Skip to content

Commit

Permalink
Merge branch 'bugfix/preencrypted_ota_failed_with_partial_download' i…
Browse files Browse the repository at this point in the history
…nto 'master'

fix(esp_https_ota): fix preencrypted ota failed with pytest server and partial http enabled

Closes IDF-8112

See merge request espressif/esp-idf!25791
  • Loading branch information
mahavirj committed Oct 13, 2023
2 parents d7632db + 44cbb8b commit ee43513
Show file tree
Hide file tree
Showing 5 changed files with 85 additions and 3 deletions.
1 change: 1 addition & 0 deletions components/esp_https_ota/include/esp_https_ota.h
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ typedef struct {
#if CONFIG_ESP_HTTPS_OTA_DECRYPT_CB
decrypt_cb_t decrypt_cb; /*!< Callback for external decryption layer */
void *decrypt_user_ctx; /*!< User context for external decryption layer */
uint16_t enc_img_header_size; /*!< Header size of pre-encrypted ota image header */
#endif
} esp_https_ota_config_t;

Expand Down
20 changes: 18 additions & 2 deletions components/esp_https_ota/src/esp_https_ota.c
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ struct esp_https_ota_handle {
#if CONFIG_ESP_HTTPS_OTA_DECRYPT_CB
decrypt_cb_t decrypt_cb;
void *decrypt_user_ctx;
uint16_t enc_img_header_size;
#endif
};

Expand Down Expand Up @@ -323,6 +324,11 @@ esp_err_t esp_https_ota_begin(const esp_https_ota_config_t *ota_config, esp_http
}

https_ota_handle->image_length = esp_http_client_get_content_length(https_ota_handle->http_client);
#if CONFIG_ESP_HTTPS_OTA_DECRYPT_CB
/* In case of pre ecnrypted OTA, actual image size of OTA binary includes header size
which stored in variable enc_img_header_size*/
https_ota_handle->image_length -= ota_config->enc_img_header_size;
#endif
esp_http_client_close(https_ota_handle->http_client);

if (https_ota_handle->image_length > https_ota_handle->max_http_request_size) {
Expand All @@ -349,6 +355,11 @@ esp_err_t esp_https_ota_begin(const esp_https_ota_config_t *ota_config, esp_http

if (!https_ota_handle->partial_http_download) {
https_ota_handle->image_length = esp_http_client_get_content_length(https_ota_handle->http_client);
#if CONFIG_ESP_HTTPS_OTA_DECRYPT_CB
/* In case of pre ecnrypted OTA, actual image size of OTA binary includes header size
which stored in variable enc_img_header_size*/
https_ota_handle->image_length -= ota_config->enc_img_header_size;
#endif
}

https_ota_handle->update_partition = NULL;
Expand Down Expand Up @@ -376,6 +387,7 @@ esp_err_t esp_https_ota_begin(const esp_https_ota_config_t *ota_config, esp_http
}
https_ota_handle->decrypt_cb = ota_config->decrypt_cb;
https_ota_handle->decrypt_user_ctx = ota_config->decrypt_user_ctx;
https_ota_handle->enc_img_header_size = ota_config->enc_img_header_size;
#endif
https_ota_handle->ota_upgrade_buf_size = alloc_size;
https_ota_handle->bulk_flash_erase = ota_config->bulk_flash_erase;
Expand Down Expand Up @@ -584,10 +596,14 @@ esp_err_t esp_https_ota_perform(esp_https_ota_handle_t https_ota_handle)
if (handle->state == ESP_HTTPS_OTA_IN_PROGRESS && handle->image_length > handle->binary_file_len) {
esp_http_client_close(handle->http_client);
char *header_val = NULL;
int header_size = 0;
#if CONFIG_ESP_HTTPS_OTA_DECRYPT_CB
header_size = handle->enc_img_header_size;
#endif
if ((handle->image_length - handle->binary_file_len) > handle->max_http_request_size) {
asprintf(&header_val, "bytes=%d-%d", handle->binary_file_len, (handle->binary_file_len + handle->max_http_request_size - 1));
asprintf(&header_val, "bytes=%d-%d", handle->binary_file_len + header_size, (handle->binary_file_len + header_size + handle->max_http_request_size - 1));
} else {
asprintf(&header_val, "bytes=%d-", handle->binary_file_len);
asprintf(&header_val, "bytes=%d-", handle->binary_file_len + header_size);
}
if (header_val == NULL) {
ESP_LOGE(TAG, "Failed to allocate memory for HTTP header");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@ static esp_err_t _decrypt_cb(decrypt_cb_arg_t *args, void *user_ctx)
if (err != ESP_OK && err != ESP_ERR_NOT_FINISHED) {
return err;
}

