• State Not Answered
  • Replies 3 replies
  • Subscribers 73 subscribers
  • Views 1207 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 249140
Options
Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Using Debug Bootloader with Generated Public Key

Akash Patel

Hi team,

I am working on SDK v16.0.0 and using the nRF52840 DK. I generated a new private key public key pair using nrfutil and used that to generate dfu_public_key.c to replace the default one in the SDK. However, when I build the secure ble bootloader debug project (e.g. nRF5_SDK_16.0.0_98a08e2\examples\dfu\secure_bootloader\pca10056_s140_ble_debug) it is still using the default key even though the linked dfu_public_key.c file is the one that I had generated. Is there a way to get the debug bootloader to use my generated key?

I noticed in the non-debug version of the example, it is using my key and I can then do a DFU of signed images with my private key. With debug version of the example, it is only taking the test images provided in the SDK (nRF5_SDK_16.0.0_98a08e2\examples\dfu\secure_dfu_test_images\ble\nrf52840)

Also, can you help me understand what the differences are between the debug and non-debug versions of the project? It looks like logging over RTT is enabled in the debug project. Anything else?

Sincerely,

Akash

Parents
  • 0

    Hi Akash,

    It should be enough to just replace the existing key in dfu_public_key.c. The linker should also have complained if there were multiple definitions of the "pk[64]" array. 

    I noticed in the non-debug version of the example, it is using my key and I can then do a DFU of signed images with my private key. With debug version of the example, it is only taking the test images provided in the SDK (nRF5_SDK_16.0.0_98a08e2\examples\dfu\secure_dfu_test_images\ble\nrf52840)

     Please double check that your key is used in dfu_public_key.c regardless of the NRF_DFU_DEBUG_VERSION symbol.

    Also, can you help me understand what the differences are between the debug and non-debug versions of the project? It looks like logging over RTT is enabled in the debug project. Anything else?

     Logging is the main one. It also allows you to skip certain validation checks to make it easier to work with during development. 

    Regards,

    Vidar 

  • 0 in reply to Vidar Berg

    Hi Vidar,

    Thanks for the confirmation, I had tried to build the project several times yesterday but it wouldn't take my generated public key. I did a rebuild of the project and it works now.

    Vidar Berg said:
    It also allows you to skip certain validation checks to make it easier to work with during development. 

    Do you know which validation checks?

    Regards,

    Akash Patel

  • 0 in reply to Akash Patel

    Good to hear that it works now. The debug variant allows you to skip version checks and ignore CRC errors during boot validation. This more relaxed validation check is enabled by building the example with the NRF_DFU_DEBUG_VERSION flag. The init packet must also be generated with the debug mode option enabled in nrfutil.

Reply Children
No Data
Related
Terms of service