<?xml version="1.0" encoding="UTF-8" ?>
<?xml-stylesheet type="text/xsl" href="https://devzone.nordicsemi.com/cfs-file/__key/system/syndication/rss.xsl" media="screen"?><rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>hash in bootloader</title><link>https://devzone.nordicsemi.com/f/nordic-q-a/111751/hash-in-bootloader</link><description>hi support team, 
 1. customer asks about one question about hash in our dfu init packet. 
 our dfu lib will send init packet to our 52 device, how to use this hash in init.data in our bootloader project. 
 
 2. and another question is what&amp;#39;s the meaning</description><dc:language>en-US</dc:language><generator>Telligent Community 13</generator><lastBuildDate>Mon, 03 Jun 2024 13:10:08 GMT</lastBuildDate><atom:link rel="self" type="application/rss+xml" href="https://devzone.nordicsemi.com/f/nordic-q-a/111751/hash-in-bootloader" /><item><title>RE: hash in bootloader</title><link>https://devzone.nordicsemi.com/thread/487139?ContentTypeID=1</link><pubDate>Mon, 03 Jun 2024 13:10:08 GMT</pubDate><guid isPermaLink="false">137ad170-7792-4731-bb38-c0d22fbe4515:798900d5-8653-468d-b87f-e9a924ceeb47</guid><dc:creator>Einar Thorsrud</dc:creator><description>&lt;p&gt;Hi William,&lt;/p&gt;
&lt;p&gt;1. If they use our tools and the example bootloader (which can typically be used more or less out of the box), they do not need to make any changes here. So if &amp;quot;how to use this hash&amp;quot; is a high level question, then the answer is that they should generate the DFU image using nrfutil as explained in the &lt;a href="https://docs.nordicsemi.com/bundle/sdk_nrf5_v17.1.0/page/lib_bootloader_dfu_validation.html"&gt;documentation&lt;/a&gt;, and that will handle the generation of the init packet including the signing for them.&lt;/p&gt;
&lt;p&gt;2. Is the question about what the hash is? I the bootloader, the init packet is always signed, and this among other tings contain a hash of the applicaion, and this is how the integrity of the application is&amp;nbsp; ensured. Moreover, the init packet itself is hashed, and that has is signed to ensure the integrity and authenticity of the init packet. To verify it, the bootloader hashes the init packet, and validates the hash against the signature, using the public key. This is why the hash, signature and public key&amp;nbsp;are inputs.&lt;/p&gt;&lt;div style="clear:both;"&gt;&lt;/div&gt;</description></item></channel></rss>