kopia lustrzana https://github.com/espressif/esp-idf
simple_ota_example: Adds configs to test on_update_no_secure_boot option (RSA&ECDSA)
KonstantinKondrashov
bot
rodzic
8db9a93e55
commit
af3cbe2888
|
|
@ -100,6 +100,12 @@ example_test_001B:
|
|||
- ESP32
|
||||
- Example_EthKitV1
|
||||
|
||||
example_test_001B_V3:
|
||||
extends: .example_test_esp32_template
|
||||
tags:
|
||||
- ESP32
|
||||
- Example_EthKitV12
|
||||
|
||||
example_test_001C:
|
||||
extends: .example_test_esp32_template
|
||||
parallel: 3
|
||||
|
|
|
|||
|
|
@ -234,6 +234,85 @@ def test_examples_protocol_simple_ota_example_with_flash_encryption_wifi(env, ex
|
|||
dut1.expect('Starting OTA example', timeout=30)
|
||||
|
||||
|
||||
@ttfw_idf.idf_example_test(env_tag='Example_EthKitV1')
|
||||
def test_examples_protocol_simple_ota_example_with_verify_app_signature_on_update_no_secure_boot_ecdsa(env, extra_data):
|
||||
"""
|
||||
steps: |
|
||||
1. join AP
|
||||
2. Fetch OTA image over HTTPS
|
||||
3. Reboot with the new OTA image
|
||||
"""
|
||||
dut1 = env.get_dut('simple_ota_example', 'examples/system/ota/simple_ota_example', dut_class=ttfw_idf.ESP32DUT,
|
||||
app_config_name='on_update_no_sb_ecdsa')
|
||||
# check and log bin size
|
||||
binary_file = os.path.join(dut1.app.binary_path, 'simple_ota.bin')
|
||||
bin_size = os.path.getsize(binary_file)
|
||||
ttfw_idf.log_performance('simple_ota_bin_size', '{}KB'.format(bin_size // 1024))
|
||||
# start test
|
||||
host_ip = get_my_ip()
|
||||
thread1 = Thread(target=start_https_server, args=(dut1.app.binary_path, host_ip, 8000))
|
||||
thread1.daemon = True
|
||||
thread1.start()
|
||||
dut1.start_app()
|
||||
dut1.expect('Loaded app from partition at offset 0x20000', timeout=30)
|
||||
try:
|
||||
ip_address = dut1.expect(re.compile(r' eth ip: ([^,]+),'), timeout=30)
|
||||
print('Connected to AP with IP: {}'.format(ip_address))
|
||||
except DUT.ExpectTimeout:
|
||||
raise ValueError('ENV_TEST_FAILURE: Cannot connect to AP')
|
||||
dut1.expect('Starting OTA example', timeout=30)
|
||||
|
||||
print('writing to device: {}'.format('https://' + host_ip + ':8000/simple_ota.bin'))
|
||||
dut1.write('https://' + host_ip + ':8000/simple_ota.bin')
|
||||
dut1.expect('Writing to partition subtype 16 at offset 0x120000', timeout=20)
|
||||
|
||||
dut1.expect('Verifying image signature...', timeout=60)
|
||||
|
||||
dut1.expect('Loaded app from partition at offset 0x120000', timeout=20)
|
||||
dut1.expect('Starting OTA example', timeout=30)
|
||||
|
||||
|
||||
