football2801/pictureFrame-webApp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(device-api): include SHA-256 of served .bin in X-Image-Sha256 header
CI / test (push) Has been cancelled
Details

Browse Source 
Lets the firmware verify integrity end-to-end and discard a corrupt
transfer before painting the panel — pairs with the firmware-side hash
check that lands in the same series of changes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Matt Edholm
2026-05-06 19:42:44 -04:00
parent 8beb7331dd
commit 100e101d05
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Controller/DeviceImageController.php
+10 -3
View File
@@ -158,10 +158,17 @@ class DeviceImageController extends AbstractController
'bytes' => filesize($binPath), 'bytes' => filesize($binPath),
]); ]);
// SHA-256 of the .bin lets the device verify integrity end-to-end:
// anything that gets corrupted between Imagick's render and the
// ESP32 framebuffer (TCP edge cases, memory glitch, partial flush)
// is caught before we commit the bytes to NVS or paint the panel.
// The ESP32-S3 has hardware SHA so the verification is essentially
// free on the device side.
$response = new BinaryFileResponse($binPath); $response = new BinaryFileResponse($binPath);
$response->headers->set('Content-Type', 'application/octet-stream'); $response->headers->set('Content-Type', 'application/octet-stream');
$response->headers->set('X-Image-Id', (string) $image->getId()); $response->headers->set('X-Image-Id', (string) $image->getId());
$response->headers->set('X-Interval-Ms', (string) $intervalMs); $response->headers->set('X-Image-Sha256', hash_file('sha256', $binPath));
$response->headers->set('X-Interval-Ms', (string) $intervalMs);
return $response; return $response;
} }