|
| 1 | +.. _flash_encryption_test: |
| 2 | + |
| 3 | +Espressif ESP32 Flash Encryption Test |
| 4 | +##################################### |
| 5 | + |
| 6 | +Overview |
| 7 | +******** |
| 8 | + |
| 9 | +Flash encryption is intended for encrypting the contents of the ESP32's off-chip flash memory. |
| 10 | +Once this feature is enabled, firmware is flashed as plaintext and then the data is encrypted |
| 11 | +in place on the first boot. As a result, physical readout of flash will not be sufficient to |
| 12 | +recover most flash contents. This is a hardware feature that can be enabled in MCUboot build process |
| 13 | +and is an additional security measure beyond MCUboot existent features. |
| 14 | + |
| 15 | +The following flash encryption modes are available: |
| 16 | + |
| 17 | +* Development Mode |
| 18 | + |
| 19 | + Recommended for use ONLY DURING DEVELOPMENT, as it does not prevent modification and |
| 20 | + readout of encrypted flash contents. |
| 21 | + |
| 22 | +* Release Mode |
| 23 | + |
| 24 | + Recommended for manufacturing and production to prevent physical readout of encrypted flash |
| 25 | + contents. When release mode is selected.. |
| 26 | + |
| 27 | +With flash encryption enabled, the following types of data are encrypted by default: |
| 28 | + |
| 29 | +* Bootloader area |
| 30 | +* Application area |
| 31 | +* Storage area |
| 32 | + |
| 33 | +For more details, check `ESP32 Flash Encryption`_ and `MCUBoot Readme`_. |
| 34 | + |
| 35 | +Software Requirements |
| 36 | +********************* |
| 37 | + |
| 38 | +The following Python modules are required when building flash encryption sample: |
| 39 | + |
| 40 | +* cryptography |
| 41 | +* imgtool>=1.9.0 |
| 42 | + |
| 43 | +Setup |
| 44 | +***** |
| 45 | + |
| 46 | +This sample code isn't enough to enable flash encryption as it only consists on displaying |
| 47 | +encrypted/decrypted data. It requires MCUBoot bootloader previously configured to enable the |
| 48 | +feature. Follow the instructions provided at `MCUBoot Readme`_ prior to running this sample. |
| 49 | + |
| 50 | +.. warning:: |
| 51 | + When enabling the Flash Encryption, user can encrypt the content either using a device |
| 52 | + generated key (remains unknown and unreadable) or a host generated key (owner is responsible |
| 53 | + for keeping the key private and safe as .bin file). After the flash encryption gets enabled |
| 54 | + through eFuse burning on the device, all read and write operations are decrypted/encrypted |
| 55 | + in runtime. |
| 56 | + |
| 57 | + |
| 58 | +Supported SoCs |
| 59 | +************** |
| 60 | + |
| 61 | +The following SoCs are supported by this sample code so far: |
| 62 | + |
| 63 | +* ESP32 |
| 64 | + |
| 65 | +Building and Running |
| 66 | +******************** |
| 67 | + |
| 68 | +Make sure you have your board connected over USB port. |
| 69 | + |
| 70 | +.. code-block:: console |
| 71 | +
|
| 72 | + west build -b esp32 samples/boards/esp32/flash_encryption |
| 73 | + west flash |
| 74 | +
|
| 75 | +Sample Output |
| 76 | +============= |
| 77 | + |
| 78 | +To check the output of this sample, run ``west espressif monitor`` or any other serial |
| 79 | +console program (e.g., minicom, putty, screen, etc). |
| 80 | +This example uses ``west espressif monitor``, which automatically detects the serial |
| 81 | +port at ``/dev/ttyUSB0``: |
| 82 | + |
| 83 | +.. code-block:: console |
| 84 | +
|
| 85 | + $ west espressif monitor |
| 86 | +
|
| 87 | +The sample code writes a known buffer into the storage area defined in DTS file. |
| 88 | +Then, it dumps 32-bytes of the same memory area in plaintext mode. The content is encrypted, meaning |
| 89 | +that a reading attack to the off-chip memory is safe. Last step is to perform the |
| 90 | +memory reading using proper spi_flash call, which decrypts the content as expected. |
| 91 | + |
| 92 | +.. code-block:: console |
| 93 | +
|
| 94 | + *** Booting Zephyr OS build v2.7.99-2729-geb08584393d6 *** |
| 95 | + [00:00:00.453,000] <inf> flash_encryption: Found flash controller FLASH_CTRL. |
| 96 | +
|
| 97 | + [00:00:00.453,000] <inf> flash_encryption: BUFFER CONTENT |
| 98 | + 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |........ ........ |
| 99 | + 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |........ ........ |
| 100 | + [00:00:00.482,000] <inf> flash_encryption: FLASH RAW DATA (Encrypted) |
| 101 | + 9a 06 93 76 12 cb 0f 7e ec c5 12 6f 64 db d1 ff |...v...~ ...od... |
| 102 | + 08 e6 be 0c cd 06 6d ad 7d 55 3d 57 bf b7 be 0a |......m. }U=W.... |
| 103 | + [00:00:00.482,000] <inf> flash_encryption: FLASH DECRYPTED DATA |
| 104 | + 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |........ ........ |
| 105 | + 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |........ ........ |
| 106 | +
|
| 107 | +
|
| 108 | +.. _ESP32 Flash Encryption: |
| 109 | + https://docs.espressif.com/projects/esp-idf/en/latest/esp32/security/flash-encryption.html |
| 110 | + |
| 111 | +.. _MCUBoot Readme: |
| 112 | + https://www.mcuboot.com/documentation/readme-espressif/ |
0 commit comments