Secure boot

themagicm
Posts: 8
Joined: Tue Mar 28, 2023 2:27 am

Secure boot

Postby themagicm » Sat Apr 01, 2023 1:59 am

I've written code and want to keep it from being installed on other ESP32's when I release firmware updates. I use VSCode and PlatformIO, Debian 11. I read that I need to enable secure boot, sign my code and all that stuff.

Followed this to install espidf, so I did this: https://docs.espressif.com/projects/esp ... setup.html

Then thats when it all goes out of whack. Read that I need 4.4.x of ESP IDF so I installed that, then I ran across some CONFIG_FREERTOS_HZ error.. so I'm stumped. With things like this there never really are good instructions.

So what I'm looking for is a way to sign my firmware and when it gets flashed on an ESP32 that I did not add keys to that it fail and not install. I dont mind doing it all via command line I just dont know where to start. I've built my .bin files (all 3) but then...lost.

Any real docs out there that actually work and explain how to do this?

EDIT:
I also read this page and ended up bricking my ESP32.
https://motius.de/insights/secure-iot-p ... ino-esp32/

What am I missing? I have a new batch of ESP32's so maybe throughout all of this it went sideways. I'll try again.

Who is online

Users browsing this forum: Baidu [Spider] and 60 guests