- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
===
SDK: 2.1.
Tag: 920737.
app: OTA hello-sensor.
OTA firmware size ~ 25KB.
===
Question:
Can we use OTAFU (OTA-firmware upgrade) instead of Secure-OTAFU with version control upgrade?
which means, if users want to download a old OTA FW of which the version is 1.0 while in device FW,
of which the version is newer as 1.1; how to avoid this downloading?
Coz in built image, HelloSensor-BCM920737TAG_Q32-rom-ram-Wiced-release.ota.bin,
I didnt find the place storing version (like 1.1) and also no fixed position in ota firmware. So
we can not avoid user downloading old firmware? TKS
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Note that I confirmed that during an OTA update, the Major Version can only increment, not go backwards in order to support an older version of the firmware.
This is outlined within the WICED Secure Over-the-Air Firmware Upgrade Application Note (SDK 2.1 and TAG3 Board)
Verification will fail unless the following conditions are met:
- RSA verification must pass: access to the private key is required to create the new firmware image.
- The product ID of the new image must match that of the existing application.
- This requirement prevents the use of a correctly signed application built for a different product.
- The major version number must be the same or greater than that of the existing application.
- The major version should be increased when security vulnerabilities are fixed.
- This requirement prevents replacing the application with a version that has known security problems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check out this thread: WICED Smart BCM92073X OTA Firmware Upgrade (1)
The section on the "Modify Soure Code" discussed about how comparing of the version information of the fw image and ota image is done.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Boont,
I saw that link but it seems it's from secure-OTA and can not work on non-secure OTA.
I also made a test on OTAFW (non-secure) and modify device FW a old version compared
to OTA image and it still can allow downloading... is that right?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
boont, there is a correction,
I saw that link but it seems it's from secure-OTA and can not work on non-secure OTA.
I also made a test on OTAFW (non-secure) and modify device FW a NEW version compared
to OTA image and it still can allow downloading...it seems tool didnt check the version before downloading;
I use PC tool embedded in SDK2.1 ota folder.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Note that I confirmed that during an OTA update, the Major Version can only increment, not go backwards in order to support an older version of the firmware.
This is outlined within the WICED Secure Over-the-Air Firmware Upgrade Application Note (SDK 2.1 and TAG3 Board)
Verification will fail unless the following conditions are met:
- RSA verification must pass: access to the private key is required to create the new firmware image.
- The product ID of the new image must match that of the existing application.
- This requirement prevents the use of a correctly signed application built for a different product.
- The major version number must be the same or greater than that of the existing application.
- The major version should be increased when security vulnerabilities are fixed.
- This requirement prevents replacing the application with a version that has known security problems.