esp_partition_mmap is not decrypting partition data?

dmitryga
Posts: 29
Joined: Sat Jan 14, 2017 8:36 pm

esp_partition_mmap is not decrypting partition data?

Postby dmitryga » Wed Aug 15, 2018 4:39 pm

Hi everybody!

I'm using flash encryption and try to access encrypted partition.
First of all I've created data partition with size 0x1000 (4KB) and encrypted flag.
Secondly I've allocated 4KB buffer, filled it with 0xFF and set contents of first 48 bytes to some known values (to check them later). These bytes were:

Code: Select all

00 00 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d
3e 3f 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d
4e 4f 00 f8 60 5b 80 d2 b8 5d 00 00 c0 13 c3 1f
Thirdly I've written this buffer using esp_partition_erase_range and esp_partition_write. Both calls succeeded.
Now I'm trying to read partition using esp_partition_read. This call also succeeds, but contents of buffer seems to be still encrypted. First 128 bytes looks like this:

Code: Select all

5f 8a b7 cb 16 9d 1f 40 cc c0 34 76 c4 ba 3d bf
5c ce 81 53 ba 02 dc ba be de b7 14 80 44 94 03
55 ed 28 a4 fd d1 0f 55 d5 3a c5 d2 2a cb ed bf
fb df 3e 4d ac 5e 64 b3 10 77 53 7c 46 a9 9f 12
fb df 3e 4d ac 5e 64 b3 10 77 53 7c 46 a9 9f 12
fb df 3e 4d ac 5e 64 b3 10 77 53 7c 46 a9 9f 12
fb df 3e 4d ac 5e 64 b3 10 77 53 7c 46 a9 9f 12
fb df 3e 4d ac 5e 64 b3 10 77 53 7c 46 a9 9f 12
In esp-idf sources I see, that esp_partition_write internally calls spi_flash_write_encrypted for encrypted partitions, but esp_partition_read calls esp_partition_mmap, which should transparently decrypt data during memory mapping. But as we see, either esp_partition_mmap is not decrypting, either spi_flash_write_encrypted is not encrypting...

Or maybe I'm doing something wrong?
Last edited by dmitryga on Wed Aug 15, 2018 4:46 pm, edited 1 time in total.

dmitryga
Posts: 29
Joined: Sat Jan 14, 2017 8:36 pm

Re: esp_partition_mmap is not decrypting partition data or spi_flash_write_encrypted is not encrypting?

Postby dmitryga » Wed Aug 15, 2018 4:45 pm

I've used esptool.py to dump partition contents. They are equal to buffer contents I see after esp_partition_read call. So it seems that esp_partition_mmap is not decrypting my partition...

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: esp_partition_mmap is not decrypting partition data?

Postby WiFive » Wed Aug 15, 2018 9:25 pm

Did you enable flash encryption or just set encrypted flag in partition table?

dmitryga
Posts: 29
Joined: Sat Jan 14, 2017 8:36 pm

Re: esp_partition_mmap is not decrypting partition data?

Postby dmitryga » Thu Aug 16, 2018 7:43 am

WiFive, you're right!
I was carrying my experiments on ESP where flash encryption was not enabled, but partition mentioned had had encrypted flag set. I examined source code of esp_partition_write and saw that it checks encrypted flag but does not check, whether encryption is globally enabled.

Who is online

Users browsing this forum: Bryght-Richard and 129 guests