• State Verified Answer
  • +1 person also asked this people also asked this
  • Replies 20 replies
  • Subscribers 64 subscribers
  • Views 9677 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 122374
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

DFU firmware encryption

Jonathan

Hi,

I would like to implement DFU with firmware encryption. I'm aware this isn't present in SDK 12 and would like to modify the secured bootloader to implement it.

As far as I understand, a DFU package is a zip file containing a manifest, and sets of 2 files, a .dat and a .bin . Is it right that the .bin is pure image, and .dat is the header/init packet?

My plan was to encrypt the .bin file, then, in the DFU bootloader, decrypt just before writing to flash. Does this sound like a good approach?

Thanks for your help!

Parents Reply
  • 0 in reply to Hung Bui

    CRC is calculated and checked after each object is received. Have a look here. You can consider to check CRC for the encrypted packet instead of decrypted packet. This is to ensure the object is received properly over the air. Also, doing this you don't have to modify the bootloader on that part.

    You can use the hash of the decrypted image to do the final validation of the image integrity.

Children
No Data
Related