Skip to main content

ESP32 ADC Speed

I couldn’t find any usable info about the sampling speed of Espressif’s ESP32 onboard ADC.

The benchmark was performed on the following Hardware:

Platform: Espressif 32 -> NodeMCU-32S
System: ESP32 240MHz 320KB RAM (4MB Flash)

The firmware for the benchmark was build using PlatformIO with the Arduino framework. To get a fast access to the hardware, the Espressif IoT Development Framework was used for all ADC specific function calls.

The results are showing that the ADC is capable of doing 27.2 ksps (27173 samples per second). This does not change when reducing the resolution to 10 or even 9 bits.

Resolution (bit) Speed (ksps)
ADC_WIDTH_BIT_9 27.1739
ADC_WIDTH_BIT_10 27.1739
ADC_WIDTH_BIT_11 27.1739
ADC_WIDTH_BIT_12 27.1739

For me this results were unexpected, since a lower resolution should decrease the sample time.


In the Espressif datasheet (topic 4.1.2), the ADC characteristics shows the following maximum sampling rates.

Description Sampling rate (max)
RTC controller 200 ksps
DIG controller 2 Msps

First question: what is a DIG controller and why has the RTC/DIG controller impact on the sampling speed? Assuming the numbers in the datasheet are valid, the measured speed differ massively from this rates. The implementation of adc1_get_raw is quite complex and does a lot of hardware initialization/locking around adc_convert().

So, the hardware might be capable to provide the claimed speeds but definitely not when using Espressif’s IDF as described in their documentation.

Airplay mirroring with HDMI dongles

I was interested in how Apple AirPlay screen mirroring is implemented in this super cheap Chinese HDMI dongles. Apple’s protocol is closed source and was reverse engineered back in in 2004. I couldn’t find an up to date open source project which implements a AirPlay server supporting screen mirroring. So lets see what this HDMI dongles have under the hood.

I purchased a device from ELEGIANT. I think there are also devices, sold under a different brand which are based on the same hardware.


Just a quick summery of the found hardware components.


Rockchip RK3036G
ARM Cortex A7 dual core


Winbond W691GG6KB


Winbond W25Q128BVIG
ID: 0x00ef4018


Realtek RTL8188ETV
Connected via USB interface

Read More

Automatic check for expiring SSL certificates

A quick solution to periodically check your certificates for expiring and get a notification via mail before they expire. I have multiple PKI’s and found it really useful to have such a automatic service.

The tool ssl-cert-check, which is part of the Debian package repository, does a quite good job finding expiring certificates but unfortunately doesn’t support analyzing directories. Luckily the author of this tool implemented this feature in the latest version available on GitHub.

First we have to clone the repo to have the latest version available on our system.

I created a small shell script which does the actually check and send a mail if a certificate will expire in <=60 Days. Gist also available here.

I placed the script within the ssl-cert-check folder. The script will check all certificates in the subfolder certs. Here is the folder structure:

To include certificates, we just need to create a symlink in the certs folder. I added links to my easy-rsa PKI’s to include them.

For a periodically check, we finally need to add the script to the cron daemon. For a daily check:

Disable serial console in Debian

Especially for not physically owned servers, like virtual servers, it makes sense to not only set the focus on SSH security. For virtual servers it’s quite common to have a virtual serial console which is accessible over your server control panel.

If someone grands access to this server control panel, the user has direct access to the system logon. Login control, like limit access to public key authentication, is part of SSH and is not active here. Because you shouldn’t trust the sever provider in terms of perfectly implemented security, it’s a good practice to also take this channel into account.

One solution is to completely disable the serial console after system boot. This makes a booted system inaccessible over the serial console. The following configuration is working on Debian with systemd.

Modify /etc/systemd/logind.conf and set ReserveVT and NAutoVTs to 0. This controls how many virtual terminals are reserved or allocated by the system.

Disable tty1.

The status of the disabled service should be like this.

After rebooting the system, you can still see the system boot including GRUB (boot loader) and also interrupt the system boot procedure. But after a complete system boot, the running system is inaccessible from the serial console.

Debian mdadm post boot assemble

After the upgrade to Debian Stretch, I had problems getting my raid volume with external bitmap assembled. After assembling, definition in /etc/mdadm/mdadm.conf, the array was created without the configured eternal bitmap.

Reason for this “Issue” was the fact that the mdadm assemble is done in the initramfs during the boot. In this stage, the volume for the external bitmap doesn’t exist yet.

To solve this, we need to disable the mdadm assemble during boot. The following steps describe how to configure mdadm to assemble an array after booting the kernel and support an external bitmap.

Add an external bitmap to the array.

Disable the initramfs mdadm hook.

Update the initramfs.

To check the current initramfs you can do the following.

After reboot you should find the assembled array with enabled external bitmap.