Flash Encryption not working?

[jcolebaker]

We want to use encrypted flash (probably with secure boot) to provide an encrypted partition where we can store sensitive data (e.g. AWS certificates). I'm trying to prove that we can enable flash encryption and that it prevents reading the sensitive data (e.g. with esptool in bootloader mode).

Firstly, I enabled "emulated efuse" mode (emulated efuses stored in flash, ESP-IDF 4.4) so that I didn't permanently modify the efuses on the dev board.

Code: Select all

CONFIG_EFUSE_VIRTUAL=y
CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH=y

I then configured flash encryption in "development" mode (not secure):

Code: Select all

CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP=y
CONFIG_SECURE_INSECURE_ALLOW_DL_MODE=y

I added a custom partition table with the required partitions, including nvs_keys and an "encrypted" partition called "certificates" for testing:

Code: Select all

# ESP-IDF Partition Table
# Name, Type, SubType, Offset, Size, Flags
nvs,data,nvs,0xB000,32K,
otadata,data,ota,0x13000,8K,
phy_init,data,phy,0x15000,4K,
certificates,data,fat,0x16000,48K,encrypted
coredump,data,coredump,0x22000,128K,
efuse_em,data,efuse,0x42000,8K,
nvs_keys,data,nvs_keys,0x44000,4K,encrypted
factory,app,factory,0x50000,1024K,
ota_0,app,ota_0,0x150000,1344K,
ota_1,app,ota_1,0x2A0000,1344K,

Built and installed as per instructions here: https://docs.espressif.com/projects/esp ... ption.html

On first boot, I saw log messages showing that flash encryption was enabled, and it took some time to encrypt the "certificates" partition, along with nvs_keys, and the factory app. It then rebooted.

So far it looked good. I then added code to write some data to "certificates" and read it back:

Code: Select all

    const esp_partition_t *partition = esp_partition_find_first(ESP_PARTITION_TYPE_DATA, ESP_PARTITION_SUBTYPE_ANY, "certificates");

    // Erase entire partition
    ESP_ERROR_CHECK( esp_partition_erase_range(partition, 0, partition->size) );

    // Write some data starting from the beginning of the partition, via encryption:
    static char store_data[] = "The quick brown fox";
    ESP_ERROR_CHECK( esp_partition_write(partition, 0, store_data, sizeof(store_data)) );

   // Read back the data via encryption: Expect to get unencrypted data:
    static char read_data[64];
    ESP_ERROR_CHECK( esp_partition_read(partition, 0, read_data, sizeof(read_data)) );
    ESP_LOG_BUFFER_HEXDUMP("Data", read_data, sizeof(read_data), ESP_LOG_INFO);

"esp_partition_read" above returns the plain-text data, which is expected (automatic decryption). I tried to use "esp_flash_read" to get the raw (encrypted) content but I can't find an example of how to use it (e.g. initialize the main onboard flash).

I then used esptool.py to read the contents of the encrypted partition:

Code: Select all

esptool.py -p COM4 -b 460800 read_flash 0x14000 0xc000 partition_contents.bin

However, partition_contents.bin contained the plain text data which I had stored, i.e. "The quick brown fox......". I would have expected this to be encrypted data.

It appears that the partition is NOT ENCRYPTED.

Or does the data get automatically decrypted when read via bootloader mode?

(Note, in a release version, we would disable access via the bootloader, but I want to prove whether the data is encrypted in the flash, e.g. to guard against direct readout of the flash chip.)

[WiFive]

Using emulated efuse is going to result in faking the encryption. You can only turn on the actual hardware encryption by burning the efuse.

[jcolebaker]

Update: I tried keeping the "emulate efuses" option but turning OFF the "CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH" option.

This caused the firmware to generate a key and encrypt the partitions on first boot, but after reboot it got stuck in the 1st stage bootloader with the message "invalid header: 0x8a87ce67". I guess this is because it lost the emulated efuse settings, including the key, so it couldn't decrypt and load the bootloader or firmware images. From this state, I was able to use esptool "read_flash" command to read the partitions, and I got garbled data (it looks like they are encrypted, and the bootloader mode didn't decrypt them since the efuse settings were reset).

I hadn't thought about whether the encryption hardware could read the emulated efuse encryption key. Is is possible it was actually using the real efuse data, which would have been all 0's? I guess this would still be a valid key.

[Mahavir]

I would recommend that you try https://github.com/espressif/esp-idf/tr ... encryption example with flash encryption mode set to "development".

Flash encryption status is decided based on value of eFuse field `FLASH_CRYPT_CNT` (odd number of bits indicates flash encryption enable status). In "development" mode, this field is not write protected, hence you can also disable flash encryption by using command:

Code: Select all

espefuse.py burn_efuse FLASH_CRYPT_CNT

Please find more information on this at https://docs.espressif.com/projects/esp ... ion-status