是说 storage 分区没有启用 flash 加密?从 log 看已经完成 flash 加密:
I (855) flash_encrypt: Encrypting partition 1 at offset 0x10000 (length 0x1000)...
I (893) flash_encrypt: Done encrypting
flash加密问题咨询【已解决】
Re: flash加密问题咨询
是的,很奇怪的是测试用例 对storage分区的读写接口测试log中显示,写入flash的数据还是明文。用spi_flash_read 这个接口读出来的数据应该是密文的,但是现在显示的还是明文。wangyuxin-esp wrote: ↑Wed Jun 22, 2022 2:49 am是说 storage 分区没有启用 flash 加密?从 log 看已经完成 flash 加密:
I (855) flash_encrypt: Encrypting partition 1 at offset 0x10000 (length 0x1000)...
I (893) flash_encrypt: Done encrypting
---------------------------------------以下是日志------------------------
Example to check Flash Encryption status
This is esp32s2 chip with 1 CPU core(s), WiFi, silicon revision 0, 2MB external flash
FLASH_CRYPT_CNT eFuse value is 1
Flash encryption feature is enabled in DEVELOPMENT mode
Erasing partition "storage" (0x1000 bytes)
Writing data with esp_partition_write:
I (616) example: 0x3ffc2e80 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (616) example: 0x3ffc2e90 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with esp_partition_read:
I (626) example: 0x3ffc2e60 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (636) example: 0x3ffc2e70 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with spi_flash_read:
I (646) example: 0x3ffc2e60 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (656) example: 0x3ffc2e70 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
I (666) nvs: NVS partition "nvs" is encrypted.
-
ESP_WangYX
- Posts: 91
- Joined: Mon Jun 28, 2021 12:48 pm
Re: flash加密问题咨询
推荐关闭 efuse 的虚拟功能进行测试。flash 加密 develop 模式允许关闭 flash 加密功能,后续不需要 flash 加密的情况下,可以再关闭 flash 加密功能。
Re: flash加密问题咨询
经过测试确实是因为虚拟efuse打开的问题。已经可以实现加密了,不过建议还是排查一下efuse这里的问题。因为毕竟咱们文档说了可以开启efuse 测试flash加密。这个可能会引起其他人的疑惑,就跟我一样,还要我这里有好几个开发板,不然我也不敢测试,应为我已经有一个开发板就剩最后一次机会了。这样明白了问题在哪里就干搞了。。。wangyuxin-esp wrote: ↑Thu Jun 23, 2022 2:10 am推荐关闭 efuse 的虚拟功能进行测试。flash 加密 develop 模式允许关闭 flash 加密功能,后续不需要 flash 加密的情况下,可以再关闭 flash 加密功能。
---------------------------以下是日志--------------------------------------------------------
I (280) spi_flash: flash io: dio
W (284) flash_encrypt: Flash encryption mode is DEVELOPMENT (not secure)
I (292) cpu_start: Starting scheduler on PRO CPU.
Example to check Flash Encryption status
This is esp32s2 chip with 1 CPU core(s), WiFi, silicon revision 0, 4MB external flash
FLASH_CRYPT_CNT eFuse value is 1
flash enc success True
Flash encryption feature is enabled in DEVELOPMENT mode
Erasing partition "storage" (0x4000 bytes) enc flag = 1
Erasing partition "nvs_key" (0x1000 bytes) enc flag = 1
Writing data with esp_partition_write:
I (900) example: 0x3ffc2b90 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (900) example: 0x3ffc2ba0 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with esp_partition_read:
I (910) example: 0x3ffc2b70 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f |................|
I (920) example: 0x3ffc2b80 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f |................|
Reading with spi_flash_read:
I (940) example: 0x3ffc2b30 d7 b4 ea 34 00 e9 b9 15 c1 35 a4 1e 10 2a 2b 9a |...4.....5...*+.|
I (940) example: 0x3ffc2b40 32 e4 8b 47 28 23 33 5d cd e0 de f7 91 db 66 96 |2..G(#3]......f.|
I (950) example: 0x3ffc2b50 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff |................|
I (960) example: 0x3ffc2b60 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff |................|
I (980) nvs: NVS partition "nvs" is encrypted.
Who is online
Users browsing this forum: No registered users and 50 guests