File System
- File Listing
- File Types
- File Flags
- File Version
- File Checksum
- Special Files
- Writing Files to the File System
- Reading Files from the File System
- Flash Storage
- Encrypting Files for Use by ZentriOS
- Encrypted File Format
- Encryption Sequence
- Decryption Sequence Most connected applications require the ability to store configuration information or cache local data. ZentriOS provides a reliable read/write filesystem and access to extended and bulk flash storage to satisfy application storage requirements.
Zentri Wi-Fi modules contain a microprocessor with internal flash and an extended (on module) serial flash. An additional (optional) bulk serial flash is also supported. See Flash Storage. For third-party devices running ZentriOS, an extended serial flash must be provided to store temporary files and to enable wireless OTA updates.
Commands are available to create, delete and open files, and file contents can be easily accessed using one or more stream commands.
Here's a quick example showing how to create, manipulate then delete a file:
| ZentriOS Commands | Description |
|---|---|
| |
File Listing
To obtain a verbose listing of all files on the MCU-internal flash, extended (and bulk) serial flash, use the ls command with the -v option. Users are only permitted to write files to serial flash.
> ls -v
! # Type Flags Hnd Size Version Filename
# 0 e-FE 0001 73 1853 2.0.0.11 /favicon.ico.gz
# 1 e-FE 0001 68 18067 2.0.0.11 webapp/images.png
# 2 e-FE 0001 52 10525 2.0.0.11 webapp/index.css.gz
# 3 e-FE 0001 65 10155 2.0.0.11 webapp/index.html
# 4 e-FE 0001 55 39247 2.0.0.11 webapp/index.js.gz
# 5 e-FB 0001 74 36511 2.0.1.8 command_help.csv
# 6 e-FD 0001 51 135 2.0.0.11 default_setup.script
# 7 e-03 0001 50 1236 2.0.0.11 geotrust_ca.pem
# 8 e-FE 0021 84 2074 1.0.0.0 my_ca.pem
# 9 i-00 001B 0 212736 2.0.1.8 sys/kernel.bin
# 10 i-81 001B 52 178252 2.0.1.8 sys/services.bin
# 11 e-01 0009 0 203261 5.26.230.3 sys/wifi_fw.bin
# 12 b-FE 0021 25 1995261 2.1.0.0 DSC20564.JPEGFile Types
In the ls file listing, Type column, a prefix indicates the location of the file in internal, extended or bulk flash:
- i - MCU internal flash
- e - extended serial flash
- b - bulk serial flash
See Flash Storage below.
For example, e-FE indicates a file in extended serial flash with a file type of 0xFE.
File types are used internally by ZentriOS for file management.
ZentriOS file types are enumerated in the following table.
| File type | ID (hex) | ID (dec) |
|---|---|---|
| KERNEL | 0x00 | 0 |
| WIFI_FW | 0x01 | 1 |
| SHARED_LIB | 0x02 | 2 |
| TLS_CERT | 0x03 | 3 |
| TXT_LOG | 0x04 | 4 |
| NVM | 0x05 | 5 |
| MISC_APP | 0x80 | 128 |
| SERVICES | 0x81 | 129 |
| ZAP | 0x83 | 131 |
| SAFEMODE_APP | 0x84 | 132 |
| IZAP | 0x85 | 133 |
| Custom type | 0x96 - 0xC7 | 150 - 199 |
| TEMPORARY | 0xF9 | 249 |
| GPIO_CONFIG | 0xFA | 250 |
| COMMAND_HELP | 0xFB | 251 |
| SDC_CAPS | 0xFC | 252 |
| SETUP_SCRIPT | 0xFD | 253 |
| MISC_FIX_LEN | 0xFE | 254 |
| TYPE_INVALID | 0xFF | 255 |
Custom User Types
The type range from 0x96 (decimal 150) to 0xC7 (decimal 199) is set aside for custom types. Use types in this range for file management specific to your application.
File Flags
Flags are displayed in the file listing in hex format, without a 0x prefix.
The flags correspond to bits as follows:
| Flag | Bit | Notes |
|---|---|---|
| Valid | 0 | |
| Executable | 1 | |
| Encrypted | 2 | Encrypted with either the system.security_key or the device's internal AES key. See -y option for file_create, http_download |
| Internal | 3 | |
| Bootable | 4 | |
| User | 5 | |
| Essential | 6 | This flag can be explicitly set with the -e flag for file_create, http_download |
| Backup | 7 | |
| Unprotected | 8 | This flag can be explicitly set with the -u flag for file_create, http_download |
| Log | 9 | |
| User Encrypted | 10 | Encrypted with the system.security_key. See -s option for file_create, http_download. See also File System, Encrypting Files for Use by ZentriOS. |
Only the Essential and the Unprotected flags can be explicitly set using a command.
