Merge branch '5-verify-image-on-update' into 'master'

Resolve "Verify image on update" Closes #5 See merge request !7

Merge branch '5-verify-image-on-update' into 'master'
Resolve "Verify image on update" Closes #5 See merge request !7
6f3da2b8 · Jacob Priddy · 3f750645 · a62570e2 · 6f3da2b8 · 6f3da2b8
Commit 6f3da2b8 authored May 21, 2020 by Jacob Priddy 👌
8 changed files
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,6 @@ docker-compose.yml

 build/
 cmake-build*
-sdkconfig
 sdkconfig.old
 .idea
+*.pem
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -23,6 +23,8 @@ build_esp32_application:
    - cp main/include/config.h.example main/include/config.h
    - /opt/esp/entrypoint.sh bash
    - idf.py build
+#    - echo "$SIGNING_KEY" | base64 -d -w 0 > decoded.pem
+#    - espsecure.py sign_data --keyfile decoded.pem --version 1 build/door-controller.bin
  artifacts:
    paths:
      - build/door-controller.bin

--- a/localflash.sh
+++ b/localflash.sh
+#!/bin/bash
+
+# Build and sign application
+idf.py build
+# sign partition table
+espsecure.py sign_data --keyfile "$1" --version 1 /project/build/partition_table/partition-table.bin
+# sign application
+espsecure.py sign_data --keyfile "$1" --version 1 /project/build/door-controller.bin
+
+# Erase entire flash contents, flash the device, and start a terminal to determine if it is working
+idf.py erase_flash flash monitor
--- a/main/CMakeLists.txt
+++ b/main/CMakeLists.txt
@@ -7,4 +7,4 @@ file(GLOB_RECURSE FILES ${APP_SRC}/*.c ${CONNECTOR_SRC}/*.c)

 idf_component_register(SRCS ${FILES} "main.c"
        INCLUDE_DIRS ${INCLUDE_DIR}
-        EMBED_TXTFILES "doorcode_root_cert.pem")
+        EMBED_TXTFILES "doorcode_root_cert.cert")
--- a/main/doorcode_root_cert.pem
+++ b/main/doorcode_root_cert.pem
--- a/main/src/connectors/esp32/esp_http.c
+++ b/main/src/connectors/esp32/esp_http.c
@@ -75,7 +75,7 @@ static esp_err_t http_event_handler(esp_http_client_event_t* evt)
 	return ESP_OK;
 }

-extern const char door_root_cert_pem_start[] asm("_binary_doorcode_root_cert_pem_start");
+extern const char door_root_cert_start[] asm("_binary_doorcode_root_cert_cert_start");

 static esp_http_client_config_t http_base_config;

@@ -84,7 +84,7 @@ static void door_http_fill_config(esp_http_client_config_t* config)
 	config->host = API_HOST;
 	config->port = API_PORT;
 	config->timeout_ms = API_TIMEOUT_MS;
-	config->cert_pem = door_root_cert_pem_start;
+	config->cert_pem = door_root_cert_start;
 #ifdef API_USE_SSL
 	config->transport_type = HTTP_TRANSPORT_OVER_SSL;
 #ifdef API_NO_NAME_VERIFY

--- a/sdkconfig
+++ b/sdkconfig
--- a/signature_verification_key.bin
+++ b/signature_verification_key.bin
+θ1dB(FYY%}Ww# *T^t0W6c;֬Gf=$?
\ No newline at end of file