(Solved) OTA encrypted flash transmission.

User avatar
brp80000
Posts: 138
Joined: Thu Oct 04, 2018 7:13 pm

(Solved) OTA encrypted flash transmission.

Postby brp80000 » Wed Jan 09, 2019 9:09 am

My device has factory partition and two OTA partitions. Factory partition I flash at production together with the same encryption key AES. The devices are then updated via OTA via TCP protocol from my server. I don't trust HTTPS its easy to crack. I want to use flash encryption.
I use esp-idf-v3.1.2 ...
How can I transfer already encrypted data through OTA?
Last edited by brp80000 on Thu Jan 17, 2019 10:44 pm, edited 2 times in total.

User avatar
brp80000
Posts: 138
Joined: Thu Oct 04, 2018 7:13 pm

Re: OTA transmission encryption flash.

Postby brp80000 » Sat Jan 12, 2019 3:13 pm

Is it possible to use the transmission of encoded data in the new esp-idf-v3.1.2

thethinker
Posts: 58
Joined: Thu Mar 01, 2018 1:26 am

Re: OTA transmission encryption flash.

Postby thethinker » Sun Jan 13, 2019 7:51 pm

I believe there are multiple functions for writing to the Flash. According to:
https://demo-dijiudu.readthedocs.io/en/ ... ption.html

It says:
The ROM function esp_rom_spiflash_write_encrypted will write encrypted data to flash, the ROM function SPIWrite will write unencrypted to flash. (these function are not supported in esp-idf apps).
So if you want to write already encrypted file to flash, one way is to copy the HTTPS_OTA component files over to your project directory and modify it to use the SPIWrite. You will need to do all the checks that the partition_write does manually yourself.
Good luck :ugeek:

User avatar
brp80000
Posts: 138
Joined: Thu Oct 04, 2018 7:13 pm

Re: OTA transmission encryption flash.

Postby brp80000 » Sun Jan 13, 2019 8:27 pm

I wanted to understand whether there was support for such a regime, as promised
ESP_Angus
http://bbs.esp32.com/viewtopic.php?f=2& ... a2028ce98c

User avatar
brp80000
Posts: 138
Joined: Thu Oct 04, 2018 7:13 pm

Re: OTA transmission encryption flash.

Postby brp80000 » Tue Jan 15, 2019 5:14 pm

Comrades of the support I have already locked 3 of the chip well be so kind to help me. I have at stake a large batch of devices in a few thousand. This your sales. With created already 4 themes with questions to you. It is very difficult for me to understand the translation of your texts, probably they are written in Chinese-English or my level of English is not enough to understand your level. Well, or you have a new year?

User avatar
brp80000
Posts: 138
Joined: Thu Oct 04, 2018 7:13 pm

Re: OTA encrypted flash transmission.

Postby brp80000 » Thu Jan 17, 2019 10:43 pm

I answer myself: the function has not been implemented. I followed the example from the link and despite some differences in the new IDF I was able to do OTA with pre-encrypted firmware data, without decrypting it when placed in flash

Who is online

Users browsing this forum: Bing [Bot] and 185 guests