nrf52_secure_bootloader

Building and setting up the nrf52 secure boot-loader is a bit tricky. here is a set of directions to making the secure dfu boot-loader. Go straight to step 5 if you already have a working boot-loader.

1- git clone, or unzip this to nRF_SDK external folder

https://github.com/kmackay/micro-ecc

2- Run make in nRF5_SDK\external\micro-ecc\nrf52_armgcc\armgcc

If make doesnt run on your command prompt follow this guide to setup gcc.

3- install nrfutil

https://github.com/NordicSemiconductor/pc-nrfutil

Installation instructions for linux:

https://github.com/NordicSemiconductor/pc-nrfutil/blob/master/README.md

install python

run

pip install nrfutil

4- build the bootloader

cd

nRF5_SDK\examples\dfu\bootloader_secure

nrfutil keys generate private.pem

nrfutil keys display --key pk --format code private.pem --out_file dfu_public_key.c

cd to nRF5_SDK\examples\dfu\bootloader_secure\pca10040\armgcc

make

make flash

-bootloader should be flashed in the device. On the nrf52 Development Kit LED1 and LED3 are on when the development kit is in DFU mode.

5- Now to flash your application you need to make a signed zip of your application firmware,

nrfutil pkg generate --hw-version 52 --sd-req 0x8C --application-version 4 --application ./_build/nrf52832_xxaa.hex --key-file private.pem app_dfu_package.zip

6- Flash the Application using the Nordic App:

-Move the app_dfu_package.zip file to your phone. (Make sure it is downloaded to your phone. The

Nordic app wont work if you are pulling the .zip package from a hosting application like Google Drive

or Dropbox.)

-Download either nRF Connect or nRF Toolbox. (I prefer the Toolbox app because it has other useful

applications compiled in one app).

-Select DFU, select target device and select the .zip package. Flash the code.

6A- Or you can flash it from your computer using nrfutil via

nrfutil dfu ble -f -ic NRF52 -pkg package.zip

How to merge your application with the bootloader so you can flash both the application and the bootloader at the same time over jtag, without having to program over the dfu.

1. create and view the settings.hex file.

nrfutil settings generate --family NRF52 --application nrf52832_xxaa.hex --application-version 3 --bootloader-version 2 --bl-settings-version 1 settings.hex
nrfutil settings display settings.hex

2. combine the softdevice with the bootloader

mergehex --merge ../../../../nRF5_SDK_12.2.0_f012efa/components/softdevice/s132/hex/s132_nrf52_3.0.0_softdevice.hex ./_build/nrf52832_xxaa_s132.hex --output SD_BL.hex

3. add the application to it

mergehex --merge SD_BL.hex nrf52832_xxaa.hex --output SD_BL_APP.hex

4. Add the settings file to the Softdevice/bootloader/application hex

mergehex --merge SD_BL_APP.hex settings.hex --output SD_BL_APP_valid.hex

5. Flash your code.

nrfjprog --chiperase --program SD_BL_APP_valid.hex -f NRF52 -r