +715,7 @@ Secure Boot v2 指南
3. 生成加密的 NVS 分区
主机上将会生成加密 NVS 分区。有关生成加密 NVS 分区的详细信息,请参阅 :ref:`generate-encrypted-nvs-partition`。为此,CSV 文件中应该包含 NVS 文件的全部内容。详情请参阅 :ref:`nvs-csv-file-format`
主机上将会生成加密 NVS 分区。有关生成加密 NVS 分区的详细信息,请参阅 :ref:`generate-encrypted-nvs-partition`。为此,CSV 文件中应该包含 NVS 文件的全部内容。详情请参阅 :ref:`nvs-csv-file-format`
使用以下命令,可以生成加密的 NVS 分区:
@@ -736,7 +774,7 @@ Secure Boot v2 指南
下文解释了上述命令中的一些参数:
* CSV 文件名 - 上述命中的 `sample_singlepage_blob.csv` 是指包含 NVS 数据的 CSV 文件,请将其替换为所选文件。
* CSV 文件名 - 上述命中的 `sample_singlepage_blob.csv` 是指包含 NVS 数据的 CSV 文件,请将其替换为所选文件。
* NVS 分区大小 - 这是 NVS 分区的大小(以字节为单位)。请将上述命令中的示例值 ``0x3000`` 更新为你实际 NVS 分区的正确大小。
docs/zh_CN/security/security.rst
+21 -3
View File
@@ -3,7 +3,7 @@
{IDF_TARGET_CIPHER_SCHEME:default="RSA", esp32h2="RSA 或 ECDSA", esp32p4="RSA 或 ECDSA", esp32c5="RSA 或 ECDSA", esp32c61="ECDSA", esp32h21="RSA 或 ECDSA"}
{IDF_TARGET_SIG_PERI:default="DS", esp32h2="DS 或 ECDSA", esp32p4="DS 或 ECDSA", esp32c5="DS 或 ECDSA", esp32c61="ECDSA"}
{IDF_TARGET_SIG_PERI:default="DS", esp32h2="DS 或 ECDSA", esp32p4="DS 或 ECDSA", esp32c5="DS 或 ECDSA"}
:link_to_translation:`en:[English]`
@@ -101,6 +101,24 @@ flash 加密最佳实践
详情请参阅 :doc:`../api-reference/peripherals/ecdsa`:doc:`../api-reference/peripherals/ds`
.. only:: SOC_KEY_MANAGER_SUPPORTED
密钥管理器
~~~~~~~~~~
{IDF_TARGET_NAME} 中的密钥管理器外设提供硬件辅助的 **密钥部署和恢复** 功能,适用于加密密钥。密钥通过每块芯片独有的硬件唯一密钥 (HUK) 进行加密绑定,确保密钥内容不会暴露给软件可访问的内存。
密钥管理器支持以下加密外设的密钥管理::doc:`ECDSA <../api-reference/peripherals/ecdsa>`:doc:`HMAC <../api-reference/peripherals/hmac>`:doc:`数字签名 (DS) <../api-reference/peripherals/ds>` 以及 flash 加密。
详情请参阅 :doc:`../api-reference/peripherals/key_manager`
密钥管理器最佳实践
^^^^^^^^^^^^^^^^^^
* 防止密钥管理器部署密钥的 ``key_recovery_info`` 遭受未授权修改或丢失。
* 在成功部署密钥后,锁定密钥管理器相关的安全 eFuse,防止重新部署同类型密钥。
* 除非明确需要,否则在已启用 flash 加密的情况下,避免部署新的 XTS-AES 密钥。
.. only:: SOC_MEMPROT_SUPPORTED or SOC_CPU_IDRAM_SPLIT_USING_PMP
内存保护
@@ -124,7 +142,7 @@ flash 加密最佳实践
差分功耗分析 (DPA) 保护
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
{IDF_TARGET_NAME} 支持针对 DPA 相关安全攻击的保护机制。DPA 保护通过动态调整加密外设的时钟频率,在其运行期间模糊了功耗轨迹。时钟变化范围会根据配置的 DPA 安全级别改变。更多详情请参阅 *{IDF_TARGET_NAME} 技术参考手册* > [`PDF <{IDF_TARGET_TRM_CN_URL}>`__]。
{IDF_TARGET_NAME} 支持针对 DPA 相关安全攻击的保护机制。DPA 保护通过动态调整加密外设的时钟频率,在其运行期间模糊了功耗轨迹。时钟变化范围会根据配置的 DPA 安全级别改变。详情请参阅 **《{IDF_TARGET_NAME} 技术参考手册》** [`PDF <{IDF_TARGET_TRM_CN_URL}>`__]。
通过 :ref:`CONFIG_ESP_CRYPTO_DPA_PROTECTION_LEVEL` 可以调整 DPA 级别。级别越高安全性越强,但也可能会影响性能。默认启用最低级别 DPA 保护,可以根据安全需求修改。
@@ -140,7 +158,7 @@ flash 加密最佳实践
{IDF_TARGET_NAME} 在 AES 外设中集成了伪轮次功能,使该外设能够在原始操作轮次前后随机插入伪轮次,并生成一个伪密钥来执行这些虚拟操作。
这些操作不会改变原始结果,但能够通过随机化功耗特征,提高实施侧信道分析攻击的复杂性。
可以使用 :ref:`CONFIG_MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH` 选择伪轮次功能的强度。提高强度会增强该功能所提供的安全性,但会加密/解密操作的速度。
可以使用 :ref:`CONFIG_MBEDTLS_AES_USE_PSEUDO_ROUND_FUNC_STRENGTH` 选择伪轮次功能的强度。提高强度会增强该功能所提供的安全性,但会减缓加密/解密操作的速度。
.. list-table:: 伪轮次功能的不同强度对 AES 操作性能的影响