Skip to content

docs(security): migrate secure boot to RSA-3072 and reorder lockdown phases#114

Merged
odudex merged 3 commits into
masterfrom
fix/security-hardening-plan
Jul 1, 2026
Merged

docs(security): migrate secure boot to RSA-3072 and reorder lockdown phases#114
odudex merged 3 commits into
masterfrom
fix/security-hardening-plan

Conversation

@odudex

@odudex odudex commented Jul 1, 2026

Copy link
Copy Markdown
Owner

Documentation-only update to the security roadmap (docs/security-plan.md, docs/secure-boot.md) after reviewing the ESP-IDF v6.0.2 security changes.

Highlights

  • RSA-3072 instead of ECDSA-P256 — ECDSA Secure Boot v2 is non-functional on ESP32-P4 silicon (chip errata; would need CONFIG_SECURE_BOOT_INSECURE). RSA-3072 is the only working scheme and the faster verifier here. Fixes the algorithm table, sdkconfig option names, and updates tooling to esptool v5.
  • Three signing keys (two rotations) — uses all three digest slots (KEY0–2); the flash-encryption key moves to the Key Manager / KEY3.
  • Lockdown phases reordered to match the safe eFuse burn order — every read-protected key is burned before secure boot write-protects RD_DIS: NVS encryption → flash encryption → secure boot → SD updates → release lockdown.
  • NVS encryption coupled to PIN setup (new Phase 3) — KEY4 burn + NVS encryption happen while setting the PIN, so the PIN hash lands directly in encrypted storage: at-rest protection by default, independent of flash encryption.
  • Deployment profiles — Profile A (secure boot + NVS encryption, fully on-device) vs. Profile B (adds flash encryption + release lockdown, serial).
  • Housekeeping — dual-OTA partition table marked adopted; six never-used placeholder key files removed; kern_secure_boot/README.md refreshed.

No code changes.

odudex added 3 commits July 1, 2026 16:18
…or RSA-3072

The six files were never-used placeholders (raw bytes mislabeled .pem, random digests). README now documents RSA-3072 signing and three-key rotation; real keys ship with the first signed release.
ECDSA Secure Boot v2 is non-functional on ESP32-P4 (chip errata); RSA-3072 is the only working option and is also the faster verifier. Adds a third digest slot (two rotations), modernizes tooling to esptool v5, and reorders the eFuse burn table so read-protected keys precede secure boot.
…o PIN

Roadmap order now matches the safe eFuse burn order (every read-protected key burned before secure boot write-protects RD_DIS): NVS encryption (PIN-coupled) -> flash encryption -> secure boot -> SD updates -> release lockdown. Also migrates to RSA-3072 / three keys, marks the dual-OTA partition table adopted, and documents on-device vs serial deployment profiles.
@odudex odudex merged commit b11e91d into master Jul 1, 2026
13 checks passed
@odudex odudex deleted the fix/security-hardening-plan branch July 12, 2026 11:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant