ESP32 Forum

Hi,

I worked on a program with IDF 5.0. It generates a webserser (via Acces Point mode) where i can directly upload an .bin firmware to update the firmware with simples OTA tools, without using HTTPS OTA. This works fine.
After, I have begun to implement a secure boot and the firmware encryption, but I need to read an encrypted .bin for the OTA to secure our futur products of course. In the official documentation, i saw an example to make a pre encrypted OTA with HTTPS OTA tools.

So, is there a way to upload a pre encrypted .bin on the ESP32C3 webserver with secure boot on and encryption on, without using HTTPS OTA tools ? Using simple functions that I already use such as esp_ota_begin, esp_ota_write... And of course, if i use a not encrypted .bin for OTA, the firmware refuses to updating.

Thanks you for your help.

Paul

Hello Paul,

Pre-encrypted OTA example also generates an encrypted firmware image as a part of the build system. Please refer to https://github.com/espressif/esp-idf/tr ... sh-example. You may upload this image on the server for OTA updates.

Hi,

Ok, there is something I didn't understand. The pre-encryption image (.bin) for OTA uses a different key than the firmware encryption.
It is clearer in my mind. Finally, I fixed some problems, I can update my firmware (encryption on and secure boot on) with OTA, with a .bin unencrypted. I will work with a encrypted .bin later, this is not urgent.
Thanks for your help.

Pandre4 wrote: ↑

Fri Dec 16, 2022 11:14 am

Hi,

Ok, there is something I didn't understand. The pre-encryption image (.bin) for OTA uses a different key than the firmware encryption.
It is clearer in my mind. Finally, I fixed some problems, I can update my firmware (encryption on and secure boot on) with OTA, with a .bin unencrypted. I will work with a encrypted .bin later, this is not urgent.
Thanks for your help.

Hey Paul,
did you manage to set up ota updates with pre-encrypted bin files via your esp webserver?
I am currently looking for a solution to this problem as well.