From 5c72e524072dc131c4b78945d9fa3e1eb2af7850 Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Tue, 28 May 2024 19:45:10 -0400 Subject: [PATCH 1/5] remove arduino ide support --- .github/workflows/main.yml | 1 - noisemeter-device/BUILD.md | 14 ++-------- noisemeter-device/Doxyfile | 2 +- noisemeter-device/board.h | 6 +--- noisemeter-device/config.h.example | 37 ------------------------- noisemeter-device/noisemeter-device.ino | 5 +--- noisemeter-device/storage.cpp | 1 - platformio.ini | 11 ++++++-- 8 files changed, 15 insertions(+), 62 deletions(-) delete mode 100644 noisemeter-device/config.h.example diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b8be3a9..175e870 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -25,7 +25,6 @@ jobs: - name: Create header files run: | cp "${GITHUB_WORKSPACE}/.github/workflows/dummy_priv_key.pem" "${GITHUB_WORKSPACE}/priv_key.pem" - cp "${GITHUB_WORKSPACE}/noisemeter-device/config.h.example" "${GITHUB_WORKSPACE}/noisemeter-device/config.h" python "${GITHUB_WORKSPACE}/noisemeter-device/certs.py" -s api.tracket.info > "${GITHUB_WORKSPACE}/noisemeter-device/certs.h" - name: Build PlatformIO Project (esp32-pcb) diff --git a/noisemeter-device/BUILD.md b/noisemeter-device/BUILD.md index 06ea8ac..1610199 100644 --- a/noisemeter-device/BUILD.md +++ b/noisemeter-device/BUILD.md @@ -7,9 +7,7 @@ python certs.py -s api.tracket.info > certs.h ``` -2. Copy `config.h.example` to `config.h`; if compiling with the Arduino IDE, edit the file to select your board type. - -## Code compiling and upload +## Code compilation and upload ### PlatformIO @@ -19,14 +17,6 @@ python certs.py -s api.tracket.info > certs.h 3. Run `pio run -t upload` to upload to the device (this also compiles the code if there have been any changes). -### Arduino - -1. Install the Arduino IDE and [follow these instructions](https://docs.espressif.com/projects/arduino-esp32/en/latest/installing.html) to add support for ESP32 microcontrollers. - -2. Under "Tools" > "Board: " > "ESP32 Arduino", select either "ESP32C3 Dev Module" for the PCB boards or "ESP32-WROOM-DA Module" for the ESP32 breadboard prototype. - -3. Compile the sketch and upload it to the device. - ## HMAC encryption key Data stored on the device (e.g. WiFi credentials) are encrypted with an "eFuse" key. This key can only be written once, and is not be read or written after that. @@ -38,6 +28,8 @@ dd if=/dev/urandom of=hmac_key bs=1 count=32 pio pkg exec -- espefuse.py --port /dev/ttyACM0 burn_key BLOCK4 hmac_key HMAC_UP ``` +**Please generate a unique hmac_key for each device.** + ## Enable secure download mode Enabling secure download mode prevents users from using USB/serial download mode to dump memory contents (WiFi credentials and API token): diff --git a/noisemeter-device/Doxyfile b/noisemeter-device/Doxyfile index c0f8f74..29d9bfc 100644 --- a/noisemeter-device/Doxyfile +++ b/noisemeter-device/Doxyfile @@ -1003,7 +1003,7 @@ RECURSIVE = YES # Note that relative paths are relative to the directory from which doxygen is # run. -EXCLUDE = doc certs.h secret.h config.h +EXCLUDE = doc certs.h secret.h # The EXCLUDE_SYMLINKS tag can be used to select whether or not files or # directories that are symbolic links (a Unix file system feature) are excluded diff --git a/noisemeter-device/board.h b/noisemeter-device/board.h index 66259fe..43abbe8 100644 --- a/noisemeter-device/board.h +++ b/noisemeter-device/board.h @@ -3,7 +3,7 @@ /// /// Each supported board must have a defined section here to specify the /// hardware pins and peripherals being used. Selecting a board for -/// compilation is done either through PlatformIO or config.h. +/// compilation is done through PlatformIO. /* noisemeter-device - Firmware for CivicTechTO's Noisemeter Device * Copyright (C) 2024 Clyne Sullivan, Nick Barnard * @@ -23,8 +23,6 @@ #ifndef BOARD_H #define BOARD_H -#include "config.h" - #undef SERIAL #if defined(BOARD_ESP32_PCB) @@ -52,10 +50,8 @@ /** Serial instance to use for logging output. */ #define SERIAL USBSerial -#if defined(BUILD_PLATFORMIO) #include extern HWCDC USBSerial; -#endif #elif defined(BOARD_ESP32_BREADBOARD) diff --git a/noisemeter-device/config.h.example b/noisemeter-device/config.h.example deleted file mode 100644 index cf2528d..0000000 --- a/noisemeter-device/config.h.example +++ /dev/null @@ -1,37 +0,0 @@ -/* noisemeter-device - Firmware for CivicTechTO's Noisemeter Device - * Copyright (C) 2024 Clyne