nRF52 error during DFU process

Hi Mehdi,

The secure bootloader always prevents the device from being programmed with an unauthorized firmware image. A firmware image that does not correspond to the signature will never be installed. All you have to do is to use the bootloader from SDK 15 as is. Please refer to the Validation section in the bootloader documentation.

You can refer to the BLE Secure DFU Bootloader exmaple. It can be combined with the Buttonless DFU Template Application. (There is also a bootloader example which does not use signature verification in the SDK, the Open Bootloader with DFU.)

Best regards,

Einar

Hi Einar,

In my case I'm testing with secure bootloader of the SDK14 and the program is still installed despite, the '.ZIP' package is generated with a wrong private key (I modified the '.pem' file). 

Best Regards,

Mehdi

Hi Einar,

In my case I'm testing with secure bootloader of the SDK14 and the program is still installed despite, the '.ZIP' package is generated with a wrong private key (I modified the '.pem' file). 

Best Regards,

Mehdi

Hi Mehdi,

I have not seen any reports of this issue before, and this kind of attacks are part of our release testing, so it seems a bit odd. Have you modified the bootloader in any way? If so, what have you modified exactly? Can you explain in detail how you have tested, both how you built the .zip package with the incorrect private key, how you upgraded and how you verified that the application with the incorrect key was flashed? It would also be very useful with a RTT debug log transcript from the bootloader.

Hi Einar,

Thank you for your quick reply.

Exactly, I made modification on the sdk_config that produce this issue.

By the way, I'm using DFU without bonds , but i enabled previously the NRF_DFU_BLE_REQUIRES_BONDS.

After disabling the bonds requirement at the level of the bootloader, the program is installed only with the correct private key.

Best regards,

Mehdi

Hi,

Regarding the issue where you say that an upgrade image signed with the wrong public key: Can you elaborate exactly which changed you have done? Preferably providing diffs that show all modifications, or upload your project so that I can reproduce on my side? The reason I ask this is that I am unable to understand how this could happen and would very much like to see if it is reproducible.

Hi Einar,

The picture bellow, shows the only diff that i made in the SDK_Config.h of the bootloader_secure_dfu provided on the SDK 14 to produce this issue:

Note : I'm using the pca10040.

Best regards,

Mehdi.

I see. This change will not allow you to upgrade using an image with an invalid/wrong signature. Can you double (and triple) check that you actually used a private key which did not match the public key? And if you did, can you trippel check that you actually successfully upgraded the device (I suggest using a firmware which blinks a different LED, advertise with a different name or similar so that you can actually verify this from the outside).