@ttfw_idf.idf_example_test(env_tag='Example_EthKitV12')
|
||||
def test_examples_protocol_simple_ota_example_with_verify_app_signature_on_update_no_secure_boot_rsa(env, extra_data):
|
||||
"""
|
||||
steps: |
|
||||
1. join AP
|
||||
2. Fetch OTA image over HTTPS
|
||||
3. Reboot with the new OTA image
|
||||
"""
|
||||
dut1 = env.get_dut('simple_ota_example', 'examples/system/ota/simple_ota_example', dut_class=ttfw_idf.ESP32DUT,
|
||||
app_config_name='on_update_no_sb_rsa')
|
||||
# check and log bin size
|
||||
binary_file = os.path.join(dut1.app.binary_path, 'simple_ota.bin')
|
||||
bin_size = os.path.getsize(binary_file)
|
||||
ttfw_idf.log_performance('simple_ota_bin_size', '{}KB'.format(bin_size // 1024))
|
||||
# start test
|
||||
host_ip = get_my_ip()
|
||||
thread1 = Thread(target=start_https_server, args=(dut1.app.binary_path, host_ip, 8000))
|
||||
thread1.daemon = True
|
||||
thread1.start()
|
||||
dut1.start_app()
|
||||
dut1.expect('Loaded app from partition at offset 0x20000', timeout=30)
|
||||
try:
|
||||
ip_address = dut1.expect(re.compile(r' eth ip: ([^,]+),'), timeout=30)
|
||||
print('Connected to AP with IP: {}'.format(ip_address))
|
||||
except DUT.ExpectTimeout:
|
||||
raise ValueError('ENV_TEST_FAILURE: Cannot connect to AP')
|
||||
dut1.expect('Starting OTA example', timeout=30)
|
||||
|
||||
print('writing to device: {}'.format('https://' + host_ip + ':8000/simple_ota.bin'))
|
||||
dut1.write('https://' + host_ip + ':8000/simple_ota.bin')
|
||||
dut1.expect('Writing to partition subtype 16 at offset 0x120000', timeout=20)
|
||||
|
||||
dut1.expect('Verifying image signature...', timeout=60)
|
||||
dut1.expect('#0 app key digest == #0 trusted key digest', timeout=10)
|
||||
dut1.expect('Verifying with RSA-PSS...', timeout=10)
|
||||
dut1.expect('Signature verified successfully!', timeout=10)
|
||||
|
||||
dut1.expect('Loaded app from partition at offset 0x120000', timeout=20)
|
||||
dut1.expect('Starting OTA example', timeout=30)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
if sys.argv[2:]: # if two or more arguments provided:
|
||||
# Usage: example_test.py <image_dir> <server_port> [cert_di>]
|
||||
|
|
@ -250,3 +329,5 @@ if __name__ == '__main__':
|
|||
test_examples_protocol_simple_ota_example_ethernet_with_spiram_config()
|
||||
test_examples_protocol_simple_ota_example_with_flash_encryption()
|
||||
test_examples_protocol_simple_ota_example_with_flash_encryption_wifi()
|
||||
test_examples_protocol_simple_ota_example_with_verify_app_signature_on_update_no_secure_boot_ecdsa()
