HaaS100 OTA firmware verification function

Others 2021-03-21 15:46:20 views: null

1 Overview

This article mainly introduces the function of HaaS100 to verify the upgraded firmware to prevent the upgrade of illegal firmware; as shown in the flow chart below, when the user turns on the security upgrade function of the Alibaba Cloud IoT platform, the corresponding product starts the security for this product For the upgrade function, the cloud will perform secret key and public key management on the upgraded firmware of this product, and digitally sign the firmware of this product; the corresponding device side will use the public key pair obtained from the cloud during the OTA process to upgrade The firmware verifies the digital signature; the user does not need to manage the public and private keys in the entire process, and it is also very convenient to use. The following figure shows the HaaS100 security upgrade flow chart:

 

 

2. Use process

2.1. Open the cloud security upgrade function and obtain the public key

 

2.2. Embed the public key into the code

As shown in step 1, the public key obtained through the copy button is embedded in the AliOS-Things/components/dm/ota/hal/ota_hal_digest.c file, covering the following two arrays:

/* RSA Public Key:User needs sign in alibaba cloud to get and replace them. */

static const unsigned char ota_pubn_buf[256];

static const unsigned char ota_pube_buf[3];

 

2.3. Compile and burn the basic firmware to HaaS100

  • Choose app and board
    HaaS 100 is equipped with AliOS Things Internet of Things operating system, and the compilation environment supports windows, linux and mac. The following introduces the use process based on the linux environment. Take ota_demo as an example to introduce how to use the firmware verification of HaaS 100;
    input the command:
# 清除之前配置

$ aos make distclean

# 配置app为ota_demo,board为haas100

$ aos make ota_demo@haas100 -c config

 

  • Configure the firmware version number.
    Enter the command: aos make menuconfig, as shown in the figure below:
    Selection order: Application Configuration -> Firmware Version Modify the version number according to requirements, such as app-1.0.0, etc.
  • Select OTA components and functions.
    Since AliOS Things end-side supports the function of verifying firmware by default, there is no need to configure here, just use the default configuration of OTA;
  • Start to compile the firmware and burn the
    compilation command: aos make After the compilation is complete, the generated firmware is in the platform/mcu/haas1000/release/write_flash_gui/ota_bin directory; according to the previous burning document, first burn the firmware to the HaaS 100 board , Restart the board, open the serial port terminal, configure the serial port baud rate: 1500000 , connect to the terminal;
  • Set the device quadruple and the network to connect to the cloud.
    If you use the board for the first time, you need to configure the device quadruple. Enter: identity set pk ps dn ds in the terminal. After the input is successful, you do not need to enter it again, and then configure the network: in the terminal Input: netmgr -t wifi -c wifi_ssid wifi_password After successfully connecting to the Internet, log in to the IoT platform and you can see that the corresponding device is online:

 

 

2.4. Compile the cloud firmware and cloud operation

After the local burning is completed, you need to make a high version firmware and upload it to the cloud, and complete the firmware upgrade through cloud operations. Therefore, you need to modify the firmware version number according to the method of modifying the version number in step 3. Others do not need to be modified, and then compile to generate a high version. Version of the firmware, and then log in to the Internet of Things platform platform, follow the sequence of operations as shown below:

After clicking add firmware , upload platform/mcu/haas1000/release/write_flash_gui/ota_bin/ota_bin/ota_rtos_ota.bin to the cloud as shown below:

 

After clicking OK, select verify firmware to start the firmware upgrade;


2.5. Verification of upgrade results    


After completing the above steps, the digital signature verification of the firmware can be completed to realize the firmware upgrade. The log on the end side is as shown in the figure below:

 

If the security upgrade is enabled, but HaaS100 does not have an embedded public key, what will happen if the upgrade is triggered? The answer is that HaaS100 will fail to verify the digital signature, and the firmware upgrade is prohibited. The log on the end-side will be as shown in the figure below:

The results of the cloud upgrade can be obtained by clicking "View"; for the OTA operation of the IoT platform, please refer to the document Alibaba Cloud IoT Platform Firmware Upgrade Document

Note: Before doing OTA, make sure the device is connected to the cloud

 

Developer technical support

If you need more technical support, you can join the DingTalk developer group, or follow the WeChat public account

For more technology and solution introduction, please visit the Aliyun AIoT homepage https://iot.aliyun.com/

 

Guess you like

Origin blog.csdn.net/HaaSTech/article/details/115027698
Recommended
Ranking
[Nodejs] Native nodejs routing, getting parameters, static directory
Introduction and use of the datetime module in python - used to process date and time, calculate time intervals, etc.
Java bytecode decompiler in IntelliJIDEA for Scala
Resolved local variable 'str' referenced before assignment
Transformer Vision (2) || ViT-B/16 network structure
Translation: The most impressive YouTube channel that allows you to learn AI, machine learning and data science
gRPC- interceptor simple to use
Fortunately, three times faster investment has been lost how to do? There Baoying tutor you fly 69,937,609
Using Django to create a new project in the Windows10 environment gives an error [django-admin.py: The "django-admin.py" item cannot be recognized as the name of a cmdlet, function, script file, or executable program. 】
What should I do if I need to prepare the product standard
Daily
More
2024-06-05(0)
2024-06-04(0)
2024-06-03(1)
2024-06-02(0)
2024-06-01(1)
2024-05-31(1)
2024-05-30(0)
2024-05-29(1)
2024-05-28(1)
2024-05-27(1)

Code World

© 2018 codetd.com