Secure DFU serial bootloader

Hi,

So to be clear, the update package should be generated using the private key, and the bootloader is made using the corresponding public key.

While I am not familiar with HxD, the data should be sent in the same order it appears in the .dat file, which I presume is the same as what is displayed in any hex editor. (I.e. endianness is kept as written to file by nrfutil when generating the dfu package. / The binary data files in the zip are to be treated as a stream of bytes.)

In order to check that everything is OK with the generated .dat file for the particular firmware and key pair, have you done a test of the serial DFU using nrfutil as the DFU controller (host)? (Full description in the Secure DFU Bootloader over Serial Link (UART/USB) example documentation.)

You can have a look at the contents of the package with "nrfutil pkg display <name of zip file>", e.g. "nrfutil pkg display my_dfu_package.zip", to check if everything seems to be in order.

For a reference implementation you can have a look at the nrfutil source.

Regards,
Terje

Hi,

I made a mistake on my side, the size of the Tx buffer was exact the same size as the expected MTU, I forgot to allocate a byte for the opcode.

Therefore the signature failed everytime after uploading the init packet

Regards,

Erwin

Hi,

I made a mistake on my side, the size of the Tx buffer was exact the same size as the expected MTU, I forgot to allocate a byte for the opcode.

Therefore the signature failed everytime after uploading the init packet

Regards,

Erwin