From 1a44129e739d5a71fe4cf63aed11bcc9a2da9f48 Mon Sep 17 00:00:00 2001 From: ok-home Date: Tue, 3 Oct 2023 21:19:46 +0700 Subject: [PATCH] enc dbg --- CMakeLists.txt | 2 +- Kconfig.projbuild | 2 +- idf_component.yml | 2 ++ rsa_key/private.pem | 39 +++++++++++++++++++++++++ source/ota_ws_update_esp_preencrypted.c | 16 +++++----- 5 files changed, 50 insertions(+), 11 deletions(-) create mode 100644 idf_component.yml create mode 100644 rsa_key/private.pem diff --git a/CMakeLists.txt b/CMakeLists.txt index 9930ac2..0c1ce10 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -18,7 +18,7 @@ if(CONFIG_OTA_PRE_ENCRYPTED_MODE) ) #openssl genrsa -out rsa_key/private.pem 3072 create_esp_enc_img(${CMAKE_BINARY_DIR}/${CMAKE_PROJECT_NAME}.bin - ${project_dir}/rsa_key/private.pem ${CMAKE_BINARY_DIR}/${CMAKE_PROJECT_NAME}_secure.bin app) + ${project_dir}/../rsa_key/private.pem ${CMAKE_BINARY_DIR}/${CMAKE_PROJECT_NAME}_secure.bin app) else() idf_component_register( SRCS diff --git a/Kconfig.projbuild b/Kconfig.projbuild index c987114..f4803c2 100644 --- a/Kconfig.projbuild +++ b/Kconfig.projbuild @@ -19,7 +19,7 @@ menu "OTA WS UPDATE" Ota download chunk size. config OTA_PRE_ENCRYPTED_MODE - bool "Ota chunk size" + bool "Ota pre-encrypted mode" default n help Ota pre-encrypted mode. diff --git a/idf_component.yml b/idf_component.yml new file mode 100644 index 0000000..ae7bd6a --- /dev/null +++ b/idf_component.yml @@ -0,0 +1,2 @@ +dependencies: + espressif/esp_encrypted_img: "^2.0.1" \ No newline at end of file diff --git a/rsa_key/private.pem b/rsa_key/private.pem new file mode 100644 index 0000000..cb0a8b7 --- /dev/null +++ b/rsa_key/private.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG4wIBAAKCAYEAwiweYOoQ06RE5jAHJP5Y34j0PQR6T/unqQPVg0Z0NOstMcLW +qzqRXL3f+fAc3ooxrN+vZkriKK6dcU0qM4g69BJwRKc+VKS4uRNfQhuAeCyFgTP0 +MWJDlSZplphjDXnPoJM5WN5S/qRTQVMiBJdxycryIIqjPpVDxd3ET/xuHG2VTVlV +MoqcqdXhKNOWGEAgWe8Kc8VpeQSdXGrhgmTdlJoLP2wy1nEOfIo/UZJV+vDqZvnX +8hZe7l0sl6SCUJ7P/VzzSOJreDxGCBVjSJkaL3xE+8C5bX85oLcFsbFS1M2zfgLG +RJ0Ha/PMs6CarQzhn77GjqNUY0qYmdlInJcIiQ3bkPlTsBdgDZ9m/RrMzl49ndLI +2ZIWlTQr/gJh+kJUU02XEzRZ+bd0/v760JjIKtUKItMfiNa9OO2chvVuYs6FID+8 +oICHmj90E2gz4O6WHsBf9+R9Rtn3KJ1d1d5IHYMispa+q3K6dqVFhLjgT7vVQbFE +z2FPghtH3dZPv10BAgMBAAECggGBAL+bR7L85vPiMvcvR62Sq+KRw+n+ZDBPNghL +t0MeoAekVum2yZ0YY18wIzgBYIudtR1RckUv+fKJNOYcbluBwCMfmte0bYabMYm4 +exTCDMkJrghsWzjsLaKd0C4CXCRtIpzjCwEOCrorL9jTj0sWovutH7dK94IHS2SS +zWjcwU+eN2mnkLIaJDRX0SM3f/KYPRRiFV9e3BDGo/4RnkzM+fbs99JzE8uWruPo +jEkTbXL+j2BkhVroBm+TVDCj7tBdlUhhfFaBAUjwum2otO2ND4fEUdiV0PyIapP3 +UFFEU+8bqGIlWNffDzLbRBiPjma1QX4ktjfsb18TdZu+OTTps2dgiivo6x8kau+I +o3alg1RnQQyK+Wn4NRtE8Eknp33aT7HyRbH10/Vko5lnEfwTUyfdOVIGj5Jh5yvY +heIDAQgRcvuCllr1ypDZlmd0wkqWC9nZRbLFN2NpLotSSrf69pYv3z4/beffzYsI +QnGQmdYhX32+7BLqt+qEb4V+VlkkAQKBwQD4i9OSZYqD1iBXPGUZGioPY3ftPVIb +6kQ94AIgNZ+HLbYzYL4QNimakPtRSrE1VxsDAn+GG1A3ncvJIqw8+tHSKecpIM5G +4FaGzFqwpLnw3XOgHwgXRHcXRwFngf3G464KFHfZ4E6VkHeOxdfNdh+pOQlpLkYS +WS4OuvTVJyUNvv2N3+7NELSQkAacdVf2yDIa4o17a7KP69FYxwW3Reco6MDeQU6E +tlyXas/upGrle06DfYa02hiiF4tY5bOjCyECgcEAx/7Ye9JO0rA6ozzfFCF8RtPR +WyKjypBXrZOmrAOzo1H0H9rB4pR+7NYa+ixN6tsv0dJylQsj7nszipzqms9WIvxA +9hH+k4+UoOKHnNeywNVVNEswfeTaaIXMxGWGx7QNTg58hVZZQgkdgIWJxznr4REq +bEmWgEoyDtmN5x+N4p9fjjQkboWyatJ9r7eCoiG1wzAoI9hqqcEOf49B4jCXtHIk +bsKOs6jTbZq7aCxMkYDxyMQFyutuq01F9GRWTPXhAoHAQEwb7ZFrJfPs5eRv2vCT +1OtMiQkGBsax5LfglOiKXnQK4Hu0b4kzdhLvkPYbpcrk6ABrcQv70od1wpC/sf7I +7O9+J3ufIWLDv5d6FpxmpdMEKHYep7ZEgLcTu+0684rO6TimUKzgZ3y6EStJSpO2 +WRayQo1//xsm+RSQZdv8j/PKsDswEciyjXtU2oDYwrTDkYTuSPFxfh3pSGgkKGdj +B4g+7MBESbzLczhklj3ekYM2qnl8saiCGtywZcz2jcVBAoHAWKNUYxyEntBITMzP +ueZVZDbA1Pl3SnHKyj1kY1yIo1vRLMURpVBXKLSD5Fj6d5qJiR8SdYgodqvX3hlJ +yS8XaA4Q5H55LAE4yE1d+V+H8/sY9kJUzZc+TZDvfiPZJm1gcDXvblEk4iWUE8Ab +nlbHekrXWIMM1vMLWJWHVOYhRk2IVkg51VogB0QfPF/C4AS8wDN5ttlV/MJ5oINn +mc4bjngAOa60/F9YxX0MjlED5oEVp/to7dSGihmHZZeKwDVBAoHAYVNuPLf2L08u +ljOD5YnVfYFRIwfTUfOew7eQnPgfBNbgE0EUDR3ukIQKaZQzt3COA4oieSUd+dK9 +XRUJBF6EzUkBCTC22ExtdedEjdn5s6fCX63Ad5k6Olr44cINqgJtuVp3a4RnxENr +PdhiIMkqW3rp+/0HdZNHAzDhbKM6C8AVWX4chDEVUOIaRE53+Amfebd/PGQ/7WkT +LuAz4IA2Abj0/VXr1txQwhVk3zloLYxyacyyqQHYn+GgWPHdmQw8 +-----END RSA PRIVATE KEY----- diff --git a/source/ota_ws_update_esp_preencrypted.c b/source/ota_ws_update_esp_preencrypted.c index e889356..252c275 100644 --- a/source/ota_ws_update_esp_preencrypted.c +++ b/source/ota_ws_update_esp_preencrypted.c @@ -32,14 +32,12 @@ static bool image_header_was_checked = false; static esp_ota_handle_t update_handle = 0; // pre-encrypted handle static esp_decrypt_handle_t enc_handle; // handle -static esp_decrypt_cfg_t enc_cfg; // cfg -static pre_enc_decrypt_arg_t enc_arg; // arg +static esp_decrypt_cfg_t enc_cfg = {}; // cfg +static pre_enc_decrypt_arg_t enc_arg = {}; // arg extern const char rsa_private_pem_start[] asm("_binary_private_pem_start"); extern const char rsa_private_pem_end[] asm("_binary_private_pem_end"); - - esp_err_t start_ota_ws(void) { //return ESP_OK; // debug return @@ -92,8 +90,8 @@ esp_err_t start_ota_ws(void) } esp_err_t write_ota_ws(int enc_data_read, uint8_t *enc_ota_write_data) { - //return ESP_OK; // debug return - enc_arg.data_in = enc_ota_write_data; + //return ESP_OK; // debug return + enc_arg.data_in = (char*)enc_ota_write_data; enc_arg.data_in_len = enc_data_read; esp_err_t ret = esp_encrypted_img_decrypt_data(enc_handle, &enc_arg); if(ret) @@ -103,7 +101,7 @@ esp_err_t write_ota_ws(int enc_data_read, uint8_t *enc_ota_write_data) return ret; } int data_read = enc_arg.data_out_len; - uint8_t *ota_write_data = enc_arg.data_out; + uint8_t *ota_write_data = (uint8_t*)enc_arg.data_out; if (image_header_was_checked == false) // first segment { @@ -133,7 +131,7 @@ esp_err_t write_ota_ws(int enc_data_read, uint8_t *enc_ota_write_data) ret = ESP_OK; _ret_free: - free enc_arg.data_out; + free(enc_arg.data_out); return ret; } esp_err_t end_ota_ws(void) @@ -144,7 +142,7 @@ esp_err_t end_ota_ws(void) { ESP_LOGE(TAG, "esp_encrypted_img_decrypt_end (%s)!", esp_err_to_name(ret)); abort_ota_ws(); - return ret + return ret; } ret = esp_ota_end(update_handle);