update readmes

README.md

@@ -29,12 +29,12 @@ The source code is released under the [GNU GPL v3 license](/noisemeter-device/LI
 
 ## Hardware Files
 
-The [hardware](/hardware) folder contains design files and documentation for each iteration of the noisemeter hardware. The PCBs are designed using [KiCAD](https://www.kicad.org/).
+The [hardware](/hardware) folder contains design files and documentation for each iteration of the sensor hardware. The PCBs are designed using [KiCAD](https://www.kicad.org/).
 
 The hardware design files are released under an [open hardware license](/hardware/pcb-rev2/LICENSE).
 
 ## For Developers
 
-* Check out the [Issues page](https://github.com/CivicTechTO/proj-noisemeter-device/issues) to see current bugs and feature requests. Any contributions are welcome!
+* Check out the [Issues page](https://github.com/CivicTechTO/tRacket-sensor/issues) to see current bugs and feature requests. Any contributions are welcome!
 * Online documentation of the firmware [is available here](https://civictechto.github.io/tRacket-sensor/).
 

noisemeter-device/BUILD.md

@@ -9,8 +9,6 @@ python certs.py -s api.tracket.info > certs.h
 
 ## Code compilation and upload
 
-### PlatformIO
-
 1. [Install PlatformIO](https://platformio.org/install).
 
 2. Run `pio run` to compile for the PCB. A breadboard target is available too: `pio run -e esp32-breadboard`.
@@ -19,15 +17,16 @@ python certs.py -s api.tracket.info > certs.h
 
 ## HMAC encryption key
 
-Data stored on the device (e.g. WiFi credentials) are encrypted with an "eFuse" key. This key can only be written once, and is not be read or written after that. 
-
-Using PlatformIO:
+Data stored on the device (e.g. WiFi credentials) are encrypted with an "eFuse" key. This key can only be configured once, and cannot be read or written after that. 
 
 ```bash
 dd if=/dev/urandom of=hmac_key bs=1 count=32
 pio pkg exec -- espefuse.py --port /dev/ttyACM0 burn_key BLOCK4 hmac_key HMAC_UP
+rm hmac_key
 ```
 
+This is done in the `bringup.sh` script that is used to program new sensors.
+
 **Please generate a unique hmac_key for each device.**
 
 ## Enable secure download mode
@@ -46,21 +45,20 @@ pio pkg exec -- esptool.py write_flash 0x10000 .pio/build/esp32-pcb/firmware.bin
 
 ## Signing OTA updates
 
-A 4096-bit RSA key is used to sign OTA updates. Whoever controls the private OTA signing key can create a public key with this command and include its contents in `noisemeter_device/ota_update.cpp`:
+OTA updates must be signed for deployed tRacket sensors to accept them. The
+GitHub repo is configured to automatically sign firmware updates when releases
+are published.
 
-```bash
-openssl rsa -in priv_key.pem -pubout > rsa_key.pub
-```
+Signing requires a 4096-bit RSA key. To sign an update (assuming you have the
+private key), run `pio run -t ota`.
 
-They may also sign a firmware update with these commands (the signature is prepended to the firmware binary):
+The public key is to be stored in `noisemeter_device/ota_update.cpp`. To obtain
+the public key (assuming you have the private key), run:
 
 ```bash
-openssl dgst -sign priv_key.pem -keyform PEM -sha256 -out firmware.sign -binary .pio/build/esp32-pcb/firmware.bin
-cat firmware.sign .pio/build/esp32-pcb/firmware.bin > firmware_signed.bin
+openssl rsa -in priv_key.pem -pubout > rsa_key.pub
 ```
 
-`firmware_signed.bin` is then uploaded to the OTA server.
-
 ## Operation Overview:
 
 * After initial programming or a factory reset, the device will enter Hotspot mode once it is powered on. This is indicated by a blinking LED.