• State Not Answered
  • Replies 3 replies
  • Subscribers 75 subscribers
  • Views 885 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 286428
Options

mcuboot signature validation

Shikamaru

Hi, 

    I am working on DFU-OTA example on BLE. my doubt here is once  the controller copied the image into slot1 bootloader will immediately start to validate whether the image is valid or not. if it's valid then it will go for soft-reset. then control goes to mcuboot. Again mcuboot will check whether the swap is there or not, if yes then it goes for swap. after swap is done. again it will validate the image i.e. (integrity and security check). My doubt here is , earlier it is already validated after copying image. why again it is validating the same image. Kindly help in understanding this.

Parents
  • 0

    thanks amanda,

                          In 1st validation , it will only check whether the dfu is triggered by the image or not . nothing else , all the security related things are done in booting phase by mcuboot. But how it is checking the triggering of the dfu in 1st validation part , that am not understanding can you please update on this. 

Reply
  • 0

    thanks amanda,

                          In 1st validation , it will only check whether the dfu is triggered by the image or not . nothing else , all the security related things are done in booting phase by mcuboot. But how it is checking the triggering of the dfu in 1st validation part , that am not understanding can you please update on this. 

Children
  • 0 in reply to Shikamaru

    Hi, 

    Sorry. I need to correct my answer after confirming with the team. 

    There is no pre-validation before the mcuboot gets triggered in NCS. Real validation of the image (integrity check, authentication, decryption) is up to the secure bootloader. We can't do anything about that right now, only the bootloader has full knowledge and access to private keys. It is up to the application to verify whether the allowed remote actor provides the image and requests the update.

    -Amanda

Related
Terms of service