Page 1 of 1

ESP-Jumpstart Examples with Flash Encryption, Secure Boot and OTA

Posted: Wed May 13, 2020 9:27 pm
by maveren
IDF Version: v4.2-dev-1320-g1aebfdf6a
Hardware: DevkitC Wroom32u

Objective: Implement flash encryption, secure boot, and OTA with a forked version of ESP-Jumpstart:

I have modified the ESP-Jumstart examples to use my own aws account and successfully tested OTA with remote app signing. Although, after I enable flash encryption and secure boot I get the following errors when the OTA update begins:

[Codebox]I (97084) esp_https_ota: Starting OTA...
I (97084) esp_https_ota: Writing to partition subtype 17 at offset 0x1f0000
Guru Meditation Error: Core 0 panic'ed (IllegalInstruction). Exception was unhandled.
Memory dump at 0x401a4898: a33020b4 be03e520 1d202aa0
0x401a4898: crypto_ec_point_cmp at C:/espm200505/esp/esp-idf/components/wpa_supplicant/src/crypto/crypto_mbedtls-ec.c:444

Core 0 register dump:
PC : 0x401a489c PS : 0x00060a30 A0 : 0x80090afa A1 : 0x3ffd4400
0x401a489c: crypto_ec_point_cmp at C:/espm200505/esp/esp-idf/components/wpa_supplicant/src/crypto/crypto_mbedtls-ec.c:444

A2 : 0x3ffb98a4 A3 : 0x00000033 A4 : 0x00000000 A5 : 0x000000a5
A6 : 0x000000a5 A7 : 0x00060023 A8 : 0x8009cbd4 A9 : 0x3ffd43d0
A10 : 0x00000001 A11 : 0x00000000 A12 : 0x3ffb98a4 A13 : 0x00000000
A14 : 0x00000000 A15 : 0x3ffc8c30 SAR : 0x0000001e EXCCAUSE: 0x00000000
EXCVADDR: 0x00000000 LBEG : 0x4000c2e0 LEND : 0x4000c2f6 LCOUNT : 0x00000000

Backtrace:0x401a4899:0x3ffd4400 0x40090af7:0x3ffd4420 0x400922d5:0x3ffd4450 0x40090f51:0x3ffd4510 0x4018db46:0x3ffd4550 0x4018dc74:0x3ffd4580 0x4009275a:0x3ffd45b0 0x40099ca1:0x3ffd45e0
0x401a4899: crypto_ec_point_cmp at C:/espm200505/esp/esp-idf/components/wpa_supplicant/src/crypto/crypto_mbedtls-ec.c:444

0x40090af7: lmacRecycleMPDU at ??:?

0x400922d5: ppResortTxAMPDU at ??:?

0x40090f51: lmacTxFrame at ??:?

0x4018db46: lmacProcessTxSuccess at ??:?

0x4018dc74: lmacProcessTxComplete at ??:?

0x4009275a: ppTask at ??:?

0x40099ca1: vPortTaskWrapper at C:/espm200505/esp/esp-idf/components/freertos/xtensa/port.c:143[/Codebox]

I have verified that flash encryption and secure boot (reflashable) are enabled correctly in DEV Mode.

Let me know if anyone has suggestions or if more information is needed.
Best regards