• State Not Answered
  • Replies 3 replies
  • Subscribers 25 subscribers
  • Views 155 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 286428
Options

mcuboot signature validation

user106945

Hi, 

    I am working on DFU-OTA example on BLE. my doubt here is once  the controller copied the image into slot1 bootloader will immediately start to validate whether the image is valid or not. if it's valid then it will go for soft-reset. then control goes to mcuboot. Again mcuboot will check whether the swap is there or not, if yes then it goes for swap. after swap is done. again it will validate the image i.e. (integrity and security check). My doubt here is , earlier it is already validated after copying image. why again it is validating the same image. Kindly help in understanding this.

Parents Reply Children
  • 0 in reply to user106945

    Hi, 

    Sorry. I need to correct my answer after confirming with the team. 

    There is no pre-validation before the mcuboot gets triggered in NCS. Real validation of the image (integrity check, authentication, decryption) is up to the secure bootloader. We can't do anything about that right now, only the bootloader has full knowledge and access to private keys. It is up to the application to verify whether the allowed remote actor provides the image and requests the update.

    -Amanda

Related
Terms of service