ESP32 Forum

ESP32 Official Forum
http://esp32.io/

ESP32 OTA with encrypted firmware

http://esp32.io/viewtopic.php?f=13&t=8636

Page 1 of 1

ESP32 OTA with encrypted firmware

Posted: Fri Dec 28, 2018 8:48 am
by hoainguyen265
https://docs.espressif.com/projects/esp ... ption.html
In ESP document for flash encryption i found
OTA updates to encrypted partitions will automatically write encrypted, as long as the esp_partition_write function is used.
And in

Code: Select all

esp_ota_write
we use

Code: Select all

esp_partition_write
It mean the firmware ota is must be plaintext firmware.
But i want to do ota with encrypted firmware. This is a requirement for production.
Based on IDF document, i think i have to modified

Code: Select all

esp_partition_write
for write unencrypted data.

Is there any solution for this?
I also looking for ESP32 production guide.

Re: ESP32 OTA with encrypted firmware

Posted: Fri Dec 28, 2018 11:44 am
by jcsbanks
If you use https to fetch the firmware, and authenticate the ESP32, would that be a solution? This is what I am planning, to solve what sounds like a similar problem.

An alternative would be to encrypt the firmware to the individual device before sending it, will find and post the link...

Re: ESP32 OTA with encrypted firmware

Posted: Fri Dec 28, 2018 12:10 pm
by jcsbanks
https://www.esp32.com/viewtopic.php?f=2 ... ted#p31536

Re: ESP32 OTA with encrypted firmware

Posted: Fri Dec 28, 2018 6:26 pm
by Ritesh
hoainguyen265 wrote:
Fri Dec 28, 2018 8:48 am
 https://docs.espressif.com/projects/esp ... ption.html
In ESP document for flash encryption i found
OTA updates to encrypted partitions will automatically write encrypted, as long as the esp_partition_write function is used.
And in

Code: Select all

esp_ota_write
we use

Code: Select all

esp_partition_write
It mean the firmware ota is must be plaintext firmware.
But i want to do ota with encrypted firmware. This is a requirement for production.
Based on IDF document, i think i have to modified

Code: Select all

esp_partition_write
for write unencrypted data.

Is there any solution for this?
I also looking for ESP32 production guide.
Hi,

Why you want OTA Firmware at time of production time? Because I believe you will just flash firmware using ESP32 tool at time of production and then user will update firmware using OTA based on requirements into device.

But it will be good to have encrypted firmware because of security.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/