OTA update using encrypted binary over HTTPS

Asvn Rohit
Posts: 3
Joined: Mon May 31, 2021 6:33 am

OTA update using encrypted binary over HTTPS

Postby Asvn Rohit » Tue Jun 01, 2021 6:07 am

Hello,

I am trying to implement OTA along with flash encryption and secure boot. I am using esp32s2 and the esp-idf version is 4.2.1

The secure boot and flash encryption are working. I am able to upload plain text to my server and get update the chip over OTA.

I host generated the flash encryption key so that I can encrypt the app image and upload it to the server for OTA update. I signed the app with the secure boot key and encrypted the signed app. I uploaded it to the server but I get a secure boot error (magic word wrong). Then I tried encrypting the image first and then signing it with the secure boot key and this also didn't work.

Is there a way to OTA update the chip using an encrypted signed binary to the server? or only plaintext update possible?

jhulbert
Posts: 7
Joined: Thu Jan 28, 2021 9:50 pm

Re: OTA update using encrypted binary over HTTPS

Postby jhulbert » Thu Jun 03, 2021 8:07 pm

Replying for traction. I'm also interested in seeing an answer to this.

WiFive
Posts: 3529
Joined: Tue Dec 01, 2015 7:35 am

Re: OTA update using encrypted binary over HTTPS

Postby WiFive » Thu Jun 03, 2021 11:04 pm

You would have to either modify existing or use a custom ota routine to write the image to the flash without encrypting it

jojojijijojo
Posts: 18
Joined: Thu Feb 20, 2020 8:18 am

Re: OTA update using encrypted binary over HTTPS

Postby jojojijijojo » Fri Jun 03, 2022 3:09 pm

If flash key is generated on host, then burned to ESP, do we have to encrypt flash binary file before deploying it for OTA updates or do we deploy plain text flash binary?

In other words, every time we release an update over the air, do we encrypt the binary file before sending it to remote ESPs or do we send the binaries in plaintext? Given that we have flash key generated on host.

martins
Posts: 50
Joined: Tue Aug 24, 2021 8:58 am

Re: OTA update using encrypted binary over HTTPS

Postby martins » Wed Jul 27, 2022 12:23 pm

jojojijijojo wrote:
Fri Jun 03, 2022 3:09 pm
If flash key is generated on host, then burned to ESP, do we have to encrypt flash binary file before deploying it for OTA updates or do we deploy plain text flash binary?

In other words, every time we release an update over the air, do we encrypt the binary file before sending it to remote ESPs or do we send the binaries in plaintext? Given that we have flash key generated on host.
By my understanding it seems that you would deploy plaintext anyways, because encryption/decryption happens on targer ESP during write/read.

I on the other hand deffinitelly need the ota update image to be encrypted while flash contents would not even need to be enrypted (I'm using PICO-V3 where flash contents should not really be externally accessible). But from discuccions it seems that OTA updates does not work with pre-encrypted images?

Can anyone explain or share the info on how to use pre-encrypted OTA images correctly?

Edit:
Found this topic https://www.esp32.com/viewtopic.php?f=2&t=28639 , which refers to this issue https://github.com/espressif/esp-idf/issues/8776 , which also refers to this issue https://github.com/espressif/esp-idf/issues/6172 . Hopefully that would make it to stable IDF v4.x eventually.

Who is online

Users browsing this forum: No registered users and 109 guests