AtomVM icon indicating copy to clipboard operation
AtomVM copied to clipboard
verified publisher icon atomvm

Checksum against truncated / corrupted avm files

Open bettio opened this issue 1 year ago • 2 comments

There is no easy way to know if a .avm file is truncated or overwritten with other data. When this kind of issues happen they might be really annoying to debug. So .avm structure and content should be checked for integrity.

There are 2 possible options:

  • iterate all .avm sections checking for consistency (and maybe for an end-of-avm section)
  • add a checksum at the end of the AVM pack and verify it

bettio avatar Sep 08 '24 18:09 bettio

I love the idea of adding a checksum for verification. This will make verifying updates over OTA much more reliable.

UncleGrumpy avatar Sep 08 '24 22:09 UncleGrumpy

Something that popped out at work (not that we're using AtomVM, though) is the ability to cryptographically verify firmware signatures before applying OTA updates.

pguyot avatar Sep 10 '24 17:09 pguyot