Does NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS enforce a preexisting bond when in bootloader mode?

Question

I'm implementing an application which uses the Secure bootloader with bonds. What happens if I create a bond to a device in application mode and then switch to bootloader mode and an attacker manages to connect first to the device in bootloader mode. Can the attacker by default just create a new bond with the bootloader in the example project? Or can only prebonded devices connect to the DfuTarg?

tesc · Accepted Answer

Hi, 
 There is a define in the DFU bootloader for this, NRF_DFU_BLE_REQUIRES_BONDS . Bonds can only be created in the main application, and the bootloader will only accept the bond of the device that triggered buttonless DFU. (I.e. even other bonded devices cannot perform DFU.) 
 Note that in the buttonless DFU application NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS must be true for sharing the necessary bonding data with the bootloader. 
 Regards, Terje

Does NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS enforce a preexisting bond when in bootloader mode?

Top Replies

core_v2_widget.Hide()