In order to further protect against rogue firmware, I've created a firmware signing certificate and used it to sign the firmware in the release zip. There's also a README included with the steps to validate the signature. It's simple operations with OpenSSL. The code signing certificate is also separately included in the Files section of the project and has been checked into GitHub, but if you're really paranoid then you should contact me offline somehow and I can provide you with the expected SHA256 hash of the certificate or some other reasonable proof of authenticity.
If it turns out there is some reasonable and free mechanism for obtaining a trusted code signing certificate, I'll endeavor to resign the same public key, if possible.
Meanwhile, this will allow for reasonable security around field firmware updates.
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.