Home
last modified time | relevance | path

Searched refs:secure (Results 1 – 25 of 37) sorted by relevance

12

/hal_espressif-latest/components/bootloader_support/src/
Dflash_encrypt.c230 bool secure; in esp_flash_encryption_cfg_verify_release_mode() local
232 secure = esp_flash_encryption_enabled(); in esp_flash_encryption_cfg_verify_release_mode()
233 result = secure; in esp_flash_encryption_cfg_verify_release_mode()
234 if (!secure) { in esp_flash_encryption_cfg_verify_release_mode()
254 secure = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_ENCRYPT); in esp_flash_encryption_cfg_verify_release_mode()
255 result &= secure; in esp_flash_encryption_cfg_verify_release_mode()
256 if (!secure) { in esp_flash_encryption_cfg_verify_release_mode()
260 secure = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_DL_DECRYPT); in esp_flash_encryption_cfg_verify_release_mode()
261 result &= secure; in esp_flash_encryption_cfg_verify_release_mode()
262 if (!secure) { in esp_flash_encryption_cfg_verify_release_mode()
[all …]
Dsecure_boot.c197 bool secure; in esp_secure_boot_cfg_verify_release_mode() local
215 secure = esp_efuse_read_field_bit(ESP_EFUSE_RD_DIS_BLK2); in esp_secure_boot_cfg_verify_release_mode()
216 result &= secure; in esp_secure_boot_cfg_verify_release_mode()
217 if (!secure) { in esp_secure_boot_cfg_verify_release_mode()
222 secure = esp_efuse_read_field_bit(ESP_EFUSE_WR_DIS_BLK2); in esp_secure_boot_cfg_verify_release_mode()
223 result &= secure; in esp_secure_boot_cfg_verify_release_mode()
224 if (!secure) { in esp_secure_boot_cfg_verify_release_mode()
228 secure = esp_efuse_read_field_bit(ESP_EFUSE_DISABLE_JTAG); in esp_secure_boot_cfg_verify_release_mode()
229 result &= secure; in esp_secure_boot_cfg_verify_release_mode()
230 if (!secure) { in esp_secure_boot_cfg_verify_release_mode()
[all …]
/hal_espressif-latest/components/bootloader/
DKconfig.projbuild309 int "eFuse secure version of app"
313 The secure version is the sequence number stored in the header of each firmware.
320 The app is booted with a higher (or equal) secure version.
328 int "Size of the efuse secure version field"
337 The size of the efuse secure version field.
342 bool "Emulate operations with efuse secure version(only test)"
348 … This option allows to emulate read/write operations with all eFuses and efuse secure version.
357 # options, allowing to turn on "allow insecure options" and have secure boot with
503 # RSA secure boot is supported in ESP32 revision >= v3.0
540 …is option uses the same app signature scheme as hardware secure boot, but unlike hardware secure b…
[all …]
Dproject_include.cmake50 "${BOOTLOADER_BUILD_DIR}/secure-bootloader-key-192.bin"
51 "${BOOTLOADER_BUILD_DIR}/secure-bootloader-key-256.bin"
106 "\tSee docs/security/secure-boot-v1.rst for details.")
