Skip to content
This repository was archived by the owner on Sep 16, 2024. It is now read-only.

Commit 6904824

Browse files
cataliniocatalinio
committed
Updated README.md for IDF v4.1
1 parent b719e70 commit 6904824

File tree

1 file changed

+13
-90
lines changed

1 file changed

+13
-90
lines changed

README.md

+13-90
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
The MicroPython project
22
=======================
33
<p align="center">
4-
<img src="https://raw.githubusercontent.com/pycom/LoPy/master/images/LopySide.jpg" alt="The LoPy"/>
4+
<img src="https://pycom.io/wp-content/uploads/2018/08/fipySide.png" alt="The FiPy"/>
55
</p>
66

77
This is the MicroPython project, which aims to put an implementation
@@ -41,7 +41,7 @@ Additional components:
4141
The subdirectories above may include READMEs with additional info.
4242

4343
"make" is used to build the components, or "gmake" on BSD-based systems.
44-
You will also need bash and Python (at least 2.7 or 3.3).
44+
You will also need bash and Python 3.
4545

4646
The ESP32 version
4747
-----------------
@@ -51,15 +51,16 @@ the Espressif website:
5151

5252
- for 64-bit Linux::
5353

54-
https://dl.espressif.com/dl/xtensa-esp32-elf-linux64-1.22.0-80-g6c4433a-5.2.0.tar.gz
54+
https://dl.espressif.com/dl/xtensa-esp32-elf-gcc8_4_0-esp-2020r3-linux-amd64.tar.gz
5555

5656
- for 32-bit Linux::
5757

58-
https://dl.espressif.com/dl/xtensa-esp32-elf-linux32-1.22.0-80-g6c4433a-5.2.0.tar.gz
58+
https://dl.espressif.com/dl/xtensa-esp32s2-elf-gcc8_4_0-esp-2020r3-linux-i686.tar.gz
5959

6060
- for Mac OS:
6161

62-
https://dl.espressif.com/dl/xtensa-esp32-elf-osx-1.22.0-80-g6c4433a-5.2.0.tar.gz
62+
https://dl.espressif.com/dl/xtensa-esp32-elf-gcc8_4_0-esp-2020r3-macos.tar.gz
63+
6364

6465
To use it, you will need to update your ``PATH`` environment variable in ``~/.bash_profile`` file. To make ``xtensa-esp32-elf`` available for all terminal sessions, add the following line to your ``~/.bash_profile`` file::
6566

@@ -74,7 +75,7 @@ Then when you need the toolchain you can type ``get_esp32`` on the command line
7475
You also need the ESP IDF along side this repository in order to build the ESP32 port.
7576
To get it:
7677

77-
$ git clone --recursive -b idf_v3.3.1 https://github.com/pycom/pycom-esp-idf.git
78+
$ git clone --recursive -b idf_v4.1_ml_ota https://github.com/pycom/pycom-esp-idf.git
7879

7980
After cloning, if you did not specify the --recursive option, make sure to checkout all the submodules:
8081

@@ -128,8 +129,7 @@ By default, both bootloader and application are built. To build them separately:
128129

129130
$ cd esp32
130131
$ make clean
131-
$ make TARGET=boot
132-
$ make TARGET=app
132+
$ make release
133133
$ make flash
134134

135135
You can change the board type by using the BOARD variable:
@@ -141,7 +141,7 @@ You can change the board type by using the BOARD variable:
141141

142142
We currently support the following BOARD types:
143143

144-
WIPY LOPY SIPY GPY FIPY LOPY4
144+
WIPY LOPY GPY FIPY LOPY4
145145

146146
For OEM modules, please use the following BOARD type:
147147

@@ -155,7 +155,7 @@ G01: GPY
155155
To specify a serial port other than /dev/ttyUSB0, use ESPPORT variable:
156156

157157
$ # On MacOS
158-
$ make ESPPORT=/dev/tty.usbserial-DQ008HQY flash
158+
$ make ESPPORT=/dev/tty.usbmodemPy8eaa911 flash
159159
$ # On Windows
160160
$ make ESPPORT=COM3 flash
161161
$ # On linux
@@ -179,7 +179,7 @@ To create a release package that can be flashed with the Pycom firmware tool:
179179
To create a release package for all currently supported Pycom boards:
180180

181181
$ cd esp32
182-
$ for BOARD in WIPY LOPY SIPY GPY FIPY LOPY4; do make BOARD=$BOARD clean && make BOARD=$BOARD release; done
182+
$ for BOARD in WIPY LOPY GPY FIPY LOPY4; do make BOARD=$BOARD clean && make BOARD=$BOARD release; done
183183

184184
To specify a directory other than the default build/ directory:
185185

@@ -190,7 +190,7 @@ To specify a directory other than the default build/ directory:
190190
To create a release package for all currently supported Pycom boards in a directory other than the default build/ directory:
191191

192192
$ cd esp32
193-
$ for BOARD in WIPY LOPY SIPY GPY FIPY LOPY4; do make BOARD=$BOARD clean && make BOARD=$BOARD RELEASE_DIR=~/pycom-packages release; done
193+
$ for BOARD in WIPY LOPY GPY FIPY LOPY4; do make BOARD=$BOARD clean && make BOARD=$BOARD RELEASE_DIR=~/pycom-packages release; done
194194

