ESP32 Flash Download Tool - FactoryMultiDownload
Posted: Sat May 27, 2023 5:08 pm
Hello everyone,
I am in the middle of preparing a deployment of our modest IOT fleet based on the ESP32. Amongst all the moving targets is one in particular I have questions about: Preparing 250 units.
The problem I have is this; our fleet is not large enough to warrant developing an auto provisioning system to get X.509 certs on every device via onboarding/enrollment. Maybe if the fleet got bigger we would do it, but at 250 it seems like a wasted investment. So it's manual work. We're going to run everything "unhardened" for a while, before we pull the trigger to harden them, so there is room for mistakes. Every device is slightly different in a few ways though:
* every device has a passive NFC tag attached to it with a unique 7-byte UID. That UID needs to be flashed as an NVS key.
* every device has its own X.509 device cert from AWS IOT that needs to be flashed as an NVS key.
* every device has its own X.509 private key from AWS IOT that needs to be flashed as an NVS key.
For the rest, the factory app, first OTA app, SSID/PASS NVS keys, etc. is the same for every device.
Now I've been reading up on the manufacturing guide, and experimenting with the ESP32 Flash Download Tool, and it seemed like I was on my way there. But it turns out the ESP32 Flash Download Tool is missing one obvious function; to make some of its partitions fixed, and some of its partitions dependent on the Downloader/COM.
I did come across a directory called flashtool/dl_temp/bin_temp/downloadPanel#/ of which there were 8, and each had the binary to be flashed in them. So it seems the entire tool was setup to support some sort of variance between instances of Downloaders. I just can't seem to find the setting for it.
Has anyone faced any similar issues? Help would be appreciated; I need to start flashing in August already.
I am in the middle of preparing a deployment of our modest IOT fleet based on the ESP32. Amongst all the moving targets is one in particular I have questions about: Preparing 250 units.
The problem I have is this; our fleet is not large enough to warrant developing an auto provisioning system to get X.509 certs on every device via onboarding/enrollment. Maybe if the fleet got bigger we would do it, but at 250 it seems like a wasted investment. So it's manual work. We're going to run everything "unhardened" for a while, before we pull the trigger to harden them, so there is room for mistakes. Every device is slightly different in a few ways though:
* every device has a passive NFC tag attached to it with a unique 7-byte UID. That UID needs to be flashed as an NVS key.
* every device has its own X.509 device cert from AWS IOT that needs to be flashed as an NVS key.
* every device has its own X.509 private key from AWS IOT that needs to be flashed as an NVS key.
For the rest, the factory app, first OTA app, SSID/PASS NVS keys, etc. is the same for every device.
Now I've been reading up on the manufacturing guide, and experimenting with the ESP32 Flash Download Tool, and it seemed like I was on my way there. But it turns out the ESP32 Flash Download Tool is missing one obvious function; to make some of its partitions fixed, and some of its partitions dependent on the Downloader/COM.
I did come across a directory called flashtool/dl_temp/bin_temp/downloadPanel#/ of which there were 8, and each had the binary to be flashed in them. So it seems the entire tool was setup to support some sort of variance between instances of Downloaders. I just can't seem to find the setting for it.
Has anyone faced any similar issues? Help would be appreciated; I need to start flashing in August already.