Hello everyone,
I managed to get the STM32 to update through esp32. I send the firmware bin file from a PC to esp32 using BT. The esp32 saves it in SPIFFS and forwards it to stm32. My scenario is, how can I first check the firwmare bin file for digital signature on the esp32 side before it is written to SPIFFS. Can esp32 even do that, when the firware file has been signed from STM32 itself.
Best regards
how to check firmware bin file of another microcontroller like STM32 on esp32 before writing it to SPIFFS ?
-
- Posts: 1726
- Joined: Mon Oct 17, 2022 7:38 pm
- Location: Europe, Germany
Re: how to check firmware bin file of another microcontroller like STM32 on esp32 before writing it to SPIFFS ?
ST seems to use a port of mcuboot for secure boot and firmware updates. mcuboot also has a port for Espressif chips, so it should be doable to use mcuboot code to verify a 'foreign' FW image on an ESP. It seems however that this might take quite some fiddling around with mcuboot, so the question is if this would be worth it.
Maybe a preliminary CRC or SHA check on the ESP is sufficient, detecting corrupted transmissions on the ESP while leaving the signature verification to the STM32.
Re: how to check firmware bin file of another microcontroller like STM32 on esp32 before writing it to SPIFFS ?
Hi @aygh4266,
I think you need to know the STM32 firmware signing scheme first. Then you should be able to use appropriate ESP IDF cryptographic APIs to process the sign verification on ESP32 side. IDF Security documentation is available at https://docs.espressif.com/projects/esp ... urity.html
I think you need to know the STM32 firmware signing scheme first. Then you should be able to use appropriate ESP IDF cryptographic APIs to process the sign verification on ESP32 side. IDF Security documentation is available at https://docs.espressif.com/projects/esp ... urity.html
Who is online
Users browsing this forum: timstercb and 133 guests