Secure DFU signature check wrong

RE: Secure DFU signature check wrong

nevi — Fri, 17 Apr 2020 06:22:04 GMT

I figured out the problem. When I modified some bytes in the private.key file, I actually did not modify the private key itself, just some other fields in the PEM file. I check this with nrfutil keys display --key sk --format hex private.key command. And the 256 bit keys are the same even though the private.key files are different.

And I found the reason why the bootloader able to decide the app firmware validity without all of the firmware data. It checks the signature that received in the first packet (init). And during the post validation it checks the calculated hash against the hash received in the init packet.

RE: Secure DFU signature check wrong

nevi — Thu, 16 Apr 2020 14:07:04 GMT

devzone.nordicsemi.com/.../3527.bootloader.zip

I tried this bootloader with the app packed with this command:

Correct key:

nrfutil pkg generate --hw-version 52 --application-version 1 --application build\nrf52832_xxaa.hex --sd-req 0xB7 --key-file dfu\private.key dfu\app_dfu_package.zip

Wrong key:

nrfutil pkg generate --hw-version 52 --application-version 1 --application build\nrf52832_xxaa.hex --sd-req 0xB7 --key-file dfu\private_wrong.key dfu\app_dfu_package_wrong.zip

And the bootloader accept both of them.

RE: Secure DFU signature check wrong

Einar Thorsrud — Thu, 16 Apr 2020 13:28:44 GMT

Hi,

This seems odd. Could it be that by accident you modified another copy of the private key than what is actually being used (just a guess)? If not, can you upload the original and modified private key here along with detailed instructions so that I can attempt to reproduce on my side? (use a test key that you do not need to keep secret).