Secure over-the-air updates for ESP32 – Classy Code Blog
- Make sure the file name matches the name in the meta information file.
- Update the meta information file for the file name and the new software version, then save the meta information file.
- In the initial version, you had to “push” a firmware update to a specific device.
- It compares the received version in the meta information file with the installed software version.
- If a request arrives, the iap_https module uses the wifi_tls module to connect to the web server and sends a GET request using the https_client module to get the meta information file.
This is a follow-up to our previous blog post, “Over-the-air updating an ESP32”. We’ve implemented a new version of our OTA example with various improvements: The web server provides two files. The…
@ESP32net: Secure Over-The-Air Updates for #ESP32
♺ @aschweiz77 #IoT
This is a follow-up to our previous blog post, “Over-the-air updating an ESP32”. We’ve implemented a new version of our OTA example with various improvements:
The graphic shows a typical scenario:
The web server provides two files. The first one is a text file with meta information on the available update (where to find it and which version it has) and the polling interval that the devices should use to check for new updates. We use a simple integer to identify the version (1, 2, 3 and so on). The second file is the actual firmware binary. If a device detects that the firmware version on the server is different from the version it’s running, it downloads and installs the firmware.
We’re working on another follow-up post to show how this mechanism can be integrated with the secure bootloader infrastructure of the ESP32. In this post, we ignore that aspect. We also ignore the fact that you may want to authenticate the client to access the firmware.
The code in the new example is split into multiple modules to make it easier to understand and to integrate into a real application. For example, there may be other parts of the application that want to perform HTTP requests. Now they can, because the code for HTTP requests is in its own separate module. Or you may want to update the device via Bluetooth or via an USART. In this case, you can simply re-use the IAP module.
The iap_https module contains the actual logic for coordinating firmware updates. Most of the time, it sleeps, waiting for a request to query the server for updates. We support two types of requests, automatic periodic requests (triggered by a FreeRTOS timer) and manual requests.
If a request arrives, the iap_https module uses the wifi_tls module to connect to the web server and sends a GET request using the https_client module to get the meta information file. It compares the received version in the meta information file with the installed software version. If the two versions are different, it uses the https_client module to download the firmware image from the server and writes them to the flash with the help of the iap module.
Download the example code from our public repository (https://github.com/classycodeoss/esp32-ota-https). Select the 1.0 tag. We’ve tested this version with the current version of ESP-IDF, so if you get compile errors and don’t want to fix them, or if the example doesn’t work, you may want to try a version of ESP-IDF master from around 02/08/2017, e.g. commit c61fdff7293c68142d052376eace1a3a9f6a2312.
First, you need to set up a web server for HTTPS where you can store the meta information and firmware image file.
Install an SSL certificate on the server for HTTPS to work. The certificate can be self-signed. Put the content of the root CA certificate and peer certificate in main.h (without the private keys, of course!):
Next, update the remaining configuration in main.h:
Before you build the example, run “make menuconfig” to prepare the configuration for your environment (device and baud rate for initial serial flash). May be change the log level to DEBUG until everything works fine.
Select the partition table with one factory and two OTA partitions:
In the FreeRTOS settings, you need to constrain FreeRTOS to run on a single core with the current version of ESP-IDF and the example code:
(There’s currently a race condition that may cause the flash writes to hang or crash (may be the same issue as described in this bug report) if FreeRTOS runs on both cores. I’ll update this blog post when it’s fixed.)
Build and flash the example. The log output should look like this:
Fix any errors that appear.
Increase the SOFTWARE_VERSION in main.h from 1 to 2 and build the application again. Don’t flash it as we want to test the OTA update now!
Transfer the esp32-ota-https.bin file to your web server. Update the meta information file for the file name and the new software version, then save the meta information file.
After a couple of seconds (depending on what you have defined for OTA_POLLING_INTERVAL in main.h), the application should detect that a new firmware version is available and should start to download and install it:
If OTA_AUTO_REBOOT is set to 1 in main.h, the application should automatically re-boot the ESP32.
We hope this is useful for you. Leave your feedback in the comments 🙂