uploaded 1 month ago
ESP Encrypted Image Abstraction Layer


ESP Encrypted Image Abstraction Layer

Component Registry

This component provides an API interface to decrypt data defined in "ESP Encrypted Image" format. This format is as specified at Image Format

This component can help in integrating pre encrypted firmware in over-the-air updates. Additionally, this component can also be used for other use-cases which requires addition of encryption layer for custom data.

Image Format

Image Format

typedef struct {
    char magic[4];
    char enc_gcm[384];
    char iv[16];
    char bin_size[4];
    char auth[16];
    char extra_header[88];
} pre_enc_bin_header;

The above struct represents encrypted image header.


  • RSA-3072 key is provided to the tool externally. You can generate RSA key pair using following command:

    openssl genrsa -out rsa_key/private.pem 3072

  • AES-GCM key and IV are generated by the tool itself.

Tool Info

This component also contains tool ( to generate encrypted images using RSA3072 public key.

Encrypt the image

python encrypt /path/to/input.bin /path/to/RSA-public-key /path/to/enc.bin

Decrypt the image

python decrypt /path/to/enc.bin /path/to/RSA-private-key /path/to/output.bin

To know more about the tool, use command: python --help

API Reference

To learn more about how to use this component, please check API Documentation from header file esp_encrypted_img.h


Supports all targets

License: Apache-2.0

To add this component to your project, run: add-dependency "espressif/esp_encrypted_img^2.0.3"

or download archive


  • ESP-IDF >=4.4
  • Stats

    • Downloaded in total
      Downloaded in total 97.7k times
    • Downloaded this version
      This version: 13.2k times


    espressif/esp_encrypted_img version: 2.0.3 |