Hi you all!
I'm currently working on Arduino IDE and need to:
- Update the firmware using HTTPS OTA.
- Verify the new firmware is signed by myself.
Currently I do the OTA firmware update using HTTP protocol and everything works fine. But in order to implement better security practices, and given that the device must be updated periodically, I need to make this work this way. I'm just starting to know how the Secure Boot feature works. Can you help me, guys? Any ideas are welcome!
Secure boot + HTTPS OTA firmware updates.
Re: Secure boot + HTTPS OTA firmware updates.
Hi Sombra,
ESP-IDF has support for both hardware secure boot and a simpler method where app digital signature is verified on OTA update.
However, I'm afraid you can't enable these options from Arduino IDE. Need to use ESP-IDF where you can edit the project configuration.
Angus
ESP-IDF has support for both hardware secure boot and a simpler method where app digital signature is verified on OTA update.
However, I'm afraid you can't enable these options from Arduino IDE. Need to use ESP-IDF where you can edit the project configuration.
Angus
Re: Secure boot + HTTPS OTA firmware updates.
Thanks for your answer, Angus!
I understand. Is there a way to use both Arduino and ESP-IDF? Or do I need to migrate all all to ESP-IDF.
Greetings!
I understand. Is there a way to use both Arduino and ESP-IDF? Or do I need to migrate all all to ESP-IDF.
Greetings!
Re: Secure boot + HTTPS OTA firmware updates.
There is a way to use the Arduino support as an ESP-IDF component:
https://github.com/espressif/arduino-es ... mponent.md
(This doc looks like it may be a little out of date for the latest ESP-IDF, but the approach is there.)
https://github.com/espressif/arduino-es ... mponent.md
(This doc looks like it may be a little out of date for the latest ESP-IDF, but the approach is there.)
Who is online
Users browsing this forum: Google [Bot] and 5 guests