I'm working on a complex legacy codebase for the nRF52840, which uses nRF5 SDK 15.0.0 and the S140 SoftDevice v6.0.0. The device previously only used a custom RF protocol both in the bootloader and in the main application, but I need to add BLE support that replicates the current functionality. The biggest challenge I'm facing is that the device consists of two nRF52840 modules that undergo a handshake process in their bootloaders before each can start its main application.
I tested patching in the secure bootloader, but ran into a handful of problems. The current custom bootloader uses a watchdog timer, which was used by the previous devs as a part of the update process rather than a worst-case safety measure. It doesn't look like I would be able to replicate the functionality with the bootloader watchdog. I would also need to modify the SDK to not enter the main application after secure DFU, because this causes one module to enter its main app while the other hangs. Lastly, this method complicates the transfer of the binary for the second module.
Implementing a custom BLE service in the bootloader should be able to circumvent most of these issues, but is it possible to do this? nrf_sdh_enable_request() causes the bootloader to crash. I see in nrf_dfu_ble.c that some other functions are used to initialize the BLE stack. I can try to port the code over, but I'm not sure if it will be possible to modify it to implement NUS.
I'd greatly appreciate any feedback on how to safely implement this multiprotocol OTA DFU process, or verification that it's possible to implement regular BLE advertising and services within the bootloader.