The file_create and http_download commands provide -e and -u options to set the Essential and Unprotected flags.
Examples:
| Flags column | Flags Set |
|---|---|
001B | Valid Executable Internal Bootable |
0021 | Valid User |
0061 | Valid User Essential |
0121 | Valid User Unprotected |
0161 | Valid User Essential Unprotected |
File Version
For files that form part of the ZentriOS system, such as services.bin and kernel.bin, the file version follows the scheme:
<major>.<minor>.<patch>.<release_candidate>When creating a user file, the user can choose the versioning scheme. The file_create and http_download commands provide a version option to set the version.
File Checksum
The checksum used on individual files is calculated using a CCITT CRC-16 algorithm with polynomial 0x1021. The full set of CRC parameters is as follows:
| Parameter | Value |
|---|---|
| CRC Order | 16 |
| CRC Polynomial | 0x1021 |
| Initial Value | FFFF (direct) |
| Final XOR | 0x0 |
| Reverse data bytes | Yes |
| Reverse CRC | No |
See the crc_zentrios.py python script and the crccitt_test.c C source for demonstrations of calculating the CRC.
The file_create and http_download commands provide an option to set the CRC.
You can view a file CRC with the file_stat command. The CRC is the second item in the comma-separated list.
See also the File System application note.
Special Files
Some files with special functions are listed in the following table:
| File Name | Description | Notes |
|---|---|---|
| default_setup.script | Runs on issuing setup cmd | See Configuration and Setup, Setup Configuration Script |
| default_config.csv | Variable configuration, loaded after a successful OTA | See Configuration and Setup, Variable Configuration Script |
| gpio_config_init.csv | Bootup GPIO configuration | See Configuration and Setup, Using a GPIO Configuration File |
Writing Files to the File System
There are two ZentriOS commands that can write to the file system:
There are several ways to invoke these commands:
- Via the ZentriOS Web App. This is the simplest way to manage files manually.
- Manually, via a ZentriOS terminal or a remote terminal
- Under programmed MCU host control
- Via the HTTP Server RESTful API
Writing with the ZentriOS Web App File Browser
When you open the ZentriOS Web App in a web browser and select the Files tab, you can upload files to the device file system using click and browse, or drag and drop.
In the background, the ZentriOS Web App uses the file_create command to write files to the device file system, using the HTTP Server RESTful API.
There are several ways to activate the ZentriOS Web App. See ZentriOS Web App.
Writing with a ZentriOS Terminal or Remote Terminal
Use the file_create command to create the file. Immediately after issuing the command, type the file contents, or alternatively copy and paste the file contents into the terminal after issuing the fcr command. The length of the file must be supplied. The character count includes any line termination characters.
In the example below we create a script that can be run using the command setup cmd -v test.script. In this case the character count is 35.
> fcr test.script 35
help,setup,\r\n#This is a comment
File created
SuccessWriting File Contents to a Stream in Chunks
You can write the file in chunks by leaving the file open after issuing the file_create with the -o option. Write the file chunks to the stream returned by the file_create command. You must know the total size of the file to be created in advance.
In the example below a small file is created in two chunks:
| Commands and Responses | Description |
|---|---|
| |
HTTP Download
You can also provide the file for download from a web server accessible to the device, and use the http_download command. For example:
> http_download http://www.google.com.au/images/srpr/logo11w.png test1.png
Downloading: test1.png to flash file system
Request GET /images/srpr/logo11w.png
Connecting (http): www.google.com.au:80
HTTP response: 200
Success
> ls
! # Size Version Filename
…
# 4 14022 1.0.0 test1.png
…OTA
OTA wireless updates allow you to update the ZentriOS system files automatically from Zentri OTA update servers online. Please contact Zentri if you need custom hosting services for your application firmware or files.
Reading Files from the File System
The following ZentriOS commands can write to the file system:
There are several ways to invoke these commands:
- Via the ZentriOS Web App. This is the simplest way to manage files manually.
- Manually, via a ZentriOS terminal or a remote terminal
- Under programmed MCU host control
- Via the HTTP Server RESTful API
Reading with the ZentriOS Web App File Browser
When you open the ZentriOS Web App in a web browser and select the Files tab, you can download a file from the device file system by clicking the file name.
In the background, the ZentriOS Web App uses the file_open command to read the files from the device file system, using the HTTP Server RESTful API.
There are several ways to activate the ZentriOS Web App. See ZentriOS Web App.
