Issues with OTA updating signed binaries

[richardhawthorn]

Hi everyone

I've been running esp8266 devices in the field for the last 4 years, all of which have been signed with my public/private key. For the first 2 years this worked as expected, and signed updates would deploy ota and upgrade without issue.

In the mean time I was updating the code, adding features, and upgrading the software libraries (and core) to improve my firmware. At some point the ota firmware upgrades stopped being accepted by the target devices, and returned an error 12, "Signature verification failed".

I've checked my public and private keys haven't changed, and that my embedded pubkey[] is the same as it always was. I see there is a legacy format of signing, but I have never user that, only the more modern version of the signing.

I can see when arduino signes my binaries there is 256 bytes of hash data added to the end of the file, and an interger (hex 0001 0000) added at the end of that to note the length of the hash.

I'm not sure why my newer signed binaries don't work on the old running devices. I tried downgrading the esp8266 core to see if a change there was stopping it working, but I've not been able to identify the issue.

Any ideas?

Thanks for your time!

Richard