Sullivan, Nick Barnard - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ -#ifndef CONFIG_H -#define CONFIG_H - -// Uncomment to print credentials over serial (for debugging). -//#define STORAGE_SHOW_CREDENTIALS - -// Uncomment to print verbose API logging over serial (for debugging). -//#define API_VERBOSE - -// Define only *one* of the follwoing board options. -// If using PlatformIO, the selected 'env' will override this selection. -#if !defined(BOARD_ESP32_PCB) && \ - !defined(BOARD_ESP32_BREADBOARD) - -//#define BOARD_ESP32_PCB -//#define BOARD_ESP32_BREADBOARD - -#endif // BOARD_* - -#endif // CONFIG_H - diff --git a/noisemeter-device/noisemeter-device.ino b/noisemeter-device/noisemeter-device.ino index 08b47c3..26442f3 100644 --- a/noisemeter-device/noisemeter-device.ino +++ b/noisemeter-device/noisemeter-device.ino @@ -34,13 +34,10 @@ #include #include -#if defined(BUILD_PLATFORMIO) && defined(BOARD_ESP32_PCB) +#ifdef BOARD_ESP32_PCB HWCDC USBSerial; #endif -// Uncomment these to disable WiFi and/or data upload -//#define UPLOAD_DISABLED - /** Maximum number of seconds to wait for successful WiFi connection. */ constexpr auto WIFI_CONNECT_TIMEOUT_SEC = MIN_TO_SEC(2); /** Maximum number of seconds to try making new WiFi connection. */ diff --git a/noisemeter-device/storage.cpp b/noisemeter-device/storage.cpp index 2d99aef..6e9bd8f 100644 --- a/noisemeter-device/storage.cpp +++ b/noisemeter-device/storage.cpp @@ -14,7 +14,6 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ -#include "config.h" #include "storage.h" #include diff --git a/platformio.ini b/platformio.ini index f843391..00af025 100644 --- a/platformio.ini +++ b/platformio.ini @@ -25,11 +25,18 @@ build_unflags = -std=gnu++11 build_flags = -std=gnu++17 - -DBUILD_PLATFORMIO -DNO_GLOBAL_EEPROM - -DNOISEMETER_VERSION=\"0.2.0\" + -DNOISEMETER_VERSION=\"0.2.0\" -Wall -Wextra +# Optional build flags: +# Print credentials over serial (for debugging): +# -DSTORAGE_SHOW_CREDENTIALS +# Print verbose API logging over serial (for debugging): +# -DAPI_VERBOSE +# Disable WiFi and data upload: +# -DUPLOAD_DISABLED + [env:esp32-pcb] board = esp32-c3-devkitm-1 board_build.f_cpu = 80000000L From 462c98c2a0d9efa6ea3451d59954bba72bc20c64 Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Tue, 29 Oct 2024 19:38:40 -0400 Subject: [PATCH 2/5] oops, fix platformio-only --- .github/workflows/main.yml | 1 - platformio.ini | 8 ++++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index da55a42..1e861c1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,7 +24,6 @@ jobs: - name: Create header files run: | - cp "${GITHUB_WORKSPACE}/noisemeter-device/config.h.example" "${GITHUB_WORKSPACE}/noisemeter-device/config.h" python "${GITHUB_WORKSPACE}/noisemeter-device/certs.py" -s api.tracket.info > "${GITHUB_WORKSPACE}/noisemeter-device/certs.h" - name: Build PlatformIO Project (esp32-pcb) diff --git a/platformio.ini b/platformio.ini index 440d770..0e9dd97 100644 --- a/platformio.ini +++ b/platformio.ini @@ -29,6 +29,14 @@ build_flags = -DNOISEMETER_VERSION=\"0.2.2\" -Wall -Wextra +# Optional build flags: +# Print credentials over serial (for debugging): +# -DSTORAGE_SHOW_CREDENTIALS +# Print verbose API logging over serial (for debugging): +# -DAPI_VERBOSE +# Disable WiFi and data upload: +# -DUPLOAD_DISABLED + [env:esp32-pcb] board = esp32-c3-devkitm-1 board_build.f_cpu = 80000000L From 7e105db9d95d6d202f6a859fad68ebdd8450bc54 Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Tue, 29 Oct 2024 19:54:53 -0400 Subject: [PATCH 3/5] update readmes --- README.md | 4 ++-- noisemeter-device/BUILD.md | 26 ++++++++++++-------------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 7f98050..e956b59 100644 --- a/README.md +++ b/README.md @@ -29,12 +29,12 @@ The source code is released under the [GNU GPL v3 license](/noisemeter-device/LI ## Hardware Files -The [hardware](/hardware) folder contains design files and documentation for each iteration of the noisemeter hardware. The PCBs are designed using [KiCAD](https://www.kicad.org/). +The [hardware](/hardware) folder contains design files and documentation for each iteration of the sensor hardware. The PCBs are designed using [KiCAD](https://www.kicad.org/). The hardware design files are released under an [open hardware license](/hardware/pcb-rev2/LICENSE). ## For Developers -* Check out the [Issues page](https://github.com/CivicTechTO/proj-noisemeter-device/issues) to see current bugs and feature requests. Any contributions are welcome! +* Check out the [Issues page](https://github.com/CivicTechTO/tRacket-sensor/issues) to see current bugs and feature requests. Any contributions are welcome! * Online documentation of the firmware [is available here](https://civictechto.github.io/tRacket-sensor/). diff --git a/noisemeter-device/BUILD.md b/noisemeter-device/BUILD.md index 1610199..9cfa351 100644 --- a/noisemeter-device/BUILD.md +++ b/noisemeter-device/BUILD.md @@ -9,8 +9,6 @@ python certs.py -s api.tracket.info > certs.h ## Code compilation and upload -### PlatformIO - 1. [Install PlatformIO](https://platformio.org/install). 