From: Angus Gratton Date: Tue, 4 Dec 2018 01:38:28 +0000 (+1100) Subject: docs: flash encryption: Fix description of behaviour when all bits of FLASH_CRYPT_CNT... X-Git-Tag: v3.3-beta1~26^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a2d0fbb9abebe7670200b523cb8bc170c990db7d;p=esp-idf docs: flash encryption: Fix description of behaviour when all bits of FLASH_CRYPT_CNT are set Correct behaviour is described in section 25.3.3 Flash Decryption Block of the ESP32 TRM --- diff --git a/docs/en/security/flash-encryption.rst b/docs/en/security/flash-encryption.rst index f65fb6f4ff..82e6fb379c 100644 --- a/docs/en/security/flash-encryption.rst +++ b/docs/en/security/flash-encryption.rst @@ -146,7 +146,7 @@ Limited Updates Only 4 plaintext serial update cycles of this kind are possible, including the initial encrypted flash. -After the fourth time encryption is disabled, :ref:`FLASH_CRYPT_CNT` has the maximum value `0xFF` and encryption is permanently disabled. +After the fourth time encryption is enabled, :ref:`FLASH_CRYPT_CNT` has the maximum value ``0x7F`` (7 bits set) and encryption is permanently enabled. Flashing :ref:`FLASH_CRYPT_CNT` to ``0xFF`` (8 bits set) does not re-disable encryption, the eighth bit is ignored. Using :ref:`updating-encrypted-flash-ota` or :ref:`pregenerated-flash-encryption-key` allows you to exceed this limit.