Hello,
We are working with a esp32-c3 module (devkit-m1) and are using the Digital Signature module to establish mTLS.
We are using the esp-tls component for https operations, since it supports the DS module.
The issue we are facing is that the esp_https_ota component used for ota updates doesn't seem to support esp-tls configurations, but rather it wants an esp_http_client config. This configuration seems to offer support for secure element, but not DS module.
Is DS supported by esp_https_ota? Or are there any other ways to perform ota updates using DS that we are missing?
Many thanks,
Alex
OTA update using DS module
-
ESP_flying_raijin
- Posts: 25
- Joined: Tue Aug 13, 2019 2:03 pm
Re: OTA update using DS module
Hi Alex,
Yes you are right, the DS support is not present in the client configuration structure.
I will soon share a patch with you that shall enable you to use DS peripheral for establishing the TLS connection at the time of OTA.
Yes you are right, the DS support is not present in the client configuration structure.
I will soon share a patch with you that shall enable you to use DS peripheral for establishing the TLS connection at the time of OTA.
Re: OTA update using DS module
That's great, thanks @ESP_flying_raijin
Re: OTA update using DS module
Hello,ESP_flying_raijin wrote: ↑Mon Aug 21, 2023 5:13 amHi Alex,
Yes you are right, the DS support is not present in the client configuration structure.
I will soon share a patch with you that shall enable you to use DS peripheral for establishing the TLS connection at the time of OTA.
I was wondering if there were any updates on the patch mentioned?
-
ESP_flying_raijin
- Posts: 25
- Joined: Tue Aug 13, 2019 2:03 pm
Re: OTA update using DS module
Hi Alex,
Sorry for the delayed reply.
Please find the patch at this link https://gist.github.com/AdityaHPatwardh ... eral-patch
With this you would have to provide the DS context to the esp_http_client configuration structure.
Just for reference - The ds_context would act as a private key hence you only need to provide the DS context and no private key needs to be provided. Other configurations remain the same.
To generate the ds context and store it on the device in a standard manner you can make use of the https://github.com/espressif/esp_secure_cert_mgr library.
Please find the instructions at https://github.com/espressif/esp_secure ... -partition
Thanks,
Aditya
Sorry for the delayed reply.
Please find the patch at this link https://gist.github.com/AdityaHPatwardh ... eral-patch
With this you would have to provide the DS context to the esp_http_client configuration structure.
Just for reference - The ds_context would act as a private key hence you only need to provide the DS context and no private key needs to be provided. Other configurations remain the same.
To generate the ds context and store it on the device in a standard manner you can make use of the https://github.com/espressif/esp_secure_cert_mgr library.
Please find the instructions at https://github.com/espressif/esp_secure ... -partition
Thanks,
Aditya
Re: OTA update using DS module
Hi Aditya,
Works like a charm, thank you very much!
Any plans on adding this to future release of esp-idf?
Works like a charm, thank you very much!
Any plans on adding this to future release of esp-idf?
Who is online
Users browsing this forum: aapee-jcv and 446 guests