• State Not Answered
  • Replies 12 replies
  • Subscribers 74 subscribers
  • Views 2176 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 280172
Options

preload files to 9160?

Loren Rogers

Hello,

I'm working on an application that will use the nrf9160/nrf52.  I will need to make https REST calls where I will populate the http header with username/password credentials.  It's a huge security hole for me to hardcode those credentials AND we want to make it per-device specific (there will be many devices manufactured using the nrf91/nrf52 SoC.  So it would be ideal to preload some configuration file or something of the like which will represent the credentials to be accessed by the application that will be flashed after.  Also the production device will have no outside USB connection and the flash will be programmed using "pads".  Is there a way to send down something in some format to somewhere PRIOR to flashing the application?

Thanks

/Loren

  • 0 in reply to Loren Rogers

    I believe I asnwered #1.  I modified the nrf9160dk_nrf9160_ns.overlay file.  This is my new Zephyr.dts flash:

    				flash0: flash@0 {
					compatible = "soc-nv-flash";
					label = "NRF_FLASH";
					erase-block-size = < 0x1000 >;
					write-block-size = < 0x4 >;
					reg = < 0x0 0x100000 >;
					partitions {
						compatible = "fixed-partitions";
						#address-cells = < 0x1 >;
						#size-cells = < 0x1 >;
						boot_partition: partition@0 {
							label = "mcuboot";
							reg = < 0x0 0x10000 >;
						};
						slot0_partition: partition@10000 {
							label = "image-0";
							reg = < 0x10000 0x38000 >;
						};
						slot0_ns_partition: partition@48000 {
							label = "image-0-nonsecure";
							reg = < 0x48000 0x28000 >;
						};
						slot1_partition: partition@76000 {
							label = "image-1";
							reg = < 0x76000 0x40000 >;
						};
						slot1_ns_partition: partition@b6000 {
							label = "image-1-nonsecure";
							reg = < 0xb6000 0x3a000 >;
						};
						scratch_partition: partition@f0000 {
							label = "image-scratch";
							reg = < 0xf0000 0xa000 >;
						};
						storage_partition: partition@fa000 {
							label = "storage";
							reg = < 0xfa000 0x6000 >;
						};
					};
				};

  • 0 in reply to Loren Rogers

    Hi

    1. I believe this earlier answer from Didrik covers this pretty well. Essentially you can copy the partitions.yml file from your build folder, put it in your main project folder (next to the CMakeLists.txt file), rename it to pm_static.yml, and make the changes to the partitions as you like.

    2. You have to figure out how much room you need for the secure and non secure partitions respectively. If you use the standard sample I believe 32kB should be sufficient for the secure slot, and the rest you can assign to the non secure slot which will be used by your application. 

    One important point is that you need to make sure the two secure partisions (slot0_partition and slot1_partition) are the same size, and the same for slot0_ns_partition and slot1_ns_partition. 

    3. The most important aspect is that no other partitions cover this area, and start filling it with data. The most safe way to do this is to put another partition there using the pm_static.yml file that I mentioned earlier. 

    4. I would suggest putting this partition either just before or just after the storage_partition. 

    Best regards
    Torbjørn

Related
Terms of service