OTA Firmware Upload does not work with Encryption #20
Description
Currently, the Bootloader does not appear to support Encryption (specifically AES-128 with the NRG family).
This causes a problem when the user is using encryption in the User Application, but would like to use SwapDMT-cmd for OTA firmware update.
The software will need to be updated with one of the following fixes:
- The SwapDMT application should switch to unencrypted mode when uploading firmware
- This might be the easiest approach, should be fixable only in the Python tools
- However then the firmware will be transmitted unencrypted
- Add encryption support in the Bootloader, and store the AES key somewhere accessible from both, such as an nvram buffer
- This would not be backwards compatible with previous versions of the bootloader
- This would be more secure
We have developed a workaround right now by merging the encryption code from the Application's SWAP into the bootloader and recompiling, but it does not seem to be general enough to share here.
I am filing this issue here, because it may affect a few different repos (SWAP lib, Python Tools, etc).