• State Not Answered
  • Replies 3 replies
  • Subscribers 89 subscribers
  • Views 784 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 268639
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

DFU BLE Service B

oaketi

I'm new to using micro controllers and for a project i have the nRF52 controller and i am trying to perform an OTA FW update using web bluetooth. When i connect to the board and try to use the DFU BLE service UUID i get an error that its blacklisted. Upon looking into it, i saw that it happened becaause its a legacy non-signed service.

the nRF52 SDK v17 has a new UUID for the BLE service but my board isn't broadcasting that. My question is how to i broadcast that new service 0xFE59? so i can perform the FW update.

Parents
  • 0

    Ok, so it's the configuration of Web Bluetooth to block the Legacy DFU UUID to avoid the device being updated with malicious web page. This is because the Legacy DFU protocol doesn't have data signing protection to verify that the image is from a trusted source. 

    I assume you are using the bootloader from SDK v11 and above ? 

    If you can update the bootloader (and the application ) to SDK v17 I would suggest to do so. If it's not possible to update the application and bootloader to SDK v17, you can think of modifying the Legacy DFU UUID to something else. You can generate a random 128 bit UUID for this purpose. But note that as mentioned in the documentation  you would risk the device being updated by attacker without any verification of the image. 

Reply
  • 0

    Ok, so it's the configuration of Web Bluetooth to block the Legacy DFU UUID to avoid the device being updated with malicious web page. This is because the Legacy DFU protocol doesn't have data signing protection to verify that the image is from a trusted source. 

    I assume you are using the bootloader from SDK v11 and above ? 

    If you can update the bootloader (and the application ) to SDK v17 I would suggest to do so. If it's not possible to update the application and bootloader to SDK v17, you can think of modifying the Legacy DFU UUID to something else. You can generate a random 128 bit UUID for this purpose. But note that as mentioned in the documentation  you would risk the device being updated by attacker without any verification of the image. 

Children
No Data
Related