我先在主机上自己编写了一个秘钥key.bin,然后将它烧录到ESP32-S2上Code:
Select all
PS D:ESP-IDFtesthello_world> D:ESP-IDF.espressifpython_envidf5.1_py3.8_envScriptspython.exe D:ESP-IDFesp-idfcomponentsesptool_pyesptoolespefuse.py --port COM22 burn_key BLOCK_KEY0 key.bin XTS_AES_128_KEY espefuse.py v4.6.2Connec
ting....Detecting chip type... Unsupported detection protocol, switching and trying again...Detecting chip type... ESP32-S2=== Run "burn_key" command ===Sensitive data will be hidden (see --show-sensitive-info)Burn keys to blocks: - BLOCK_KEY0 -> [?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??] Reversing byte order for AES-XTS hardware peripheral 'KEY_PURPOSE_0': 'USER' -> 'XTS_AES_128_KEY'. Disabling write to 'KEY_PURPOSE_0'. Disabling read to key block Disabling write to key blockCheck all blocks for burn...idx, BLOCK_NAME, Conclusion[00] BLOCK0 is empty, will burn the new value[04] BLOCK_KEY0 is empty, will burn the new value.This is an irreversible operation!Type 'BURN' (all capitals) to continue.BURNBURN BLOCK4 - OK (write block == read block)BURN BLOCK0 - OK (write block == read block)Reading updated efuses...SuccessfulPS D:ESP-IDFtesthello_world>
然后在工程配置中启用flash加密功能,不使用UART安全模式,保留UART下载功能,然后烧录进ESP32-S2,第一次启动能观察到ESP32-S2的加密过程,然后我修改了代码,重新编译后使用key.bin预先加密固件Code:
Select all
PS D:ESP-IDFtesthello_world> D:ESP-IDF.espressifpython_envidf5.1_py3.8_envScriptspython.exe D:ESP-IDFesp-idfcomponentsesptool_pyesptoolespsecure.py encrypt_flash_data --aes_xts --keyfile key.bin --address 0x10000 --output my-app-ciphertext.bin build/bootloader/bootloader.binespsecure.py v4.6.2Using 256-bit keyPS D:ESP-IDFtesthello_world>
然后烧录进ESP32-S2中,接着复位ESP32-S2却无法运行,监视窗口出现如下打印信息Code:
Select all
ESP-ROM:esp32s2-rc4-20191025Build:Oct 25 2019rst:0x1 (POWERON),boot:0xf (SPI_FAST_FLASH_BOOT)invalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13dinvalid header: 0xefa1f13d
接着我读取了ESP32-S2上的eFuse信息Code:
Select all
PS D:ESP-IDFtesthello_world> D:ESP-IDF.espressifpython_envidf5.1_py3.8_envScriptspython.exe D:ESP-IDFesp-idfcomponentsesptool_pyesptoolespefuse.py -p COM22 summaryespefuse.py v4.6.2Connecting.............Detecting chip type... Unsupported detection protocol, switching and trying again...Detecting chip type... ESP32-S2=== Run "summary" command ===EFUSE_NAME (Block) Description = [Meaningful Value] [Readable/Writeable] (Hex Value)----------------------------------------------------------------------------------------Calibration fuses:ADC_CALIB (BLOCK2) 4 bit of ADC calibration = 0 R/W (0x0)TEMP_CALIB (BLOCK2) Temperature calibration data = -5.6000000000000005 R/W (0b100111000)RTCCALIB_V1IDX_A10H (BLOCK2) = 140 R/W (0x8c)RTCCALIB_V1IDX_A11H (BLOCK2) = 138 R/W (0x8a)RTCCALIB_V1IDX_A12H (BLOCK2) = 137 R/W (0x89)RTCCALIB_V1IDX_A13H (BLOCK2) = 133 R/W (0x85)RTCCALIB_V1IDX_A20H (BLOCK2) = 144 R/W (0x90)RTCCALIB_V1IDX_A21H (BLOCK2) = 143 R/W (0x8f)RTCCALIB_V1IDX_A22H (BLOCK2) = 141 R/W (0x8d)RTCCALIB_V1IDX_A23H (BLOCK2) = 141 R/W (0x8d)RTCCALIB_V1IDX_A10L (BLOCK2) = 38 R/W (0b100110)RTCCALIB_V1IDX_A11L (BLOCK2) = 36 R/W (0b100100)RTCCALIB_V1IDX_A12L (BLOCK2) = 35 R/W (0b100011)RTCCALIB_V1IDX_A13L (BLOCK2) = 33 R/W (0b100001)RTCCALIB_V1IDX_A20L (BLOCK2) = 40 R/W (0b101000)RTCCALIB_V1IDX_A21L (BLOCK2) = 38 R/W (0b100110)RTCCALIB_V1IDX_A22L (BLOCK2) = 37 R/W (0b100101)RTCCALIB_V1IDX_A23L (BLOCK2) = 34 R/W (0b100010)Config fuses:WR_DIS (BLOCK0) Disable programming of individual eFuses = 8388868 R/W (0x00800104)RD_DIS (BLOCK0) Disable reading from BlOCK4-10 = 1 R/W (0b0000001)DIS_ICACHE (BLOCK0) Set this bit to disable Icache = False R/- (0b0)DIS_DCACHE (BLOCK0) Set this bit to disable Dcache = False R/- (0b0)DIS_TWAI (BLOCK0) Set this bit to disable the TWAI Controller functi = False R/- (0b0) onDIS_BOOT_REMAP (BLOCK0) Disables capability to Remap RAM to ROM address sp = True R/- (0b1) aceDIS_LEGACY_SPI_BOOT (BLOCK0) Set this bit to disable Legacy SPI boot mode = True R/W (0b1)UART_PRINT_CHANNEL (BLOCK0) Selects the default UART for printing boot message = UART0 R/W (0b0) sUART_PRINT_CONTROL (BLOCK0) Set the default UART boot message output mode = Enable R/W (0b00)PIN_POWER_SELECTION (BLOCK0) Set default power supply for GPIO33-GPIO37; set wh = VDD3P3_CPU R/W (0b0) en SPI flash is initializedBLOCK_USR_DATA (BLOCK3) User data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WBLOCK_SYS_DATA2 (BLOCK10) System data part 2 (reserved) = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WFlash fuses:FLASH_TPUW (BLOCK0) Configures flash startup delay after SoC power-up; = 0 R/W (0x0) in unit of (ms/2). When the value is 15; delay is 7.5 msFLASH_TYPE (BLOCK0) SPI flash type = 4 data lines R/W (0b0)FORCE_SEND_RESUME (BLOCK0) If set; forces ROM code to send an SPI flash resum = False R/W (0b0) e command during SPI bootFLASH_VERSION (BLOCK1) Flash version = 2 R/W (0x2)Identity fuses:BLOCK0_VERSION (BLOCK0) BLOCK0 efuse version = 0 R/W (0b00)DISABLE_WAFER_VERSION_MAJOR (BLOCK0) Disables check of wafer version major = False R/W (0b0)DISABLE_BLK_VERSION_MAJOR (BLOCK0) Disables check of blk version major = False R/W (0b0)WAFER_VERSION_MAJOR (BLOCK1) WAFER_VERSION_MAJOR = 0 R/W (0b00)WAFER_VERSION_MINOR_HI (BLOCK1) WAFER_VERSION_MINOR most significant bit = False R/W (0b0)BLK_VERSION_MAJOR (BLOCK1) BLK_VERSION_MAJOR = 0 R/W (0b00)PSRAM_VERSION (BLOCK1) PSRAM version = 0 R/W (0x0)PKG_VERSION (BLOCK1) Package version = 0 R/W (0x0)WAFER_VERSION_MINOR_LO (BLOCK1) WAFER_VERSION_MINOR least significant bits = 0 R/W (0b000)OPTIONAL_UNIQUE_ID (BLOCK2) Optional unique 128-bit ID = 9c 50 0f 91 b0 b3 c0 73 47 61 fc cd b1 ec 13 4d R/WBLK_VERSION_MINOR (BLOCK2) BLK_VERSION_MINOR of BLOCK2 = ADC calib V1 R/W (0b001)WAFER_VERSION_MINOR (BLOCK0) calc WAFER VERSION MINOR = WAFER_VERSION_MINOR_HI = 0 R/W (0x0) << 3 + WAFER_VERSION_MINOR_LO (read only)Jtag fuses:SOFT_DIS_JTAG (BLOCK0) Software disables JTAG. When software disabled; JT = False R/- (0b0) AG can be activated temporarily by HMAC peripheralHARD_DIS_JTAG (BLOCK0) Hardware disables JTAG permanently = True R/- (0b1)Mac fuses:MAC (BLOCK1) MAC address = 84:f7:03:e0:a3:96 (OK) R/WCUSTOM_MAC (BLOCK3) Custom MAC = 00:00:00:00:00:00 (OK) R/WSecurity fuses:DIS_DOWNLOAD_ICACHE (BLOCK0) Disables Icache when SoC is in Download mode = True R/- (0b1)DIS_DOWNLOAD_DCACHE (BLOCK0) Disables Dcache when SoC is in Download mode = True R/- (0b1)DIS_FORCE_DOWNLOAD (BLOCK0) Set this bit to disable the function that forces c = False R/- (0b0) hip into download modeDIS_DOWNLOAD_MANUAL_ENCRYPT (BLOCK0) Disables flash encryption when in download boot mo = True R/- (0b1) desSPI_BOOT_CRYPT_CNT (BLOCK0) Enables flash encryption when 1 or 3 bits are set = Enable R/W (0b111) and disabled otherwiseSECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key = False R/W (0b0)SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key = False R/W (0b0)SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key = False R/W (0b0)KEY_PURPOSE_0 (BLOCK0) Purpose of KEY0 = XTS_AES_128_KEY R/- (0x4)KEY_PURPOSE_1 (BLOCK0) Purpose of KEY1 = USER R/W (0x0)KEY_PURPOSE_2 (BLOCK0) Purpose of KEY2 = USER R/W (0x0)KEY_PURPOSE_3 (BLOCK0) Purpose of KEY3 = USER R/W (0x0)KEY_PURPOSE_4 (BLOCK0) Purpose of KEY4 = USER R/W (0x0)KEY_PURPOSE_5 (BLOCK0) Purpose of KEY5 = USER R/W (0x0)SECURE_BOOT_EN (BLOCK0) Set this bit to enable secure boot = False R/W (0b0)SECURE_BOOT_AGGRESSIVE_REVOKE (BLOCK0) Set this bit to enable aggressive secure boot key = False R/W (0b0) revocation modeDIS_DOWNLOAD_MODE (BLOCK0) Set this bit to disable all download boot modes = False R/W (0b0)ENABLE_SECURITY_DOWNLOAD (BLOCK0) Set this bit to enable secure UART download mode ( = False R/W (0b0) read/write flash only)SECURE_VERSION (BLOCK0) Secure version (used by ESP-IDF anti-rollback feat = 0 R/W (0x0000) ure)BLOCK_KEY0 (BLOCK4) Purpose: XTS_AES_128_KEY Key0 or user data = ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? -/-BLOCK_KEY1 (BLOCK5) Purpose: USER Key1 or user data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WBLOCK_KEY2 (BLOCK6) Purpose: USER Key2 or user data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WBLOCK_KEY3 (BLOCK7) Purpose: USER Key3 or user data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WBLOCK_KEY4 (BLOCK8) Purpose: