hash in bootloader

Hi William,

1. If they use our tools and the example bootloader (which can typically be used more or less out of the box), they do not need to make any changes here. So if "how to use this hash" is a high level question, then the answer is that they should generate the DFU image using nrfutil as explained in the documentation, and that will handle the generation of the init packet including the signing for them.

2. Is the question about what the hash is? I the bootloader, the init packet is always signed, and this among other tings contain a hash of the applicaion, and this is how the integrity of the application is  ensured. Moreover, the init packet itself is hashed, and that has is signed to ensure the integrity and authenticity of the init packet. To verify it, the bootloader hashes the init packet, and validates the hash against the signature, using the public key. This is why the hash, signature and public key are inputs.

Hi William,

1. If they use our tools and the example bootloader (which can typically be used more or less out of the box), they do not need to make any changes here. So if "how to use this hash" is a high level question, then the answer is that they should generate the DFU image using nrfutil as explained in the documentation, and that will handle the generation of the init packet including the signing for them.

2. Is the question about what the hash is? I the bootloader, the init packet is always signed, and this among other tings contain a hash of the applicaion, and this is how the integrity of the application is  ensured. Moreover, the init packet itself is hashed, and that has is signed to ensure the integrity and authenticity of the init packet. To verify it, the bootloader hashes the init packet, and validates the hash against the signature, using the public key. This is why the hash, signature and public key are inputs.