1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
RIOT/examples/suit_update
Frederik Haxel 5ed0bafc92 examples, tests: Changes for the native64 board
- Adapted build system and test checks for the native boards to include native64
- Added `native64` to the same tests as `native`
2024-02-05 22:02:14 +01:00
..
tests-with-config examples, tests: Changes for the native64 board 2024-02-05 22:02:14 +01:00
coap_handler.c nanocoap: make use of coap_request_ctx_t 2022-07-17 14:29:39 +02:00
main.c examples, tests: Changes for the native64 board 2024-02-05 22:02:14 +01:00
Makefile examples, tests: Changes for the native64 board 2024-02-05 22:02:14 +01:00
Makefile.board.dep examples, tests: Changes for the native64 board 2024-02-05 22:02:14 +01:00
Makefile.ci Merge pull request #20300 from jparker324/stm32c0_and_nucleo_c031c6 2024-01-31 15:09:25 +00:00
Makefile.suit.custom examples, tests: Changes for the native64 board 2024-02-05 22:02:14 +01:00
native_steps.svg examples/suit_update: Add compatibility with native 2021-07-08 10:32:58 +02:00
README.hardware.md makefiles/suit: place keys in $XDG_DATA_HOME 2022-06-02 13:07:17 +02:00
README.md makefiles/suit: place keys in $XDG_DATA_HOME 2022-06-02 13:07:17 +02:00
README.native.md examples/suit_update: add vfs storage for native 2022-06-03 08:49:44 +02:00

Overview

This example shows how to integrate SUIT-compliant firmware updates into a RIOT application. It implements basic support of the SUIT architecture using the manifest format specified in draft-ietf-suit-manifest-09.

WARNING: This code should not be considered production ready for the time being. It has not seen much exposure or security auditing.

This document describes the preliminary requirements for using the SUIT workflow to update binaries on RIOT.

Table of Contents:

Prerequisites

  • Install python dependencies (only Python3.6 and later is supported):

    $ pip3 install --user cbor2 cryptography
    
  • Install aiocoap from the source

    $ pip3 install --user aiocoap[linkheader]>=0.4.1
    

    See the aiocoap installation instructions for more details.

  • add ~/.local/bin to PATH

    The aiocoap tools are installed to ~/.local/bin. Either add "export PATH=$PATH:~/.local/bin" to your ~/.profile and re-login, or execute that command in every shell you use for this tutorial.

  • Clone this repository:

    $ git clone https://github.com/RIOT-OS/RIOT
    $ cd RIOT
    
  • In all hardware-based setup below, ethos (EThernet Over Serial) is used to provide an IP link between the host computer and a board.

    Just build ethos and uhcpd with the following commands:

    $ make -C dist/tools/ethos clean all
    $ make -C dist/tools/uhcpd clean all
    

    It is possible to interact with the device over it's serial terminal as usual using make term, but that requires an already set up tap interface. See [update] for more information.

Key Management

SUIT keys consist of a private and a public key file, stored in $(SUIT_KEY_DIR). Similar to how ssh names its keyfiles, the public key filename equals the private key file, but has an extra .pub appended.

SUIT_KEY_DIR defaults to the keys/ folder in $XDG_DATA_HOME/RIOT (usually ~/.local/share/RIOT/keys).

If the chosen key doesn't exist, it will be generated automatically. That step can be done manually using the suit/genkey target.

Workflows

Two workflows are available with this example. The first one demonstrates the SUIT workflow on a RIOT native instance on Linux. The workflow described aims to update the firmware on real-world hardware.