Skip to content

Commit 1cd84f6

Browse files
Jason2866Jason2866
authored
Update Update.h
1 parent c0a8a02 commit 1cd84f6

File tree

1 file changed

+70
-2
lines changed

1 file changed

+70
-2
lines changed

libraries/Update/src/Update.h

Lines changed: 70 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,14 +25,23 @@
2525
#define UPDATE_ERROR_NO_PARTITION (10)
2626
#define UPDATE_ERROR_BAD_ARGUMENT (11)
2727
#define UPDATE_ERROR_ABORT (12)
28+
#define UPDATE_ERROR_DECRYPT (13)
2829

2930
#define UPDATE_SIZE_UNKNOWN 0xFFFFFFFF
3031

3132
#define U_FLASH 0
3233
#define U_SPIFFS 100
3334
#define U_AUTH 200
3435

35-
#define ENCRYPTED_BLOCK_SIZE 16
36+
#define ENCRYPTED_BLOCK_SIZE 16
37+
#define ENCRYPTED_TWEAK_BLOCK_SIZE 32
38+
#define ENCRYPTED_KEY_SIZE 32
39+
40+
#define U_AES_DECRYPT_NONE 0
41+
#define U_AES_DECRYPT_AUTO 1
42+
#define U_AES_DECRYPT_ON 2
43+
#define U_AES_DECRYPT_MODE_MASK 3
44+
#define U_AES_IMAGE_DECRYPTING_BIT 4
3645

3746
#define SPI_SECTORS_PER_BLOCK 16 // usually large erase block is 32k/64k
3847
#define SPI_FLASH_BLOCK_SIZE (SPI_SECTORS_PER_BLOCK * SPI_FLASH_SEC_SIZE)
@@ -54,6 +63,17 @@ class UpdateClass {
5463
*/
5564
bool begin(size_t size = UPDATE_SIZE_UNKNOWN, int command = U_FLASH, int ledPin = -1, uint8_t ledOn = LOW, const char *label = NULL);
5665

66+
#ifndef UPDATE_NOCRYPT
67+
/*
68+
Setup decryption configuration
69+
Crypt Key is 32bytes(256bits) block of data, use the same key as used to encrypt image file
70+
Crypt Address, use the same value as used to encrypt image file
71+
Crypt Config, use the same value as used to encrypt image file
72+
Crypt Mode, used to select if image files should be decrypted or not
73+
*/
74+
bool setupCrypt(const uint8_t *cryptKey = 0, size_t cryptAddress = 0, uint8_t cryptConfig = 0xf, int cryptMode = U_AES_DECRYPT_AUTO);
75+
#endif /* UPDATE_NOCRYPT */
76+
5777
/*
5878
Writes a buffer to the flash and increments the address
5979
Returns the amount written
@@ -81,6 +101,32 @@ class UpdateClass {
81101
*/
82102
bool end(bool evenIfRemaining = false);
83103

104+
#ifndef UPDATE_NOCRYPT
105+
/*
106+
sets AES256 key(32 bytes) used for decrypting image file
107+
*/
108+
bool setCryptKey(const uint8_t *cryptKey);
109+
110+
/*
111+
sets crypt mode used on image files
112+
*/
113+
bool setCryptMode(const int cryptMode);
114+
115+
/*
116+
sets address used for decrypting image file
117+
*/
118+
void setCryptAddress(const size_t cryptAddress) {
119+
_cryptAddress = cryptAddress & 0x00fffff0;
120+
}
121+
122+
/*
123+
sets crypt config used for decrypting image file
124+
*/
125+
void setCryptConfig(const uint8_t cryptConfig) {
126+
_cryptCfg = cryptConfig & 0x0f;
127+
}
128+
#endif /* UPDATE_NOCRYPT */
129+
84130
/*
85131
Aborts the running update
86132
*/
@@ -95,8 +141,13 @@ class UpdateClass {
95141

96142
/*
97143
sets the expected MD5 for the firmware (hexString)
144+
If calc_post_decryption is true, the update library will calculate the MD5 after the decryption, if false the calculation occurs before the decryption
98145
*/
99-
bool setMD5(const char *expected_md5);
146+
bool setMD5(const char *expected_md5
147+
#ifndef UPDATE_NOCRYPT
148+
, bool calc_post_decryption = true
149+
#endif /* #ifdef UPDATE_NOCRYPT */
150+
);
100151

101152
/*
102153
returns the MD5 String of the successfully ended firmware
@@ -193,13 +244,21 @@ class UpdateClass {
193244
private:
194245
void _reset();
195246
void _abort(uint8_t err);
247+
#ifndef UPDATE_NOCRYPT
248+
void _cryptKeyTweak(size_t cryptAddress, uint8_t *tweaked_key);
249+
bool _decryptBuffer();
250+
#endif /* UPDATE_NOCRYPT */
196251
bool _writeBuffer();
197252
bool _verifyHeader(uint8_t data);
198253
bool _verifyEnd();
199254
bool _enablePartition(const esp_partition_t *partition);
200255
bool _chkDataInBlock(const uint8_t *data, size_t len) const; // check if block contains any data or is empty
201256

202257
uint8_t _error;
258+
#ifndef UPDATE_NOCRYPT
259+
uint8_t *_cryptKey;
260+
uint8_t *_cryptBuffer;
261+
#endif /* UPDATE_NOCRYPT */
203262
uint8_t *_buffer;
204263
uint8_t *_skipBuffer;
205264
size_t _bufferLen;
@@ -211,10 +270,19 @@ class UpdateClass {
211270
const esp_partition_t *_partition;
212271

213272
String _target_md5;
273+
#ifndef UPDATE_NOCRYPT
274+
bool _target_md5_decrypted = true;
275+
#endif /* UPDATE_NOCRYPT */
214276
MD5Builder _md5;
215277

216278
int _ledPin;
217279
uint8_t _ledOn;
280+
281+
#ifndef UPDATE_NOCRYPT
282+
uint8_t _cryptMode;
283+
size_t _cryptAddress;
284+
uint8_t _cryptCfg;
285+
#endif /* UPDATE_NOCRYPT */
218286
};
219287

220288
#if !defined(NO_GLOBAL_INSTANCES) && !defined(NO_GLOBAL_UPDATE)

0 commit comments

Comments
 (0)