|
||||
test_examples_protocol_simple_ota_example_with_verify_app_signature_on_update_no_secure_boot_rsa()
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
# ECDSA is available only in ESP32
|
||||
CONFIG_IDF_TARGET="esp32"
|
||||
|
||||
CONFIG_EXAMPLE_FIRMWARE_UPGRADE_URL="FROM_STDIN"
|
||||
CONFIG_EXAMPLE_SKIP_COMMON_NAME_CHECK=y
|
||||
|
||||
CONFIG_PARTITION_TABLE_OFFSET=0xC000
|
||||
|
||||
CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT=y
|
||||
CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT=y
|
||||
CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME=y
|
||||
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key_ecdsa.pem"
|
||||
|
||||
CONFIG_EXAMPLE_CONNECT_ETHERNET=y
|
||||
CONFIG_EXAMPLE_CONNECT_WIFI=n
|
||||
CONFIG_EXAMPLE_USE_INTERNAL_ETHERNET=y
|
||||
CONFIG_EXAMPLE_ETH_PHY_IP101=y
|
||||
CONFIG_EXAMPLE_ETH_MDC_GPIO=23
|
||||
CONFIG_EXAMPLE_ETH_MDIO_GPIO=18
|
||||
CONFIG_EXAMPLE_ETH_PHY_RST_GPIO=5
|
||||
CONFIG_EXAMPLE_ETH_PHY_ADDR=1
|
||||
CONFIG_EXAMPLE_CONNECT_IPV6=y
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
# ESP32 supports SIGNED_APPS_RSA_SCHEME only in ECO3
|
||||
CONFIG_ESP32_REV_MIN_3=y
|
||||
CONFIG_ESP32_REV_MIN=3
|
||||
|
||||
CONFIG_EXAMPLE_FIRMWARE_UPGRADE_URL="FROM_STDIN"
|
||||
CONFIG_EXAMPLE_SKIP_COMMON_NAME_CHECK=y
|
||||
|
||||
CONFIG_PARTITION_TABLE_OFFSET=0xC000
|
||||
|
||||
CONFIG_SECURE_SIGNED_APPS_NO_SECURE_BOOT=y
|
||||
CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT=y
|
||||
CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME=y
|
||||
CONFIG_SECURE_BOOT_SIGNING_KEY="test/secure_boot_signing_key.pem"
|
||||
|
||||
CONFIG_EXAMPLE_CONNECT_ETHERNET=y
|
||||
CONFIG_EXAMPLE_CONNECT_WIFI=n
|
||||
CONFIG_EXAMPLE_USE_INTERNAL_ETHERNET=y
|
||||
CONFIG_EXAMPLE_ETH_PHY_IP101=y
|
||||
CONFIG_EXAMPLE_ETH_MDC_GPIO=23
|
||||
CONFIG_EXAMPLE_ETH_MDIO_GPIO=18
|
||||
CONFIG_EXAMPLE_ETH_PHY_RST_GPIO=5
|
||||
CONFIG_EXAMPLE_ETH_PHY_ADDR=1
|
||||
CONFIG_EXAMPLE_CONNECT_IPV6=y
|
||||
|
|
@ -0,0 +1,39 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIG4wIBAAKCAYEAzJUktQ+7wpPDfDGterxiMRx5w9n7PFaUSK3wnE+05ALsEF8F
|
||||
rUOC7/q0GutYYdWopdRM1FUKX2XVaryMViC+DHof42fEbpWYnfrCkYrDn8MLuMyK
|
||||
4uGunl8LUTIAZk3I3SZKJZy5FW9eb1XtkwfN1lAd6lEEGQKyoR6Bk/Rkisj0LP7R
|
||||
dyV9NKbJhxavZ1ohZXiXU5FW873iGdPIsloZoUK3QGRE1KRIH2woUGHATfXBCf5a
|
||||
+e41wJzz7YHl5tjyxAbJ9PET52N14G73WoZKHu3QPShALrZVfjsk1oYdFvNdOBDL
|
||||
uU0vpyKl7mJHno11gM0UM0s9PrMxk9ffdAqMyS8YeLEk2Xl3AwPv7m9oeGIdSD/P
