1# Copyright (c) 2018-2023 O.S.Systems
2# SPDX -License-Identifier: Apache-2.0
3
4menuconfig UPDATEHUB
5	bool"UpdateHub Firmware Over-the-Air support"
6	depends on FLASH
7	depends on REBOOT
8	depends on IMG_MANAGER
9	depends on BOOTLOADER_MCUBOOT
10	depends on NETWORKING
11	depends on NET_UDP
12	depends on NET_SOCKETS
13	depends on NET_SOCKETS_POSIX_NAMES
14	depends on COAP
15	depends on DNS_RESOLVER
16	depends on JSON_LIBRARY
17	depends on HWINFO
18	select REQUIRES_FULL_LIBC
19	select IMG_ENABLE_IMAGE_CHECK
20	select MPU_ALLOW_FLASH_WRITE
21	help
22	  UpdateHub is an enterprise-grade solution which makes simple to
23	  remotely update all your embedded devices in the field. It
24	  handles all aspects related to sending Firmware Over-the-Air
25	  (FOTA) updates with maximum security and efficiency, while you
26	  focus in adding value to your product.
27
28if UPDATEHUB
29config UPDATEHUB_POLL_INTERVAL
30	int "Time to poll interval (in minutes)"
31	default 1440
32	range 0 43200
33	help
34	  Set the interval that the UpdateHub update server will be polled.
35	  This time interval is zero and 43200 minutes(30 days).
36
37config UPDATEHUB_PRODUCT_UID
38	string "Product Unique Identifier (UID)"
39	help
40	  The product unique identifier is used when communicating
41	  with the UpdateHub server.
42
43config UPDATEHUB_SUPPORTED_HARDWARE_MAX
44	int "Max number of supported hardware"
45	default 1
46	range 1 100
47	help
48	  Configure the max number of supported hardware
49	  by the same image.
50
51config UPDATEHUB_CE
52	bool "Use UpdateHub Community Edition Sever"
53	help
54	  Allow the use of UpdateHub Community
55	  Server (updatehub-ce) as alternative to the
56	  updatehub.io enterprise server.
57
58config UPDATEHUB_SERVER
59	string "User address for the updatehub-ce-server"
60	depends on UPDATEHUB_CE
61	help
62	  This configuration is default, if need to use
63	  other address, must be set on the UpdateHub shell
64
65config UPDATEHUB_SHELL
66	bool "UpdateHub shell utilities"
67	depends on SHELL
68	select KERNEL_SHELL
69	help
70	  Activate shell module that provides UpdateHub commands like
71
72config UPDATEHUB_DTLS
73	bool"Activate communication CoAPS/DTLS"
74	select MBEDTLS
75	select MBEDTLS_ENABLE_HEAP
76	select NET_SOCKETS_SOCKOPT_TLS
77	select NET_SOCKETS_ENABLE_DTLS
78	help
79	  Enables DTLS communication between the UpdateHub
80	  client and the server
81
82config UPDATEHUB_COAP_CONN_TIMEOUT
83	int "CoAP connection timeout in seconds"
84	default 10
85	range 1 360
86	help
87	  Set the CoAP connection timeout value.
88
89config UPDATEHUB_COAP_MAX_RETRY
90	int "Maximum retries attempts to download a packet"
91	default 10
92	range 3 10
93	help
94	  Set the maximum number of retries attempts to download a packet
95	  before abort a current update.
96
97config UPDATEHUB_COAP_BLOCK_SIZE_EXP
98	int "Max CoAP block size defined as 2^(4 + EXP)"
99	default 6
100	range 0 6
101	help
102	  Configure the max size of a data payload were value:
103	    0 - COAP_BLOCK_16
104	    1 - COAP_BLOCK_32
105	    2 - COAP_BLOCK_64
106	    3 - COAP_BLOCK_128
107	    4 - COAP_BLOCK_256
108	    5 - COAP_BLOCK_512
109	    6 - COAP_BLOCK_1024
110
111	  This value is mapped directly to enum coap_block_size.
112
113choice
114	prompt "Firmware verification"
115	default UPDATEHUB_DOWNLOAD_STORAGE_SHA256_VERIFICATION
116
117config UPDATEHUB_DOWNLOAD_SHA256_VERIFICATION
118	bool "SHA-256 on download"
119	help
120	  Enables SHA-256 verification of data stream while downloading.
121	  Notice that it does not check whether the image written to a
122	  storage is still valid, it only confirms that what has been
123	  downloaded matches the server side SHA.
124
125	  To check if the data written to permanent storage matches the SHA
126	  simultaneously, enable "Both download and flash verifications"
127	  option.
128
129config UPDATEHUB_STORAGE_SHA256_VERIFICATION
130	bool "SHA-256 from flash"
131	help
132	  Enables SHA-256 verification of stored data stream.  When this
133	  option is enabled, the data stream will be read back from the
134	  storage and verified with SHA to make sure that it has been
135	  correctly written.
136
137	  To check if the download data stream matches the SHA simultaneously,
138	  enable "Both download and flash verifications" option.
139
140config UPDATEHUB_DOWNLOAD_STORAGE_SHA256_VERIFICATION
141	bool "SHA-256 from both download and flash"
142	help
143	  Enables SHA-256 verification on both data stream while downloading
144	  and stored data stream on flash.
145
146	  It is advised to leave this option enabled.
147
148endchoice
149
150choice FLASH_AREA_CHECK_INTEGRITY_BACKEND
151	default FLASH_AREA_CHECK_INTEGRITY_MBEDTLS
152endchoice
153
154module = UPDATEHUB
155module-str = Log level for UpdateHub
156module-help = Enables logging for UpdateHub code.
157source "subsys/logging/Kconfig.template.log_config"
158
159endif
160