We will talk about a methodology for enabling secure boot (V2) on ESP32 platforms, aiming at ease-of-use and signing key security for day-to-day development and for production releases. In a nutshell, we create Docker containers to automatically build and sign images, using dummy signing keys, and use a web service to patch dummy-signed images with production keys and signatures to create production images. The private production signing keys are protected by a Cloud key management system, and therefore are never exposed to the build system or a human operator during on-going signed firmware releases. Dummy-signed and production-signed images are readily flushable to ESP32 units, for development and production scenarios, respectively.
We will demonstrate a set of developer tools and the Web platform we have built for ESP32 secure boot enablement, which support both ESP-IDF images and ZephyrOS/MCUboot images.