• State Not Answered
  • Replies 8 replies
  • Subscribers 65 subscribers
  • Views 158 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 330443
Options

Signing image for DFU OTA

Patil

Hii,

I am working on DFU OTA using nRF52832 board. I have created rsa-2048 key file (priv.pem) and saved it in my project folder and also, edited CMakeList.txt of project file. Still, I am getting this warning. I am little bit confused. Whether I did it correctly or not, please confirm? 

Also, 

Shall need to make any changes in config file?


=== child image mcuboot - begin ===
loading initial cache file C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/child_image_preload.cmake
Loading Zephyr default modules (Zephyr base).
-- Application: C:/ncs/v2.5.2/bootloader/mcuboot/boot/zephyr
-- CMake version: 3.21.0
-- Found Python3: C:/ncs/toolchains/cf2149caf2/opt/bin/python.exe (found suitable version "3.9.13", minimum required is "3.8") found components: Interpreter
-- Cache files will be written to: C:/ncs/v2.5.2/zephyr/.cache
-- Zephyr version: 3.4.99 (C:/ncs/v2.5.2/zephyr)
-- Found west (found suitable version "1.2.0", minimum required is "0.14.0")
-- Board: nrf52dk_nrf52832
-- Found host-tools: zephyr 0.16.5 (C:/ncs/toolchains/cf2149caf2/opt/zephyr-sdk)
-- Found toolchain: zephyr 0.16.5 (C:/ncs/toolchains/cf2149caf2/opt/zephyr-sdk)
-- Found Dtc: C:/ncs/toolchains/cf2149caf2/opt/bin/dtc.exe (found suitable version "1.4.7", minimum required is "1.4.6")
-- Found BOARD.dts: C:/ncs/v2.5.2/zephyr/boards/arm/nrf52dk_nrf52832/nrf52dk_nrf52832.dts
-- Found devicetree overlay: C:/ncs/v2.5.2/bootloader/mcuboot/boot/zephyr/app.overlay
-- Generated zephyr.dts: C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/zephyr.dts
-- Generated devicetree_generated.h: C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/include/generated/devicetree_generated.h
-- Including generated dts.cmake file: C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/dts.cmake
Parsing C:/ncs/v2.5.2/bootloader/mcuboot/boot/zephyr/Kconfig
Loaded configuration 'C:/ncs/v2.5.2/zephyr/boards/arm/nrf52dk_nrf52832/nrf52dk_nrf52832_defconfig'
Merged configuration 'C:/ncs/v2.5.2/bootloader/mcuboot/boot/zephyr/prj.conf'
Merged configuration 'C:/ncs/v2.5.2/nrf/subsys/partition_manager/partition_manager_enabled.conf'
Merged configuration 'C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/misc/generated/extra_kconfig_options.conf'
Configuration saved to 'C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/.config'
Kconfig header saved to 'C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot/zephyr/include/generated/autoconf.h'
-- Found GnuLd: c:/ncs/toolchains/cf2149caf2/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe (found version "2.38")
-- The C compiler identification is GNU 12.2.0
-- The CXX compiler identification is GNU 12.2.0
-- The ASM compiler identification is GNU
-- Found assembler: C:/ncs/toolchains/cf2149caf2/opt/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-gcc.exe
MCUBoot bootloader key file: C:/ncs/v2.5.2/bootloader/mcuboot/root-rsa-2048.pem
-- Configuring done
-- Generating done
-- Build files have been written to: C:/Users/Admin/BLE/BLE/Firmwares/Firmware_4/build_2/mcuboot
=== child image mcuboot - end ===

CMake Warning at C:/ncs/v2.5.2/nrf/modules/mcuboot/CMakeLists.txt:320 (message):

---------------------------------------------------------
--- WARNING: Using default MCUBoot key, it should not ---
--- be used for production. ---
---------------------------------------------------------

CMake Warning at C:/ncs/v2.5.2/nrf/cmake/partition_manager.cmake:79 (message):

---------------------------------------------------------------------
--- WARNING: Using a bootloader without pm_static.yml. ---
--- There are cases where a deployed product can consist of ---
--- multiple images, and only a subset of these images can be ---
--- upgraded through a firmware update mechanism. In such cases, ---
--- the upgradable images must have partitions that are static ---
--- and are matching the partition map used by the bootloader ---
--- programmed onto the device. ---
---------------------------------------------------------------------

Call Stack (most recent call first):
C:/ncs/v2.5.2/zephyr/cmake/modules/kernel.cmake:247 (include)
C:/ncs/v2.5.2/zephyr/cmake/modules/zephyr_default.cmake:138 (include)
C:/ncs/v2.5.2/zephyr/share/zephyr-package/cmake/ZephyrConfig.cmake:66 (include)
C:/ncs/v2.5.2/zephyr/share/zephyr-package/cmake/ZephyrConfig.cmake:92 (include_boilerplate)
CMakeLists.txt:11 (find_package)

Parents
  • 0

    Hello,

    When generating keys using imgtool, the process typically involves creating a key pair, which includes a private key and a corresponding public key. For example, see the screenshot below:

    I have generated a private key named abhi_priv.pem and then extracted the corresponding public key using getpub. The screenshot below displays the generated public key derived from my private key. Additionally, if you open the private key file, you will see that it is labeled as a private key

    The public key has been converted into a .c file format for integration into the bootloader. You can follow the steps outlined here to complete the process

    Kind Regards,

    Abhijith

  • 0 in reply to Menon

    Thank you so much!

    As per my understanding, the bootloader use the Public Key to verify that the firmware image is signed with the Private Key. 

    Can you elaborate this process of integrating the public key into bootloader and other settings required for verification?

  • 0 in reply to Patil

    Hello,

    Patil said:
    As per my understanding, the bootloader use the Public Key to verify that the firmware image is signed with the Private Key. 

    Yes, that's correct.

    I recommend following the guide I pointed to in order to complete the process. If you encounter any issues along the way, please let me know, and I’d be happy to assist you.

    Kind regards,

    Abhijith

  • 0 in reply to Menon

    Shall I need to integrate the public key into this file "C:\ncs\v2.5.2\bootloader\mcuboot\boot\zephyr\keys.c" ?

Reply Children
No Data
Related