195195
To inclue a step for copying IDF libs from IDF_PATH specify the following variable in the make command
196196

@@ -206,81 +206,4 @@ To Disable RGB Led control use the following make variable
206206

207207
## Steps for using Secure Boot and Flash Encryption
208208

209-
### Summary
210-
211-
1. Obtain keys (for Secure Boot and Flash Encryption)
212-
2. Flash keys and parameters in efuses
213-
3. Compile bootloader and application with `make SECURE=on`
214-
4. Flash: bootloader-digest at address 0x0 and encrypted; all the others (partitions and application) encrypted, too.
215-
216-
### Prerequisites
217-
218-
$ export IDF_PATH=<pycom-esp-idf_PATH>
219-
$ cd esp32
220-
221-
Hold valid keys for Flash Encryption and Secure Boot; they can be generated randomly with the following commands:
222-
223-
python $IDF_PATH/components/esptool_py/esptool/espsecure.py generate_flash_encryption_key flash_encryption_key.bin
224-
python $IDF_PATH/components/esptool_py/esptool/espsecure.py generate_signing_key secure_boot_signing_key.pem
225-
226-
The Secure Boot key `secure_boot_signing_key.pem` has to be transformed into `secure-bootloader-key.bin`, to be burnt into efuses. This can be done in 2 ways:
227-
228-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py extract_public_key --keyfile secure_boot_signing_key.pem signature_verification_key.bin
229-
230-
# or, as an artifact of the make build process, on the same directory level as Makefile
231-
make BOARD=GPY SECURE=on TARGET=boot
232-
233-
Flash keys (`flash_encryption_key.bin` and `secure-bootloader-key.bin`) into the efuses (write and read protected):
234-
235-
**_Note: Irreversible operations_**
236-
237-
# Burning Encryption Key
238-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py --port /dev/ttyUSB0 burn_key flash_encryption flash_encryption_key.bin
239-
# Burning Secure Boot Key
240-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py --port /dev/ttyUSB0 burn_key secure_boot secure-bootloader-key.bin
241-
# Enabling Flash Encryption mechanism
242-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py --port /dev/ttyUSB0 burn_efuse FLASH_CRYPT_CNT
243-
# Configuring Flash Encryption to use all address bits togheter with Encryption key (max value 0x0F)
244-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py --port /dev/ttyUSB0 burn_efuse FLASH_CRYPT_CONFIG 0x0F
245-
# Enabling Secure Boot mechanism
246-
python $IDF_PATH/components/esptool_py/esptool/espefuse.py --port /dev/ttyUSB0 burn_efuse ABS_DONE_0
247-
248-
**_If the keys are not written in efuse, before flashing the bootloader, then random keys will be generated by the ESP32, they can never be read nor re-written, so bootloader can never be updated. Even more, the application can be re-flashed (by USB) just 3 more times._**
249-
250-
### Makefile options:
251-
252-
make BOARD=GPY SECURE=on SECURE_KEY=secure_boot_signing_key.pem ENCRYPT_KEY=flash_encryption_key.bin
253-
254-
- `SECURE=on` is the main flag; it's not optional
255-
- if `SECURE=on` by default:
256-
- encryption is enabled
257-
- secure_boot_signing_key.pem is the secure boot key, located relatively to Makefile
258-
- flash_encryption_key.bin is the flash encryption key, located relatively to Makefile
259-
260-
For flashing the bootloader digest and the encrypted versions of all binaries:
261-
262-
make BOARD=GPY SECURE=on flash
263-
264-
### Flashing
265-
266-
For flashing the bootloader-reflash-digest.bin has to be written at address 0x0, instead of the bootloader.bin (at address 0x1000).
267-
268-
Build is done using `SECURE=on` option; additionally, all the binaries are pre-encrypted.
269-
270-
make BOARD=GPY clean
271-
make BOARD=GPY SECURE=on
272-
make BOARD=GPY SECURE=on flash
273-
274-
Manual flash command:
275-
276-
python $IDF_PATH/components/esptool_py/esptool/esptool.py --chip esp32 --port /dev/ttyUSB0 --baud 921600 --before no_reset --after no_reset write_flash -z --flash_mode dio --flash_freq 80m --flash_size detect 0x0 build/GPY/release/bootloader/bootloader-reflash-digest.bin_enc 0x8000 build/GPY/release/lib/partitions.bin_enc 0x10000 build/GPY/release/gpy.bin_enc_0x10000
277-
278-
### OTA update
279-
280-
The OTA should be done using the pre-encrypted application image.
281-
282-
Because the encryption is done based on the physical flash address, there are 2 application binaries generated:
283-
- gpy.bin_enc_0x10000 which has to be written at default factory address: 0x10000
284-
- gpy.bin_enc_0x1A0000 which has to be written at the ota_0 partition address (0x1A0000)
285-
286-
*__Hint:__ on micropython interface, the method `pycom.ota_slot()` responds with the address of the next OTA partition available (either 0x10000 or 0x1A0000).*
209+
For Secure Boot and Flash Encryption please check: https://docs.pycom.io/advance/encryption/

0 commit comments

Comments
 (0)