• State Verified Answer
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 75 subscribers
  • Views 2280 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 263373
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to validate signature check requirements

RMV

I am trying to create a test case for in house validation and would like to know how to do so.


Here is what I want to do:

  1. I want to create a boot loader that checks the signature of the application every time the device boots up.
  2. I want to combine the SoftDevice, the boot loader, the boot loader settings and the application into a single HEX file
  3. (IMPORTANT) I want to download this package to the device using a 'SWD debug port' -- not by any generic DFU workflows.
  4. Then I want to power cycle and reboot the device and ensure that I can FORCE the device to FAIL the boot up validation by using a 'WRONG' key somewhere in the process that leads to the generation of the single HEX file in (2) above.

My SoC is the nRF52832_xxAA, and I am using SDK version 16.0.0, SoftDevice 132 version 7.0.1

Can this be done, and if so, how?

Cheers

RMV

Parents
  • 0

    Hi RMV,

    Can this be done, and if so, how?

    Yes, this is all supported out of the box.

    I want to create a boot loader that checks the signature of the application every time the device boots up.

    This is supported by the nRF5 SDK bootloader. By default it will only check a CRC of the application, but you can require a signature check by setting NRF_BL_APP_SIGNATURE_CHECK_REQUIRED to 1 in the bootloader's sdk_config.h.

    I want to combine the SoftDevice, the boot loader, the boot loader settings and the application into a single HEX file

    That is no problem. You can merge all these to a single hex using the mergehex tool which is part of nRF Command Line Tools.

    (IMPORTANT) I want to download this package to the device using a 'SWD debug port' -- not by any generic DFU workflows.

    No problem. As long as your merged hex file includes a bootloader settings page, the app will start and everything will work after programming via SWD. Note that you need to specify here as well that there should be a signature verification, so that the correct signature is part of the generated settings page.

    Then I want to power cycle and reboot the device and ensure that I can FORCE the device to FAIL the boot up validation by using a 'WRONG' key somewhere in the process that leads to the generation of the single HEX file in (2) above.

    To do this, just supply a dummy hex file instead of the correct hex file when generating the bootloader settings page. Then the signature will not be valid for the actual hex file, and the bootloader will not start the application.

    Einar

Reply
  • 0

    Hi RMV,

    Can this be done, and if so, how?

    Yes, this is all supported out of the box.

    I want to create a boot loader that checks the signature of the application every time the device boots up.

    This is supported by the nRF5 SDK bootloader. By default it will only check a CRC of the application, but you can require a signature check by setting NRF_BL_APP_SIGNATURE_CHECK_REQUIRED to 1 in the bootloader's sdk_config.h.

    I want to combine the SoftDevice, the boot loader, the boot loader settings and the application into a single HEX file

    That is no problem. You can merge all these to a single hex using the mergehex tool which is part of nRF Command Line Tools.

    (IMPORTANT) I want to download this package to the device using a 'SWD debug port' -- not by any generic DFU workflows.

    No problem. As long as your merged hex file includes a bootloader settings page, the app will start and everything will work after programming via SWD. Note that you need to specify here as well that there should be a signature verification, so that the correct signature is part of the generated settings page.

    Then I want to power cycle and reboot the device and ensure that I can FORCE the device to FAIL the boot up validation by using a 'WRONG' key somewhere in the process that leads to the generation of the single HEX file in (2) above.

    To do this, just supply a dummy hex file instead of the correct hex file when generating the bootloader settings page. Then the signature will not be valid for the actual hex file, and the bootloader will not start the application.

    Einar

Children
No Data
Related
Terms of service