USER Key4 or user data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WBLOCK_KEY5 (BLOCK9) Purpose: USER Key5 or user data = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 R/WSpi Pad fuses:SPI_PAD_CONFIG_CLK (BLOCK1) SPI_PAD_configure CLK = 0 R/W (0b000000)SPI_PAD_CONFIG_Q (BLOCK1) SPI_PAD_configure Q(D1) = 0 R/W (0b000000)SPI_PAD_CONFIG_D (BLOCK1) SPI_PAD_configure D(D0) = 0 R/W (0b000000)SPI_PAD_CONFIG_CS (BLOCK1) SPI_PAD_configure CS = 0 R/W (0b000000)SPI_PAD_CONFIG_HD (BLOCK1) SPI_PAD_configure HD(D3) = 0 R/W (0b000000)SPI_PAD_CONFIG_WP (BLOCK1) SPI_PAD_configure WP(D2) = 0 R/W (0b000000)SPI_PAD_CONFIG_DQS (BLOCK1) SPI_PAD_configure DQS = 0 R/W (0b000000)SPI_PAD_CONFIG_D4 (BLOCK1) SPI_PAD_configure D4 = 0 R/W (0b000000)SPI_PAD_CONFIG_D5 (BLOCK1) SPI_PAD_configure D5 = 0 R/W (0b000000)SPI_PAD_CONFIG_D6 (BLOCK1) SPI_PAD_configure D6 = 0 R/W (0b000000)SPI_PAD_CONFIG_D7 (BLOCK1) SPI_PAD_configure D7 = 0 R/W (0b000000)Usb fuses:DIS_USB (BLOCK0) Set this bit to disable USB OTG function = False R/- (0b0)USB_EXCHG_PINS (BLOCK0) Set this bit to exchange USB D+ and D- pins = False R/W (0b0)USB_EXT_PHY_ENABLE (BLOCK0) Set this bit to enable external USB PHY = False R/W (0b0)USB_FORCE_NOPERSIST (BLOCK0) If set; forces USB BVALID to 1 = False R/W (0b0)DIS_USB_DOWNLOAD_MODE (BLOCK0) Set this bit to disable use of USB OTG in UART dow = False R/W (0b0) nload boot modeVdd fuses:VDD_SPI_XPD (BLOCK0) If VDD_SPI_FORCE is 1; this value determines if th = False R/W (0b0) e VDD_SPI regulator is powered onVDD_SPI_TIEH (BLOCK0) If VDD_SPI_FORCE is 1; determines VDD_SPI voltage = VDD_SPI connects to 1.8 V LDO R/W (0b0)VDD_SPI_FORCE (BLOCK0) Set this bit to use XPD_VDD_PSI_REG and VDD_SPI_TI = False R/W (0b0) EH to configure VDD_SPI LDOWdt fuses:WDT_DELAY_SEL (BLOCK0) RTC watchdog timeout threshold; in unit of slow cl = 40000 R/W (0b00) ock cycleFlash voltage (VDD_SPI) determined by GPIO45 on reset (GPIO45=High: VDD_SPI pin is powered from internal 1.8V LDOGPIO45=Low or NC: VDD_SPI pin is powered directly from VDD3P3_RTC_IO via resistor Rspi. Typically this voltage is 3.3 V).PS D:ESP-IDFtesthello_world>
我无法查看到烧录进eFuse中的秘钥是否与我主机上的秘钥一样,我观察到第一次烧录秘钥时的提示信息中有一句Reversing byte order for AES-XTS hardware peripheral,不知此提示是否对秘钥有不一样的处理,并且ESP32-S2的技术参考手册中写道Code:
Select all
BLOCK1 ~ BLOCK10 均采用 RS 编码方式,因此参数烧写受到一定的限制,具体请参考章节 4.3.1.3:数据存储方式,和章节 4.3.2:软件烧写参数。BLOCK0 使用 4 备份方式存储参数,即 BLOCK0 中的所有参数(除了 EFUSE_WR_DIS )均在 eFuse 中存储了4 份。4 备份机制对软件不可见。BLOCK1 ~ BLOCK10 使用 RS (44, 32) 编码方式,最多支持自动校正 5 个字节。本文 RS (44, 32) 使用的本源多项式为 p(x) = x^8 + x^4 + x^3 + x^2 + 1,产生校验码的移位寄存器
电路如图 4-1 所示,其中 gf_mul_n(n 为一个整数)为 GF(28) 域中某一字节数据与元素 α^n 相乘的结果。
不知道这些是否会对我烧录进ESP32-S2中的秘钥造成影响,而且我的秘钥是自己编写的,并非是在主机上使用espsecure.py命令生成的随机秘钥。
请问这种情况下我该怎么处理?
举报
