• State Not Answered
  • Locked Locked
  • Replies 32 replies
  • Subscribers 73 subscribers
  • Views 7732 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 118756
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to provide authorization of app before connection?

Newbie

Hello, I am using secure_dfu_secure_dfu_ble_s132_pca10040 project. Now I want that the user who has specific key can only access the nrf my device and then can send the zip package for dfu. How should I implement this? I am using nrf52 amd sdk12. I am able to transfer zip package using nrf toolbox.

The file is nrf_ble_dfu.txt

Modified code is code.txt

Ble_gap.h ble_gap.txt

Parents
  • 0

    Could you describe a little bit more ? On how you want to limit the user to access your device ?

    When you generate the .zip package there is already a private key used to create the signature. This signature will guarantee the integrity and the origin source of the .zip is from you.

    I assume here you want to limit the person that can do DFU to the device even though it's a legit .zip package.

    For that purpose, I think you can implement one more security level on top of what we have now. It could be as simply as a "password" the app needs to write to the bootloader to enable DFU mode, or could be more complex mechanism of your choice.

Reply
  • 0

    Could you describe a little bit more ? On how you want to limit the user to access your device ?

    When you generate the .zip package there is already a private key used to create the signature. This signature will guarantee the integrity and the origin source of the .zip is from you.

    I assume here you want to limit the person that can do DFU to the device even though it's a legit .zip package.

    For that purpose, I think you can implement one more security level on top of what we have now. It could be as simply as a "password" the app needs to write to the bootloader to enable DFU mode, or could be more complex mechanism of your choice.

Children
No Data
Related
Terms of service