diff --git a/examples/protocols/mqtt/ssl_ds/CMakeLists.txt b/examples/protocols/mqtt/ssl_ds/CMakeLists.txt index e821859..144cf8b 100644 --- a/examples/protocols/mqtt/ssl_ds/CMakeLists.txt +++ b/examples/protocols/mqtt/ssl_ds/CMakeLists.txt @@ -9,4 +9,11 @@ set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_exam include($ENV{IDF_PATH}/tools/cmake/project.cmake) project(mqtt_ssl_ds) +# Flash the custom partition named `esp_secure_cert`. +set(partition esp_secure_cert) +idf_build_get_property(project_dir PROJECT_DIR) +set(image_file ${project_dir}/esp_secure_cert_data/${partition}.bin) +partition_table_get_partition_info(offset "--partition-name ${partition}" "offset") +esptool_py_flash_target_image(flash "${partition}" "${offset}" "${image_file}") + target_add_binary_data(${CMAKE_PROJECT_NAME}.elf "main/mosquitto.org.crt" TEXT) diff --git a/examples/protocols/mqtt/ssl_ds/README.md b/examples/protocols/mqtt/ssl_ds/README.md index cbb7f0c..168cfcb 100644 --- a/examples/protocols/mqtt/ssl_ds/README.md +++ b/examples/protocols/mqtt/ssl_ds/README.md @@ -48,11 +48,12 @@ Paste the generated CSR in the [Mosquitto test certificate signer](https://test. ``` pip install esp-secure-cert-tool ``` -* The DS peripheral can be configured by executing the following command: +* ii) The DS peripheral can be configured by executing the following command: ``` -configure_esp_secure_cert.py -p /* Serial port */ --device-cert /* Device cert */ --private-key /* RSA priv key */ --target_chip /* target chip */ --configure_ds +configure_esp_secure_cert.py -p /* Serial port */ --device-cert /* Device cert */ --private-key /* RSA priv key */ --target_chip /* target chip */ --configure_ds --skip_flash ``` +This command shall generate a partition named `esp_secure_cert.bin` in the `esp_secure_cert_data` directory. This partition would be aumatically detected by the build system and flashed at appropriate offset when `idf.py flash` command is used. For this process, the command must be executed in the current folder only. In the command USB COM port is nothing but the serial port to which the ESP chip is connected. see [check serial port](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/establish-serial-connection.html#check-port-on-windows) for more details. diff --git a/examples/protocols/mqtt/ssl_ds/partitions.csv b/examples/protocols/mqtt/ssl_ds/partitions.csv index d59df06..0c4ad77 100644 --- a/examples/protocols/mqtt/ssl_ds/partitions.csv +++ b/examples/protocols/mqtt/ssl_ds/partitions.csv @@ -1,6 +1,6 @@ # ESP-IDF Partition Table # Name, Type, SubType, Offset, Size, Flags -esp_secure_cert,0x3F,,0xD000,0x2000, +esp_secure_cert,0x3F,,,0x2000, nvs,data,nvs,,24K, phy_init,data,phy,,4K, factory,app,factory,0x20000,1M, diff --git a/examples/protocols/mqtt/ssl_ds/sdkconfig.defaults b/examples/protocols/mqtt/ssl_ds/sdkconfig.defaults index 4b0421e..94e282f 100644 --- a/examples/protocols/mqtt/ssl_ds/sdkconfig.defaults +++ b/examples/protocols/mqtt/ssl_ds/sdkconfig.defaults @@ -1 +1,7 @@ CONFIG_PARTITION_TABLE_CUSTOM=y +# Setting partition table offset to 0xC000 would make the address of +# `esp_secure_cert` partition as 0xD000 (comes next in the sequence). +# Modules that are programmed with Espressif Secure Pre Provisioining service +# uses this offset for `esp_secure_cert` and hence this change aligns this example +# to work on those modules. +CONFIG_PARTITION_TABLE_OFFSET=0xC000