• State Verified Answer
  • Replies 3 replies
  • Subscribers 73 subscribers
  • Views 3113 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 116293
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Can’t make bootloader_secure example to pass signature check

Konstantin

Hi, I’m trying to use new SKD 12 secured bootloader but can’t pass signature check in dfu_req_handling.c\dfu_handle_prevalidate() (code after switch case DFU_SIGNATURE_TYPE_ECDSA_P256_SHA256 ). Function nrf_crypto_verify() returns 0.

The things I’ve done before:

nrfutil keys generate xxx.pem

nrfutil keys display --key pk --format code xxx.pem --out_file dfu_public_key.c

nrfutil pkg generate --hw-version 52 --sd-req 0x8c --application-version 4 --application some_nrf_project.hex --key-file xxx.pem app_dfu_package.zip

Include resulted dfu_public_key.c in BL project.

Include uecc.c from github.com/.../micro-ecc in BL project instead of using precompiled library.

I used latest NRF Tools for Android to download app_dfu_package.zip with no result. In debugger I found the fail point at nrf_crypto_verify(). I reproduce all important code of dfu_handle_prevalidate() in shorted form for clearer explanation:

uint32_t check_debug(void)
{
// .dat file contain in distributive zip
	uint8_t init_data[] = {
0x12, 0x84, 0x01, 0x0A, 0x3E, 0x08, 0x01, 0x12, 0x3A, 0x08, 0x04, 0x10, 0x34, 0x1A, 0x02, 0x8C,
0x01, 0x20, 0x00, 0x28, 0x00, 0x30, 0x00, 0x38, 0xF8, 0x9E, 0x03, 0x42, 0x24, 0x08, 0x03, 0x12,
0x20, 0x50, 0xA7, 0x62, 0x8C, 0x89, 0x33, 0xE3, 0xD8, 0x14, 0x67, 0xB8, 0x24, 0xB1, 0xA9, 0x7D,
0x0D, 0x8B, 0x51, 0x65, 0xCA, 0x3F, 0x36, 0x42, 0x68, 0xDD, 0x08, 0x66, 0x6A, 0x88, 0x6F, 0xB9,
0x0E, 0x48, 0x00, 0x10, 0x00, 0x1A, 0x40, 0xF2, 0x79, 0xB5, 0xC0, 0xBC, 0x39, 0x97, 0xA4, 0xFA,
0x67, 0x83, 0xA0, 0x3A, 0x28, 0xE2, 0x4D, 0x6E, 0x87, 0x5C, 0x0C, 0xC4, 0x12, 0xF7, 0xFE, 0xCA,
0xE6, 0x75, 0xB9, 0x2A, 0x28, 0xC0, 0xCB, 0xCE, 0x20, 0xDF, 0x85, 0x0F, 0x83, 0x7C, 0x03, 0xE6,
0x7B, 0x01, 0x4D, 0x0C, 0xF1, 0x9E, 0x96, 0xC8, 0xF7, 0xAC, 0xDB, 0x46, 0x6B, 0x80, 0x74, 0x48,
0xE9, 0x7E, 0xD5, 0x52, 0x41, 0x9D, 0xFB
	};
	
uint32_t err_code;
uint8_t *p_init_cmd = init_data+9; // data shift I took from debugger
uint8_t init_cmd_len = 58; // from debugger

hash_data.p_le_data = &hash[0];
hash_data.len = sizeof(hash);

err_code = nrf_crypto_hash_compute(NRF_CRYPTO_HASH_ALG_SHA256, p_init_cmd, init_cmd_len, &hash_data);
if (err_code != NRF_SUCCESS) return NRF_DFU_RES_CODE_OPERATION_FAILED;
memcpy(&sig[0], init_data+0x47, 64); // data shift I took from debugger
crypto_sig.p_le_data = sig;
crypto_sig.len = 64;
// calculate the signature
err_code = nrf_crypto_verify(NRF_CRYPTO_CURVE_SECP256R1, &crypto_key_pk, &hash_data, &crypto_sig);
if (err_code != NRF_SUCCESS)
{
	return NRF_DFU_RES_CODE_INVALID_OBJECT; // I’m here :(
}
}

Have you any idea what I did wrong?

Parents Reply Children
No Data
Related
Terms of service