DCMakeLists.txt10 # When secure boot is enabled, do not flash bootloader along with invocation of `idf.py flash`
/hal_espressif-latest/tools/esptool_py/docs/en/espefuse/inc/
Dsummary_ESP32-C6.rst83 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
84 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
85 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
92 …SEC_DPA_LEVEL (BLOCK0) Represents the spa secure level by configuring …
96 …SECURE_BOOT_EN (BLOCK0) Represents whether secure boot is enabled or di…
98 …SSIVE_REVOKE (BLOCK0) Represents whether revoking aggressive secure boot = False R/W (…
Dsummary_ESP32-H2.rst82 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
83 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
84 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
91 …SEC_DPA_LEVEL (BLOCK0) Represents the spa secure level by configuring …
98 …SECURE_BOOT_EN (BLOCK0) Represents whether secure boot is enabled or di…
100 …SSIVE_REVOKE (BLOCK0) Represents whether revoking aggressive secure boot = False R/W (…
Dsummary_ESP32-C3.rst86 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
87 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
88 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
95 …SECURE_BOOT_EN (BLOCK0) Set this bit to enable secure boot …
96 …VE_REVOKE (BLOCK0) Set this bit to enable revoking aggressive secure = False R/W (0b0)
100 …ENABLE_SECURITY_DOWNLOAD (BLOCK0) Set this bit to enable secure UART download mod…
Dsummary_ESP32-S2.rst96 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
97 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
98 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
105 …SECURE_BOOT_EN (BLOCK0) Set this bit to enable secure boot …
106 …SECURE_BOOT_AGGRESSIVE_REVOKE (BLOCK0) Set this bit to enable aggressive secure boot k…
109 …ENABLE_SECURITY_DOWNLOAD (BLOCK0) Set this bit to enable secure UART download mod…
Dsummary_ESP32-S3.rst81 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
82 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
83 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
90 …SECURE_BOOT_EN (BLOCK0) Set this bit to enable secure boot …
91 …VE_REVOKE (BLOCK0) Set this bit to enable revoking aggressive secure = False R/W (0b0)
95 …ENABLE_SECURITY_DOWNLOAD (BLOCK0) Set this bit to enable secure UART download mod…
Dsummary_ESP32-P4.rst102 …SECURE_BOOT_KEY_REVOKE0 (BLOCK0) Revoke 1st secure boot key …
103 …SECURE_BOOT_KEY_REVOKE1 (BLOCK0) Revoke 2nd secure boot key …
104 …SECURE_BOOT_KEY_REVOKE2 (BLOCK0) Revoke 3rd secure boot key …
111 …SEC_DPA_LEVEL (BLOCK0) Represents the spa secure level by configuring …
118 …SECURE_BOOT_EN (BLOCK0) Represents whether secure boot is enabled or di…
120 …SSIVE_REVOKE (BLOCK0) Represents whether revoking aggressive secure boot = False R/W (…
Dsummary_ESP32-C2.rst52 …ENABLE_SECURITY_DOWNLOAD (BLOCK0) Set this bit to enable secure UART download mod…
53 …SECURE_BOOT_EN (BLOCK0) The bit be set to enable secure boot …
/hal_espressif-latest/components/bootloader/subproject/
DCMakeLists.txt89 "secure-bootloader-key-${key_digest_len}.bin"
104 "No pre-generated key for a reflashable secure bootloader is available, "
180 "Bootloader built and secure digest generated."
184 "Burn secure boot key to efuse using:"
202 … "* Not recommended to re-use the same secure boot keyfile on multiple production devices."
/hal_espressif-latest/tools/esptool_py/test/images/efuse/
Desp_efuse_custom_table.csv9 CUSTOM_SECURE_VERSION, EFUSE_BLK3, 78, 16, Custom secure version
/hal_espressif-latest/tools/esptool_py/docs/en/espsecure/
Dindex.rst6 ``espsecure.py`` is a tool for manipulating data that relates to the secure boot and flash encrypti…
10 * `Secure Boot <https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/secure-boot-v…
18 An external Hardware Security Module (HSM) can be used for remote signing of images in secure boot …
/hal_espressif-latest/tools/esptool_py/docs/en/advanced-topics/
Dfirmware-image-format.rst166 …entire image) is appended after the checksum. This digest is separate to secure boot and only used…
168secure boot is enabled, a signature is also appended (and the simple hash is included in the signe…
/hal_espressif-latest/components/efuse/esp32c3/
Desp_efuse_table.csv121 SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
122 SECURE_BOOT_KEY_REVOKE1, EFUSE_BLK0, 86, 1, [] Revoke 2nd secure boot key
123 SECURE_BOOT_KEY_REVOKE2, EFUSE_BLK0, 87, 1, [] Revoke 3rd secure boot key
130 …OT_EN, EFUSE_BLK0, 116, 1, [] Set this bit to enable secure boot
131 …, EFUSE_BLK0, 117, 1, [] Set this bit to enable revoking aggressive secure boot
137 …D, EFUSE_BLK0, 133, 1, [] Set this bit to enable secure UART download mode
/hal_espressif-latest/tools/esptool_py/
DCHANGELOG.md29 - **espsecure**: Add support for secure boot v2 using ECDSA-P384 signatures
42 - Added warning when secure boot enabled
80 - **secure_download_mode**: Disable secure boot detection and print more info
152 - **esp32-c2**: Enable flashing in secure download mode
213 - **secure download mode**: Reconnect if ROM refuses to respond
214 - **secure download mode**: Fix SDM detection on S2/S3
/hal_espressif-latest/components/efuse/esp32s2/
Desp_efuse_table.csv136 SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
137 SECURE_BOOT_KEY_REVOKE1, EFUSE_BLK0, 86, 1, [] Revoke 2nd secure boot key
138 SECURE_BOOT_KEY_REVOKE2, EFUSE_BLK0, 87, 1, [] Revoke 3rd secure boot key
145 …OT_EN, EFUSE_BLK0, 116, 1, [] Set this bit to enable secure boot
146 … EFUSE_BLK0, 117, 1, [] Set this bit to enable aggressive secure boot key revocatio…
152 …, EFUSE_BLK0, 133, 1, [] Set this bit to enable secure UART download mode…
/hal_espressif-latest/tools/esptool_py/docs/en/espefuse/
Dburn-key-cmd.rst10 …ocs.espressif.com/projects/esp-idf/en/latest/{IDF_TARGET_PATH_NAME}/security/secure-boot-v1.html>`_
11 …ocs.espressif.com/projects/esp-idf/en/latest/{IDF_TARGET_PATH_NAME}/security/secure-boot-v2.html>`_
56 …Do not use the names ``BLOCK1`` and ``BLOCK2`` to burn flash encryption and secure boot v2 keys be…
74 - SECURE_BOOT_DIGEST0. 1 secure boot key.
