BLE DFU with encrypted images in MCUBoot

RE: BLE DFU with encrypted images in MCUBoot

Menon — Mon, 12 Aug 2024 07:47:50 GMT

Hello,

Sorry for getting back to you so late; it was the summer vacation period here in Norway.

[quote user="Simen Eilevstjonn"]

while using both NSIB and MCUboot, then the process fails, and the old image is swapped back.

However, I found a workaround by disabling NSIB. That is going to be okay for our use case, unless there exists some simple solution to get it to work with a two-stage bootloader.

[/quote]

I believe that image encryption with a two-stage bootloader is not a supported feature. When NSIB is enabled, MCUboot might not support image encryption because this process requires secure handling of keys and decryption, typically performed entirely within a secure environment. NSIB introduces complexity to the boot flow, potentially making it incompatible with image encryption. In the usual scenario, MCUboot decrypts the image before handing it over to the application. However, with NSIB enabled, the boot process is split between secure and non-secure cores, which may prevent the decryption logic from being properly executed.

If NSIB must be used, you might need to implement a custom solution to securely handle image decryption in conjunction with NSIB. Alternatively, as you're currently doing, disabling NSIB is a viable workaround, allowing you to rely solely on MCUboot for the process.

Kind regards,
Abhijith

RE: BLE DFU with encrypted images in MCUBoot

Simen Eilevstjonn — Thu, 11 Jul 2024 06:06:22 GMT

Hello,

I still do not have an error message, but the observed behaviour is that if one attempts to do over the air DFU with an encrypted image (using CONFIG_BOOT_ECDSA_TINYCRYPT=y, CONFIG_BOOT_ENCRYPT_IMAGE=y in mcubooot.conf) while using both NSIB and MCUboot, then the process fails, and the old image is swapped back.

However, I found a workaround by disabling NSIB. That is going to be okay for our use case, unless there exists some simple solution to get it to work with a two-stage bootloader.

RE: BLE DFU with encrypted images in MCUBoot

Menon — Wed, 10 Jul 2024 13:34:05 GMT

Hello,

Could you please provide some additional details about the issue you are experiencing? I am unable to determine where the crash is occurring or where the error message is coming from.

Kind regards,

Abhijith

RE: BLE DFU with encrypted images in MCUBoot

Simen Eilevstjonn — Tue, 09 Jul 2024 13:02:37 GMT

The tutorial is for image signing, not encryption.

RE: BLE DFU with encrypted images in MCUBoot

Menon — Tue, 09 Jul 2024 12:06:20 GMT

Hello,

I'm not entirely sure what could be causing the issue. Could you please provide more details that might shed light on the problem? Nordic has an official tutorial on using custom keys in DFU which might be helpful.

Kind regards,

Abhijith

RE: BLE DFU with encrypted images in MCUBoot

Simen Eilevstjonn — Tue, 09 Jul 2024 05:35:01 GMT

Hello

We are using an nRF52840 with SDK version 2.6.0.

I do not have a log with an error message. The errors are detected as disconnects during DFU. "FAILED" is also reported in the Android DFU library.

RE: BLE DFU with encrypted images in MCUBoot

Menon — Mon, 08 Jul 2024 12:42:37 GMT

Hello,

I wanted to let you know that I have been assigned to this case and have started looking into it. Could you please share which SDK version and Nordic chip you are using? You mentioned it is reporting as failed; could you share the entire log with the error message you are receiving?

[quote user=""]I could not find that key in merged.hex, so I suspect it is not included.[/quote]

The private key is not included in the merged.hex file that contains the firmware image and other application data to prevent it from being exposed or accidentally included in the production firmware image.

I recommend looking at the section on signature_keys for further insights.

Kind Regards,

Abhijith