• State Not Answered
  • Replies 6 replies
  • Subscribers 74 subscribers
  • Views 1654 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 252760
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Combined BL + APP + SD dfu image for OTA update.

dimitrois

Hi,

I get the error "[DFU] Remote DFU error: INVALID OBJECT. SD busy? Retrying...." when attempting a firmware update over Bluetooth.

The bootloader, application and the softdevice are already installed on the chip, so I am trying to test the bundled update.

BL + APP +SD is allowed, according to the SDK docs.

I have used the following command to generate the DFU package:

nrfutil pkg generate --hw-version 52 --bootloader-version 2 --bootloader boot_app.hex --application-version 3 --application app.hex --app-boot-validation VALIDATE_ECDSA_P256_SHA256 --sd-req 0xCA --sd-id 0xCA --softdevice s140.hex --sd-boot-validation VALIDATE_ECDSA_P256_SHA256 --key-file private.key full.zip

When all pieces are received (I use nrfConnect on the phone) - 43 in total, the above mentioned error occurs.

I think, I am missing something in the command, which generates the bundled package as the individual updates work fine.

I.e, I can update the bootloader, the application and the softdevice, when I update them one at a time (separate DFU package for each).

I am using secure bootloader example from SDK16 with softdevice s140 v7.0.1 on the nrf52833-DK.

Any help on the above would be appreciated as I am out of ideas at this stage.

Parents
  • 0

    Hello,

    I tested using SDK16 now, and the minimum required pkg including BL + SD + APP that you can use is the following:

    nrfutil pkg generate --application files\buttonless.hex --application-version 4 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 4 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full4.zip

    If you just replace the dfu_public_key.c and generate a private key named private.key in the same folder, you can test it using this .bat script and an nRF52840 DK (just replace the serial numbers to match your DKs).

    make -j9
make -j9 -C ..\..\..\..\ble_peripheral\ble_app_buttonless_dfu\pca10056\s140\armgcc

SET TEST_DK_SNR=111111111
SET CONNECTIVITY_DK_SNR=222222222

mkdir files

del files\buttonless.hex
copy ..\..\..\..\ble_peripheral\ble_app_buttonless_dfu\pca10056\s140\armgcc\_build\nrf52840_xxaa.hex files\buttonless.hex

nrfutil settings generate --family NRF52840 --application files\buttonless.hex --application-version 1 --bootloader-version 1 --bl-settings-version 1 --key-file ..\..\..\private.key files\bl_settings.hex


nrfjprog -e --snr %TEST_DK_SNR%
nrfjprog --program ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program _build\nrf52840_xxaa_s140.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program files\buttonless.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program files\bl_settings.hex --verify --snr %TEST_DK_SNR%
nrfjprog --reset --snr %TEST_DK_SNR%


nrfutil pkg generate --application files\buttonless.hex --application-version 2 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 2 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full2.zip
nrfutil pkg generate --application files\buttonless.hex --application-version 3 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 3 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full3.zip
nrfutil pkg generate --application files\buttonless.hex --application-version 4 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 4 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full4.zip

TIMEOUT 5

nrfutil dfu ble -pkg files\dfu_full2.zip -snr %CONNECTIVITY_DK_SNR% -ic NRF52 -n "Nordic_Buttonless" -f
TIMEOUT 5
nrfutil dfu ble -pkg files\dfu_full3.zip -snr %CONNECTIVITY_DK_SNR% COM17 -ic NRF52 -n "Nordic_Buttonless"
TIMEOUT 5
nrfutil dfu ble -pkg files\dfu_full4.zip -snr %CONNECTIVITY_DK_SNR% -ic NRF52 -n "Nordic_Buttonless"

    Save this as a .bat file and run it from the folder SDK16\examples\dfu\secure_bootloader\pca10056_s140_ble\armgcc.

    Did you intend to use the VALIDATE_ECDSA_P256 option? It is an option, but not strictly required for a secure bootloader. If you actually use it, did you set this up in the bootloader project?

    Best regards,

    Edvin

Reply
  • 0

    Hello,

    I tested using SDK16 now, and the minimum required pkg including BL + SD + APP that you can use is the following:

    nrfutil pkg generate --application files\buttonless.hex --application-version 4 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 4 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full4.zip

    If you just replace the dfu_public_key.c and generate a private key named private.key in the same folder, you can test it using this .bat script and an nRF52840 DK (just replace the serial numbers to match your DKs).

    make -j9
make -j9 -C ..\..\..\..\ble_peripheral\ble_app_buttonless_dfu\pca10056\s140\armgcc

SET TEST_DK_SNR=111111111
SET CONNECTIVITY_DK_SNR=222222222

mkdir files

del files\buttonless.hex
copy ..\..\..\..\ble_peripheral\ble_app_buttonless_dfu\pca10056\s140\armgcc\_build\nrf52840_xxaa.hex files\buttonless.hex

nrfutil settings generate --family NRF52840 --application files\buttonless.hex --application-version 1 --bootloader-version 1 --bl-settings-version 1 --key-file ..\..\..\private.key files\bl_settings.hex


nrfjprog -e --snr %TEST_DK_SNR%
nrfjprog --program ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program _build\nrf52840_xxaa_s140.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program files\buttonless.hex --verify --snr %TEST_DK_SNR%
nrfjprog --program files\bl_settings.hex --verify --snr %TEST_DK_SNR%
nrfjprog --reset --snr %TEST_DK_SNR%


nrfutil pkg generate --application files\buttonless.hex --application-version 2 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 2 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full2.zip
nrfutil pkg generate --application files\buttonless.hex --application-version 3 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 3 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full3.zip
nrfutil pkg generate --application files\buttonless.hex --application-version 4 --bootloader _build\nrf52840_xxaa_s140.hex --bootloader-version 4 --hw-version 52 --sd-req 0xCA --sd-id 0xCA --softdevice ..\..\..\..\..\components\softdevice\s140\hex\s140_nrf52_7.0.1_softdevice.hex --key-file ..\..\..\private.key files\dfu_full4.zip

