Skip to content

Prepare signing before sketch is compiled #6287

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 12, 2019
Merged

Prepare signing before sketch is compiled #6287

merged 2 commits into from
Jul 12, 2019

Conversation

qistoph
Copy link
Contributor

@qistoph qistoph commented Jul 11, 2019

This makes the right value available in ARDUINO_SIGNING in the sketch.

The order of compilation makes the actual value of the define ARUDINO_SINGING inconsistently available to users. It might come in handy to check from user code if signature validation is enabled. This PR changes the moment in the build process the Updater_Signing.h file is updated.

Old order of build process:

  1. The core contains a place holder file "Updater_Signing.h" with #define ARDUINO_SIGNING 0, this file is always readily available.
  2. Compile sketch
  3. Compile libraries
  4. Enabling binary signing - generates "Updater_Signing.h" with #define ARDUINO_SIGNING 1.
  5. Compile core

If the sketch is build and no cache is available, ARDUINO_SIGNING will be 0 during sketch compilation (step 2). However, if the sketch is build again and a cache of the core is available, ARDUINO_SIGNING will be 1. This makes the resulting binary inconsistent, even though nothing's changed in the code.

Order after this PR:

  1. The core contains a place holder file "Updater_Signing.h" with #define ARDUINO_SIGNING 0, this file is always readily available.
  2. Enabling binary signing - generates "Updater_Signing.h" with #define ARDUINO_SIGNING 1.
  3. Compile sketch
  4. Compile libraries
  5. Compile core

Now the ARDUINO_SIGNING is already set to 1 in step 2, before compilation of the sketch.

Example sketch demonstrating ARDUINO_SIGNING usage.

Essential part of the example

  server.on("/", HTTP_GET, [&]() {
    String content;
    content += F("<html><body>");
    content += F("Signing is ");
    content += (ARDUINO_SIGNING ? F("enabled") : F("disabled"));
    content += F("<br/>");

    if(ARDUINO_SIGNING) {
      content += F("<a href=\"/pubkey\">Public key</a>");
    }

    content += F("</body></html>");
    server.send(200, PSTR("text/html"), content);
  });

  #if ARDUINO_SIGNING
  server.on("/pubkey", HTTP_GET, [&]() {
    server.send_P(200, PSTR("text/plain"), signing_pubkey, sizeof(signing_pubkey));
  });
  #endif

@qistoph
Prepare signing before sketch is compiled
4cbdbf0 
This makes the right value available in ARDUINO_SIGNING in the sketch.
@devyte devyte requested a review from earlephilhower July 12, 2019 03:51
earlephilhower
earlephilhower reviewed Jul 12, 2019
View reviewed changes
earlephilhower
earlephilhower reviewed Jul 12, 2019
View reviewed changes
earlephilhower
earlephilhower requested changes Jul 12, 2019
View reviewed changes
Copy link
Collaborator

@earlephilhower earlephilhower left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some tweaks needed to get it working stable through releases.

@earlephilhower earlephilhower merged commit 8b54339 into esp8266:master Jul 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@earlephilhower earlephilhower earlephilhower approved these changes

Assignees

@earlephilhower earlephilhower

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@qistoph @earlephilhower