75 - SECURE_BOOT_DIGEST1. 2 secure boot key.
76 - SECURE_BOOT_DIGEST2. 3 secure boot key.
97 …s block #3 - ``BLOCK_KEY0``. This block can have user, flash encryption, secure boot keys. This ch…
102 …- XTS_AES_128_KEY. 256 bits flash encryption key. The secure boot key can not be used with this op…
153 …Note that the hardware flash encryption and secure boot v1 features require the key to be written …
Dburn-key-digest-cmd.rst6 …espressif.com/projects/esp-idf/en/latest/{IDF_TARGET_PATH_NAME}/security/secure-boot-v2.html#signa…
38 The secure boot v2 key(s) will be readable and write protected.
74 …See :ref:`perform-multiple-operations` for how to burn flash encryption and secure boot keys to th…
/hal_espressif-latest/components/efuse/esp32c6/
Desp_efuse_table.csv127 SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
128 SECURE_BOOT_KEY_REVOKE1, EFUSE_BLK0, 86, 1, [] Revoke 2nd secure boot key
129 SECURE_BOOT_KEY_REVOKE2, EFUSE_BLK0, 87, 1, [] Revoke 3rd secure boot key
136 … EFUSE_BLK0, 112, 2, [DPA_SEC_LEVEL] Represents the spa secure level by configuri…
138 SECURE_BOOT_EN, EFUSE_BLK0, 116, 1, [] Represents whether secure
139 … EFUSE_BLK0, 117, 1, [] Represents whether revoking aggressive secure boot is enabled or…
/hal_espressif-latest/components/efuse/esp32h2/
Desp_efuse_table.csv129 SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
130 SECURE_BOOT_KEY_REVOKE1, EFUSE_BLK0, 86, 1, [] Revoke 2nd secure boot key
131 SECURE_BOOT_KEY_REVOKE2, EFUSE_BLK0, 87, 1, [] Revoke 3rd secure boot key
138 SEC_DPA_LEVEL, EFUSE_BLK0, 112, 2, [] Represents the spa secure
140 SECURE_BOOT_EN, EFUSE_BLK0, 116, 1, [] Represents whether secure
141 … EFUSE_BLK0, 117, 1, [] Represents whether revoking aggressive secure boot is enabled or…
/hal_espressif-latest/components/efuse/esp32s3/
Desp_efuse_table.csv151 SECURE_BOOT_KEY_REVOKE0, EFUSE_BLK0, 85, 1, [] Revoke 1st secure boot key
152 SECURE_BOOT_KEY_REVOKE1, EFUSE_BLK0, 86, 1, [] Revoke 2nd secure boot key
153 SECURE_BOOT_KEY_REVOKE2, EFUSE_BLK0, 87, 1, [] Revoke 3rd secure boot key
160 …OT_EN, EFUSE_BLK0, 116, 1, [] Set this bit to enable secure boot
161 …, EFUSE_BLK0, 117, 1, [] Set this bit to enable revoking aggressive secure boot
172 …D, EFUSE_BLK0, 133, 1, [] Set this bit to enable secure UART download mode
/hal_espressif-latest/components/esp_system/port/soc/esp32/
DKconfig.system64 (Enabling secure boot also disables the BASIC ROM Console by default.)

12