This component provides an API interface to decrypt data defined in "ESP Encrypted Image" format. This format is as specified at Image Format
This component can help in integrating pre encrypted firmware in over-the-air updates. Additionally, this component can also be used for other use-cases which requires addition of encryption layer for custom data.
typedef struct {
char magic[4];
char enc_gcm[384];
char iv[16];
char bin_size[4];
char auth[16];
char extra_header[88];
} pre_enc_bin_header;The above struct represents encrypted image header.
Note:
-
RSA-3072 key is provided to the tool externally. You can generate RSA key pair using following command:
openssl genrsa -out rsa_key/private.pem 3072 -
AES-GCM key and IV are generated by the tool itself.
This component also contains tool (esp_enc_img_gen.py) to generate encrypted images using RSA3072 public key.
python esp_enc_img_gen.py encrypt /path/to/input.bin /path/to/RSA-public-key /path/to/enc.bin
python esp_enc_img_gen.py decrypt /path/to/enc.bin /path/to/RSA-private-key /path/to/output.bin
To know more about the tool, use command:
python esp_enc_img-gen.py --help
To learn more about how to use this component, please check API Documentation from header file esp_encrypted_img.h