2. Run `pio run` to compile for the PCB. A breadboard target is available too: `pio run -e esp32-breadboard`. @@ -19,15 +17,16 @@ python certs.py -s api.tracket.info > certs.h ## HMAC encryption key -Data stored on the device (e.g. WiFi credentials) are encrypted with an "eFuse" key. This key can only be written once, and is not be read or written after that. - -Using PlatformIO: +Data stored on the device (e.g. WiFi credentials) are encrypted with an "eFuse" key. This key can only be configured once, and cannot be read or written after that. ```bash dd if=/dev/urandom of=hmac_key bs=1 count=32 pio pkg exec -- espefuse.py --port /dev/ttyACM0 burn_key BLOCK4 hmac_key HMAC_UP +rm hmac_key ``` +This is done in the `bringup.sh` script that is used to program new sensors. + **Please generate a unique hmac_key for each device.** ## Enable secure download mode @@ -46,21 +45,20 @@ pio pkg exec -- esptool.py write_flash 0x10000 .pio/build/esp32-pcb/firmware.bin ## Signing OTA updates -A 4096-bit RSA key is used to sign OTA updates. Whoever controls the private OTA signing key can create a public key with this command and include its contents in `noisemeter_device/ota_update.cpp`: +OTA updates must be signed for deployed tRacket sensors to accept them. The +GitHub repo is configured to automatically sign firmware updates when releases +are published. -```bash -openssl rsa -in priv_key.pem -pubout > rsa_key.pub -``` +Signing requires a 4096-bit RSA key. To sign an update (assuming you have the +private key), run `pio run -t ota`. -They may also sign a firmware update with these commands (the signature is prepended to the firmware binary): +The public key is to be stored in `noisemeter_device/ota_update.cpp`. To obtain +the public key (assuming you have the private key), run: ```bash -openssl dgst -sign priv_key.pem -keyform PEM -sha256 -out firmware.sign -binary .pio/build/esp32-pcb/firmware.bin -cat firmware.sign .pio/build/esp32-pcb/firmware.bin > firmware_signed.bin +openssl rsa -in priv_key.pem -pubout > rsa_key.pub ``` -`firmware_signed.bin` is then uploaded to the OTA server. - ## Operation Overview: * After initial programming or a factory reset, the device will enter Hotspot mode once it is powered on. This is indicated by a blinking LED. From ae219854a5ab176fff61edd7516a86931db54afb Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Sat, 2 Nov 2024 06:28:27 -0400 Subject: [PATCH 4/5] ota-release: remove config.h --- .github/workflows/ota-release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ota-release.yml b/.github/workflows/ota-release.yml index 39214f9..6424ebb 100644 --- a/.github/workflows/ota-release.yml +++ b/.github/workflows/ota-release.yml @@ -29,7 +29,6 @@ jobs: OTA_KEY: ${{ secrets.OTA_SIGNING_KEY }} run: | echo "$OTA_KEY" > "${GITHUB_WORKSPACE}/priv_key.pem" - cp "${GITHUB_WORKSPACE}/noisemeter-device/config.h.example" "${GITHUB_WORKSPACE}/noisemeter-device/config.h" python "${GITHUB_WORKSPACE}/noisemeter-device/certs.py" -s api.tracket.info > "${GITHUB_WORKSPACE}/noisemeter-device/certs.h" - name: Build signed firmware From bd9d926072fa7a72778960195b02187ea6559943 Mon Sep 17 00:00:00 2001 From: Clyne Sullivan Date: Sat, 2 Nov 2024 06:30:36 -0400 Subject: [PATCH 5/5] platformio.ini: fix whitespace --- platformio.ini | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/platformio.ini b/platformio.ini index 0e9dd97..18acf4b 100644 --- a/platformio.ini +++ b/platformio.ini @@ -26,7 +26,7 @@ build_unflags = build_flags = -std=gnu++17 -DNO_GLOBAL_EEPROM - -DNOISEMETER_VERSION=\"0.2.2\" + -DNOISEMETER_VERSION=\"0.2.2\" -Wall -Wextra # Optional build flags: @@ -47,3 +47,4 @@ build_flags = ${env.build_flags} -DBOARD_ESP32_PCB [env:esp32-breadboard] board = upesy_wroom build_flags = ${env.build_flags} -DBOARD_ESP32_BREADBOARD +