Security and development: enabling secure boot after signed app images

[gbsinclair@gmail.com]

Hi
I'm developing a product with an ESP32 C5 and IDF v5.5.

For production, I'd like to enable:
- secure boot v2
- signed app images (yes, this product will have OTA)
- encrypted flash
- secure UART ROM download mode

My issue right now is that if I enable secure boot, the serial flasher download stub is automatically disabled, which means that flashing takes significantly longer (25 seconds vs 10 seconds). This might not seem like much, but it really slows me down when I'm developing.

Can I turn on the above security features EXCEPT secure boot now, and then when development is mainly complete turn on Secure Boot?

Thanks

[federicolonghin]

Hi, I'm facing the same problem, have you find any solution?
I'm currently in development mode, so i can flash firmware also in plaintext, so it shouldn’t be a problem having the download stub enabled.
The workaround I'm currently using is manually editing the build/flasher_args.json file writing "true" in the stub option:

Code: Select all

"extra_esptool_args" : {
        "after"  : "no_reset",
        "before" : "default_reset",
        "stub"   : true,
        "chip"   : "esp32s3"
    }

But every time I full clean and recompile the file is regenerated.
Anyway I don't think it's a clean solution I'm hoping to find a more professional way to keep it enabled.

Federico.

[Nespressif]

Hello, I believe that if you enable it following the security guide workflows and do not burn any security efuses, both for SBv2 and FE, you do not disable any cache, but if you have SB and FE enabled, when everything is working, you burn the security efuses to properly protect the device.

Best regards