This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Unsecure bootloader

Is there an unsecure version of the bootloader? I'm looking for something that will take anything as an upgrade.

I figure if I'm stuck in the bootloader anything is better than nothing.

Parents
  • Hi Jordan,

    we have two different bootloader architectures; the Legacy bootloader (SDK v11.0.0 and older), and the Secure bootloader (SDK v12.x.0). The Legacy bootloader will accept any firmware image, while the the secure bootloader uses a private-public key pair to sign and verify that the firmware image is from a trusted source. The private key is used to sign the firmware image and the public key is stored in the bootloader and used to verify that the firmware image was signed by the corresponding private key.

    Both bootloaders uses dual bank updates, i.e. the old application is not erased until the new application firmware image has been received and its integrity checked. However, if for some reason you end up in bootloader mode without a valid application, then you have to perform another DFU. At this point the only difference between the Legacy and the Secure bootloader is that the Secure bootloader requires a signed image and the legacy does not.

    From a security perspective I would say that anything is not better than nothing, since anyone, e.g. an attacker may upload malicious firmware to your device.

    Note: No further development will be done on the Legacy bootloader.

    Best regards

    Bjørn

Reply
  • Hi Jordan,

    we have two different bootloader architectures; the Legacy bootloader (SDK v11.0.0 and older), and the Secure bootloader (SDK v12.x.0). The Legacy bootloader will accept any firmware image, while the the secure bootloader uses a private-public key pair to sign and verify that the firmware image is from a trusted source. The private key is used to sign the firmware image and the public key is stored in the bootloader and used to verify that the firmware image was signed by the corresponding private key.

    Both bootloaders uses dual bank updates, i.e. the old application is not erased until the new application firmware image has been received and its integrity checked. However, if for some reason you end up in bootloader mode without a valid application, then you have to perform another DFU. At this point the only difference between the Legacy and the Secure bootloader is that the Secure bootloader requires a signed image and the legacy does not.

    From a security perspective I would say that anything is not better than nothing, since anyone, e.g. an attacker may upload malicious firmware to your device.

    Note: No further development will be done on the Legacy bootloader.

    Best regards

    Bjørn

Children
Related