David Saul
R1 code for micro:bit based train controller code, requires second micro:bit running rx code to operate - see https://meanderingpi.wordpress.com/ for more information
Fork of
nrf51-sdk
by 
Lancaster University
Template file with an DFU init packet handling example.
[Device Firmware Update API.]
This file contains a template on how to implement DFU init packet handling. More...
Functions | |
| uint32_t | dfu_init_prevalidate (uint8_t *p_init_data, uint32_t init_data_len) |
| DFU prevalidate call for pre-checking the received init packet. | |
| uint32_t | dfu_init_postvalidate (uint8_t *p_image, uint32_t image_len) |
| DFU postvalidate call for post-checking the received image using the init packet. | |
Detailed Description
This file contains a template on how to implement DFU init packet handling.
The template shows how device type and revision can be used for a safety check of the received image. It shows how validation can be performed in two stages:
- Stage 1: Pre-check of firmware image before transfer to ensure the firmware matches:
- Device Type.
- Device Revision. Installed SoftDevice. This template can be extended with additional checks according to needs. For example, such a check could be the origin of the image (trusted source) based on a signature scheme.
- Stage 2: Post-check of the image after image transfer but before installing firmware. For example, such a check could be an integrity check in form of hashing or verification of a signature. In this template, a simple CRC check is carried out. The CRC check can be replaced with other mechanisms, like signing.
- Note:
- This module does not support security features such as image signing, but the implementation allows for such extension. If the init packet is signed by a trusted source, it must be decrypted before it can be processed.
Function Documentation
| uint32_t dfu_init_postvalidate | ( | uint8_t * | p_image, |
| uint32_t | image_len | ||
| ) |
DFU postvalidate call for post-checking the received image using the init packet.
Post-validation can verify the integrity check the firmware image received before activating the image. Checks performed can be:
- A simple CRC as shown in the corresponding implementation of this API in the file dfu_init_template.c
- A hash for better verification of the image.
- A signature to ensure the image originates from a trusted source. Checks are intended to be expanded for customer-specific requirements.
- Parameters:
-
[in] p_image Pointer to the received image. The init data provided in the call dfu_init_prevalidate will be used for validating the image. [in] image_len Length of the image data.
- Return values:
-
NRF_SUCCESS If the post-validation succeeded, that meant the integrity of the image has been verified and the image originates from a trusted source (signing). NRF_ERROR_INVALID_DATA If the post-validation failed, that meant the post check of the image failed such as the CRC is not matching the image transfered or the verification of the image fails (signing).
Definition at line 152 of file dfu_init_template.c.
| uint32_t dfu_init_prevalidate | ( | uint8_t * | p_init_data, |
| uint32_t | init_data_len | ||
| ) |
DFU prevalidate call for pre-checking the received init packet.
Pre-validation will safety check the firmware image to be transfered in second stage. The function currently checks the device type, device revision, application firmware version, and supported SoftDevices. More checks should be added according to customer-specific requirements.
- Parameters:
-
[in] p_init_data Pointer to the init packet. If the init packet is encrypted or signed, it must first be decrypted before being checked. [in] init_data_len Length of the init data.
- Return values:
-
NRF_SUCCESS If the pre-validation succeeded, that means the image is supported by the device and it is considered to come from a trusted source (signing). NRF_ERROR_INVALID_DATA If the pre-validation failed, that means the image is not supported by the device or comes from an un-trusted source (signing). NRF_ERROR_INVALID_LENGTH If the size of the init packet is not within the limits of the init packet handler.
[DFU init application version]
[DFU init application version]
Definition at line 77 of file dfu_init_template.c.
Generated on Tue Jul 12 2022 19:00:13 by
1.7.2