Reading from a ZentriOS Terminal or Remote Terminal
You can read text files directly from the ZentriOS Terminal. Read the file, using a file_open followed by a stream_read command, specifying the stream index returned from the file open, e.g.:
> fop default_setup.script
[Opened: 0]
0
> read 0 1000
network_up,-s ,Configuration network credentials
set wlan.auto_join.enabled,true,Enable network auto-join
save,-,Saving settings
[Closed: 0]HTTP Upload
You can upload the file to an available web server with file upload capability with the http_upload command.
Flash Storage
A ZentriOS device contains internal flash inside the microprocessor and an extended flash chip for user storage.
Extended flash is serial flash. Internal flash cannot be manipulated by ZentriOS commands.
Bulk Flash
In addition, an external serial flash can be connected to the device using the existing sflash GPIOs. This is referred to as bulk flash. To enable access to bulk flash, configure the chip select GPIO with the system.bflash.cs_gpio variable.
By default ZentriOS can support up to 128MB bulk flash.
All OTA files and config files (created by the save command) are always stored on extended flash regardless of whether the bulk flash is enabled.
The following commands operate on bulk flash if available, otherwise on extended flash:
- http_download - saves file to bulk flash if available, otherwise to extended flash
- file_create - saves file to bulk flash if available, otherwise to extended flash
- file_open - opens file if found on bulk flash, otherwise on extended flash
- file_delete - deletes file if found on bulk flash, otherwise on extended flash
Extended and bulk flash can be formatted with the format_flash command.
Supported Bulk Flash Chips
Serial flash chips currently supported by ZentriOS are as follows:
| Model ID | Storage Capacity (Megabytes) |
|---|---|
| SFLASH_ID_MX25L8006E | 1 |
| SFLASH_ID_MX25L1606E | 2 |
| SFLASH_ID_SST25VF080B | 1 |
| SFLASH_ID_EN25QH16 | 2 |
| SFLASH_ID_EN25Q80B | 1 |
If you require support for a serial flash chip not listed in the table above, please contact Zentri.
Connecting Bulk Serial Flash to the Device
The ZentriOS device is the SPI master. The bulk sflash is the SPI slave.
Connecting bulk sflash to the device requires 4 signals. The GPIO numbers vary depending on the device, as follows:
| Name | Wallaby GPIO # | Numbat GPIO # | Comments |
|---|---|---|---|
| CLK | 17 | 7 | Serial Clock |
| MOSI | 18 | 8 | Master Out, Slave In |
| MISO | 19 | 6 | Master In, Slave Out |
| CS | X | X | Chip Select. Configurable based on system.bflash.cs_gpio variable |
Use the format_flash bulk command to erase the contents of the sflash.
The bulk sflash uses the same SPI bus as the extended serial flash on-board the module. Thus the SPI parameters (clock speed, polarity, etc) are not configurable..
Encrypting Files for Use by ZentriOS
The python script crypto_util.py demonstrates encrypting and decrypting files which can be used by ZentriOS.
An example zap also demonstrates encrypting/decrypting:
Encrypted File Format
A ZentriOS encrypted file has the following format:
- 32 byte 'header':
- 16 byte Initialization Vector (IV), used to do the AES CBC encryption
- 16 byte Hash Message Authentication Code (HMAC), used to verify the decrypted data
- Encrypted file data
So an encrypted file is always 32 bytes longer than an unencrypted file.
Encryption Sequence
The sequence for encrypting a file is as follows:
- Generate Initialization Vector (IV)
- Initialize AES-128 context with the user AES key
- Calculate the Cipher Block Chaining (CBC) of the entire file, IV=0, and pad with 0s to 16 bytes if necessary, the last 16 bytes of the encrypted output is used as the HMAC
- Write the initial IV (the IV from step 1) to the output file/buffer
- Using the IV from step 1 and AES-128 context from step 2, using CTR mode encrypt HMAC and write to output file/buffer
- Using IV from step 5 and AES-128 context from step 2, using CTR mode encrypt file contents and write to output file/buffer
Decryption Sequence
- Initialize AES-128 context with the user AES key
- Read the 16 byte IV from the beginning of the encrypted file
- Read the 16 bytes encrypted HMAC from the file
- Using the AES context from Step 1 and the IV from Step 2, decrypt the HMAC using AES CTR mode
- Using the AES context and IV from step 4, decrypt the rest of the file using AES CTR mode
- Calculate the Cipher Block Chaining (CBC) of the decrypted file data from step 5, IV=0, and pad with 0s to 16 bytes if necessary
- The final block from step 6 should match the HMAC from step 4. If the two 16 byte values don't match then either the given user key is invalid or the encrypted file is corrupted.