![]() KEY_PURPOSE_N field is write-protected as well. The key cannot be accessed via software as the write and read protection bits for BLOCK_KEYN eFuse are set. The software also updates the KEY_PURPOSE_N for the block where the key is stored. For more information on the flash encryption block, see ESP32-C3 Technical Reference Manual.įirmware bootloader uses RNG (random) module to generate an 256 bit key and then writes it into BLOCK_KEYN eFuse. Since the value is 0 (even number of bits set), it configures and enables the flash encryption block. ![]() The ROM bootloader loads the firmware bootloader.įirmware bootloader reads the SPI_BOOT_CRYPT_CNT eFuse value ( 0b000). On the first power-on reset, all data in flash is un-encrypted (plaintext). Flash Encryption Process Īssuming that the eFuse values are in their default states and the firmware bootloader is compiled to support flash encryption, the flash encryption process executes as shown below: Example espefuse.py write_protect_efuse DISABLE_DL_ENCRYPT. To change protection bits of eFuse field using espefuse.py, use these two commands: read_protect_efuse and write_protect_efuse. For more information on ESP32-C3 eFuses, see eFuse manager. Read and write access to eFuse bits is controlled by appropriate fields in the registers WR_DIS and RD_DIS. The default value of these bits is 0 afer manufacturing. R/W access control is available for all the eFuse bits listed in the table above. Feature is enabled if 1 or 3 bits are set in the eFuse, disabled otherwise. If set, disable flash encryption when in download bootmodes.Įnable encryption and decryption, when an SPI boot mode is set. For flash encryption, the only valid value is 4 for XTS_AES_128_KEY. eFuses Used in Flash Encryption Ĭontrol the purpose of eFuse block BLOCK_KEYN, where N is between 0 and 5. For usage in the eFuse API, modify the name by adding ESP_EFUSE_, for example: esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_ENCRYPT). The names in eFuse column are also used by espefuse.py tool. The list of eFuses and their descriptions is given in the table below. The flash encryption operation is controlled by various eFuses available on ESP32-C3. Before using this feature, read the document and make sure to understand the implications. Enabling flash encryption limits the options for further updates of ESP32-C3.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |