Signed App test in OTA Update passes with corrupted certificate
Posted: Mon Nov 30, 2020 11:10 am
ESP-IDF v3.3.4
I am currently implementing an OTA Update mechanism. I have enabled:
Security Features->Require Signed app images
Security Features->Verify app signature on update
Security Features->Sign binaries during build
and generated a "Secure boot private signing key" as documented here: https://docs.espressif.com/projects/esp ... igning-key
I flashed FACTORY partition with my firmware v1.
I deliberated corrupted the boot sigining key by overwriting 20 characters - keeping the same length of key.
I built v2 of my firmware, and triggered an OTA update to download v2
v2 firmware is downloaded, and returns My ESP32 reboots, using v2 firmware.
Expected behaviour:
v2 firmware is downloaded, then returns
Am I missing something, or will any boot signing certificate allow an OTA update?
Regards
Steve
I am currently implementing an OTA Update mechanism. I have enabled:
Security Features->Require Signed app images
Security Features->Verify app signature on update
Security Features->Sign binaries during build
and generated a "Secure boot private signing key" as documented here: https://docs.espressif.com/projects/esp ... igning-key
I flashed FACTORY partition with my firmware v1.
I deliberated corrupted the boot sigining key by overwriting 20 characters - keeping the same length of key.
I built v2 of my firmware, and triggered an OTA update to download v2
v2 firmware is downloaded, and
Code: Select all
esp_https_ota_finish
Code: Select all
ESP_OK
Expected behaviour:
v2 firmware is downloaded, then
Code: Select all
esp_https_ota_finish
Code: Select all
ESP_ERR_OTA_VALIDATE_FAILED
Regards
Steve