static bool is_image_verified = false;
if (pargs.data_out_len > 0) {
args->data_out = pargs.data_out;
Expand Down Expand Up @@ -143,6 +144,7 @@ void pre_encrypted_ota_task(void *pvParameter)
#endif
.decrypt_cb = _decrypt_cb,
.decrypt_user_ctx = (void *)decrypt_handle,
.enc_img_header_size = esp_encrypted_img_get_header_size(),
};

esp_https_ota_handle_t https_ota_handle = NULL;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
# SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
# SPDX-License-Identifier: Unlicense OR CC0-1.0
import http.server
import multiprocessing
Expand Down Expand Up @@ -82,3 +82,47 @@ def test_examples_protocol_pre_encrypted_ota_example(dut: Dut) -> None:
dut.expect('Loaded app from partition at offset', timeout=30)
finally:
thread1.terminate()


@pytest.mark.esp32
@pytest.mark.ethernet_ota
@pytest.mark.parametrize('config', ['partial_download',], indirect=True)
def test_examples_protocol_pre_encrypted_ota_example_partial_request(dut: Dut) -> None:
server_port = 8001
# Size of partial HTTP request
request_size = int(dut.app.sdkconfig.get('EXAMPLE_HTTP_REQUEST_SIZE'))
# File to be downloaded. This file is generated after compilation
binary_file = os.path.join(dut.app.binary_path, enc_bin_name)
bin_size = os.path.getsize(binary_file)
http_requests = int((bin_size / request_size) - 1)
assert http_requests > 1

# Start server
thread1 = multiprocessing.Process(target=start_https_server, args=(dut.app.binary_path, '0.0.0.0', server_port))
thread1.daemon = True
thread1.start()

try:
dut.expect('Loaded app from partition at offset', timeout=30)
try:
ip_address = dut.expect(r'IPv4 address: (\d+\.\d+\.\d+\.\d+)[^\d]', timeout=30)[1].decode()
print('Connected to AP/Ethernet with IP: {}'.format(ip_address))
except pexpect.exceptions.TIMEOUT:
raise ValueError('ENV_TEST_FAILURE: Cannot connect to AP/Ethernet')
host_ip = get_host_ip4_by_dest_ip(ip_address)

dut.expect('Starting Pre Encrypted OTA example', timeout=30)
print('writing to device: {}'.format('https://' + host_ip + ':' + str(server_port) + '/' + enc_bin_name))
dut.write('https://' + host_ip + ':' + str(server_port) + '/' + enc_bin_name)
dut.expect('Magic Verified', timeout=30)
dut.expect('Reading RSA private key', timeout=30)

for _ in range(http_requests):
dut.expect('Connection closed', timeout=60)

dut.expect('upgrade successful. Rebooting', timeout=60)
# after reboot
dut.expect('Loaded app from partition at offset', timeout=30)

finally:
thread1.terminate()
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
CONFIG_EXAMPLE_FIRMWARE_UPGRADE_URL="FROM_STDIN"
CONFIG_EXAMPLE_SKIP_COMMON_NAME_CHECK=y
CONFIG_EXAMPLE_SKIP_VERSION_CHECK=y
CONFIG_EXAMPLE_OTA_RECV_TIMEOUT=3000
CONFIG_EXAMPLE_ENABLE_PARTIAL_HTTP_DOWNLOAD=y
CONFIG_LOG_DEFAULT_LEVEL_DEBUG=y

CONFIG_EXAMPLE_CONNECT_ETHERNET=y
CONFIG_EXAMPLE_CONNECT_WIFI=n
CONFIG_EXAMPLE_USE_INTERNAL_ETHERNET=y
CONFIG_EXAMPLE_ETH_PHY_IP101=y
CONFIG_EXAMPLE_ETH_MDC_GPIO=23
CONFIG_EXAMPLE_ETH_MDIO_GPIO=18
CONFIG_EXAMPLE_ETH_PHY_RST_GPIO=5
CONFIG_EXAMPLE_ETH_PHY_ADDR=1

CONFIG_MBEDTLS_TLS_CLIENT_ONLY=y
CONFIG_COMPILER_OPTIMIZATION_SIZE=y
CONFIG_EXAMPLE_CONNECT_IPV6=n

0 comments on commit ee43513

Please sign in to comment.