|
||||
okcISYcm4YAl5veqIG3RlkfpWjf5G15UYyLbgmn4GOkgr6ksB/dCFOMi9V1LjPah
|
||||
32A7gxqTlapQza+wNs30SYBIXrFde4bNnhFhj4Cbt34ADefWm26KLiZEHFHFN30Z
|
||||
IownitXz3rT7rmzBAgMBAAECggGBAK6bBA88dGWnM4rF42gDbFK6GPqdCp3+zuQR
|
||||
AHCIXrzT+aInV3L/Ubt730eyYWZusleGEGSQiB/PjAxjC+teWpXPjXPK1o4DQ5Rh
|
||||
trn9EuVB1LlOaaMmNqCYQdJ0uH6YGL0WtuXPEvBGcvTXA8MfQACPtFiN+M9XzBlT
|
||||
LgiW51DEHhJhEWl9J5VOXGXdaKru893kxFLgkrPI9jZQ2NPPrlxB0qE0csKBy8R1
|
||||
zRp9s2FWRAFBg2gYdOwFiPLGkO8rbM+jhXM+IUV1GgVYdxAC6zS9AiIAWuACDEwp
|
||||
Pzg3d3/5uyOFK1xTIPl/cG8CZyPQL1v/mUx0MZFaB1R1CVeDuMoFVz2YSbEaAVFv
|
||||
QIcJGDN/WlJbt0jwj7/RJKKTx0ipFlUdNbodzdaSl3Yg4N+evzR1nS8DvLJpwl/e
|
||||
ybu40IbavwYXWVzirH3wRg+P/NDsHLU5xASAyUwf1minsmObILayEZgfTA6TbrKL
|
||||
fZbJCvy2/IuCM6iqKZwSvYy0bJdaAQKBwQDzDVa/M4/sJV0GEbwegeN6Xf+XKkl3
|
||||
Gosjd+vQgv/0X1gbdMc0Ej9eYSU5/GYIHxDzDRkYIxtIfwaze1gGeNRHycMCmVkl
|
||||
09DMi48jLGE7wzObPu6MtBCSAGHaS9zMTVCYDYtRlykPzG2/1QNrRUDNACnpzneK
|
||||
MkWObzFYTIup1zh+JaD56vLIDdL7qM9apmEkq4O6y1BBPnCgRYJy5EU3BDZxz9fP
|
||||
47JtCZ47uVguoh/NVYY5uibdvI5iJ4SA/VECgcEA13srpwJppfTTFPRWgD+g7PdU
|
||||
Yg+ENBWygiJuwgGv6DyD4k73pxiyshNo7jxsdOLeGFA8hI3dvd/Ei6uUsGnWPy/a
|
||||
OwuBcOZrJZjyawNSiC+mrCSP0LGQrC5VjmuE8IU1d2hFWyV/NzkSLaXJ52Zkg3ee
|
||||
sSepBHtWEYpwH929u5FTKDKhL0qRH8E1EsULSjmkTa+cVDYgx8+2mb3vHRdJdvt3
|
||||
FZU9erKyDb4II5GJhyNQo/cxBosDzj4yIMKM/dxxAoHAE1r1lIZjqLeU/927sGZB
|
||||
mkYQC5a3gP+hIvLy2YkFHw3Us2MKVhA58ack0shRy8XFkMVzQSPSkWRkQTjKWsGW
|
||||
jhz4JaXWnpeOoite+7sWBy9VVcCeOKBCTY4wPLUb4T0q9ODnPlkeUP7Doqow+oLq
|
||||
VSj1LYReqqe0OFKMiG6YFK9p9UnD1wMp0FqheZ8I3DwxsjziYaa9PmTdjTXb3JBn
|
||||
Hql8OHYHxqtoUxyX+EObTSNmCvELnl8/pxrT7+cbuzXxAoHAfmNYb1US8qxvQtMu
|
||||
CXtIwLUxYXMIcCRp17qqjFDBBM657Hu09uWdqqWH3nTCiKyo6EnntTgg38XoWqQB
|
||||
SphJejZvIkLVYYtFPYBAcFQ6jHampEGtuRLtcJCczjRyfUEk4yzdwWB1BccLyop7
|
||||
qqZ8PkBjbDV/BYnyKcexjH9bUjEjPWi08jAifyWsI54/yQGWRZrDbwFwqMJEsFif
|
||||
b8jA5nEIoDgxH07A8R6NV499wy4LlqDeuJ/BU69XZ6+1UxGBAoHAXfb9t5ivdf9N
|
||||
ZbZj61GcrDLyYGDTotucy8HPNMr5P3ZmBR/5UzClpCbWVSaziK3CKzR0zURLw0W7
|
||||
rF4CySTjuD9FHOFFWjjlkS4KwOyYiy8fuMMLg1RmsCS8H+0L3Pm25PmRQ9TLjEf4
|
||||
0uFWf7fG4GQiciqGcvfaFH3w//d0Q7PSvIMNlM1Gc7JS1Qn4HoDF2Ux6drNb6nJL
|
||||
l6tdXNMkUFHBMtaQy0l9D/ex5NZlAniePT3xfMrQf6m0rVAAaAY0
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIOvP45grF4dSM2fWbOAp4W8PgFm30HIZqtNEK13O5hVHoAoGCCqGSM49
|
||||
AwEHoUQDQgAE1IL73BARrNpkHj1jG50eHoF2LERCwz1BfbshuAeLcsED5aT92Xgu
|
||||
gJvq45LN9p6eBi62ZZwr6Z2ZfX3YB3/8KA==
|
||||
-----END EC PRIVATE KEY-----
|
||||
Ładowanie…
Reference in New Issue