TIMEOUT 5

nrfutil dfu ble -pkg files\dfu_full2.zip -snr %CONNECTIVITY_DK_SNR% -ic NRF52 -n "Nordic_Buttonless" -f
TIMEOUT 5
nrfutil dfu ble -pkg files\dfu_full3.zip -snr %CONNECTIVITY_DK_SNR% COM17 -ic NRF52 -n "Nordic_Buttonless"
TIMEOUT 5
nrfutil dfu ble -pkg files\dfu_full4.zip -snr %CONNECTIVITY_DK_SNR% -ic NRF52 -n "Nordic_Buttonless"

    Save this as a .bat file and run it from the folder SDK16\examples\dfu\secure_bootloader\pca10056_s140_ble\armgcc.

    Did you intend to use the VALIDATE_ECDSA_P256 option? It is an option, but not strictly required for a secure bootloader. If you actually use it, did you set this up in the bootloader project?

    Best regards,

    Edvin

Children
  • 0 in reply to Edvin

    Hi,

    Thank you for your reply.

    As suggested, I have generated the package without the --app-boot-validation VALIDATE_ECDSA_P256_SHA256 

    and --sd-boot-validation VALIDATE_ECDSA_P256_SHA256 parameters. The update works as it should this way - I have changed advertising names in the bootloader and the application to test.

    We do intend to use the VALIDATE_ECDSA_P256 option.

    Could you advise how configure this option? Is this done in the sdk_config.h file of the project?

    There is an empty section related to DFU validation:

    // <h> nRF_DFU

    //==========================================================
    // <h> DFU security - nrf_dfu_validation - DFU validation

    //==========================================================

    Is this where the validation type needs to be defined or are there any other changes necessary?

    Thanks.

     

  • 0 in reply to Edvin

    In addition to the above, I think I now understand why the package with --sd-boot-validation and --app-boot-validation fails to update. The Nordic documentation says:  "If you include both a bootloader and a SoftDevice in your firmware package, those two images will be merged together." Thus, there is no separate image for the softdevice in the package and when I try to update, DFU looks for that softdevice image in the package. Hence why "INVALID OBJECT" error. When i use the package, created with --app-boot-validation only, the update works fine.

    I'm still not sure about how/where to enable the VALIDATE_ECDSA_P256 option, so any help on that will be much appreciated.

  • 0 in reply to dimitrois

    I believe it is the sdk_config.h file for the bootloader that decides whether the bootloader does this, and hence expects it in the DFU image. Try setting NRF_BL_APP_SIGNATURE_CHECK_REQUIRED to 1 in sdk_config.h in your bootloader project. I have not tested this, but we are very short staffed due to summer holidays in Norway, and it takes a bit of time to set up a bootloader, and perform the test. If you have the bootloader up and running, can you try to set this to 1? From the source code, it looks like this should do the trick:

    static bool app_is_valid(bool do_crc)
{
    if (s_dfu_settings.bank_0.bank_code != NRF_DFU_BANK_VALID_APP)
    {
        NRF_LOG_INFO("Boot validation failed. No valid app to boot.");
        return false;
    }
    else if (NRF_BL_APP_SIGNATURE_CHECK_REQUIRED &&
        (s_dfu_settings.boot_validation_app.type != VALIDATE_ECDSA_P256_SHA256))
    {
        NRF_LOG_WARNING("Boot validation failed. The boot validation of the app must be a signature check.");
        return false;
    }
    else if (SD_PRESENT && !boot_validate(&s_dfu_settings.boot_validation_softdevice, MBR_SIZE, s_dfu_settings.sd_size, do_crc))
    {
        NRF_LOG_WARNING("Boot validation failed. SoftDevice is present but invalid.");
        return false;
    }
    else if (!boot_validate(&s_dfu_settings.boot_validation_app, nrf_dfu_bank0_start_addr(), s_dfu_settings.bank_0.image_size, do_crc))
    {
        NRF_LOG_WARNING("Boot validation failed. App is invalid.");
        return false;
    }
    // The bootloader itself is not checked, since a self-check of this kind gives little to no benefit
    // compared to the cost incurred on each bootup.

    NRF_LOG_DEBUG("App is valid");
    return true;
}

  • 0 in reply to Edvin

    I had set NRF_BL_APP_SIGNATURE_CHECK_REQUIRED 1 from the start. The validation works - package signed with different key is rejected. All updates also work fine. Thanks for your help.

  • 0 in reply to dimitrois

    Glad to hear! Thank you for sharing the progress. Then I know for future cases that this is required to use the boot validation Slight smile

    Best regards,

    Edvin

Related
Terms of service