MTB DFU signature

Ask the Community
Close
Ask the Community
nav search Icon
Forums gray-arrow gray-arrow
Resources gray-arrow gray-arrow
About gray-arrow gray-arrow
Groups gray-arrow gray-arrow
nav-user Account

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

MTB DFU signature

PSOC6_dev
Level 4
Level 4
10 questions asked 25 sign-ins 25 replies posted
‎Nov 15, 2022 08:29 AM
‎Nov 15, 2022 08:29 AM
Jump to solution

Hi,

I implemented DFU BLE in MTB for PSOC6 with CRC app verify.

I want to enable signature verification like SHA256 encrypted with RSAES-PKCS.

Do an example exists ? How I can enable this functionnality ?

 

Thank you for your support,

Kind regards

0 Likes
Subscribe
1 Solution
lock attach
Attachments are accessible only for community members.
Log in arrow right alert

Re: MTB DFU signature

Shreya_S
Moderator
Moderator
Moderator
First comment on blog 100 replies posted 25 solutions authored
In response to PSOC6_dev
‎Dec 01, 2022 08:58 PM
‎Dec 01, 2022 08:58 PM
Jump to solution

Hi @PSOC6_dev 

Please find attached zip containing a code example that can help you with.

There is a Cy_DFU_ValidateApp() function present in bootloader_cm4/cy_dfu_user.c which contains the functionality to verify the signature using RSASSA-PKCS.
This code example is built for target CY8CPROTO-062-4343W, you can use the library manager to set the target on which you are working.

Let me know if fulfils your need.

Thanks & Regards,
Shreya

View solution in original post

Basic_Device_Firmware_Upgrade_With_RSA_Verification.zip
0 Likes
8 Replies

Re: MTB DFU signature

Shreya_S
Moderator
Moderator
Moderator
First comment on blog 100 replies posted 25 solutions authored
‎Nov 16, 2022 04:02 AM
‎Nov 16, 2022 04:02 AM
Jump to solution

Hi,

Can you please tell me the BSP version you're using?
Also, please let me know if this is the "example" that you're using.

Thanks,
Shreya

0 Likes

Re: MTB DFU signature

PSOC6_dev
Level 4
Level 4
10 questions asked 25 sign-ins 25 replies posted
‎Nov 16, 2022 04:59 AM
‎Nov 16, 2022 04:59 AM
Jump to solution

Hi @Shreya_S,

I use v3.1.0 of CY8CKIT-062-BLE BSP on MTB2.4

Yes, this is the example i use

 

Thank you for your support,

Kind regards,

0 Likes

Re: MTB DFU signature

Shreya_S
Moderator
Moderator
Moderator
First comment on blog 100 replies posted 25 solutions authored
In response to PSOC6_dev
‎Nov 17, 2022 08:44 PM
‎Nov 17, 2022 08:44 PM
Jump to solution

Hello there,

The example "Basic Device Firmware Upgrade" you are using only supports application verification using CRC32.
I suggest you use "Security App" example as it explains: how to create, verify signature of an existing image as well as Upgrade image (By default it uses ECC, but it also supports RSA).

I hope this helps.

Thanks & Regards,
Shreya

0 Likes

Re: MTB DFU signature

PSOC6_dev
Level 4
Level 4
10 questions asked 25 sign-ins 25 replies posted
In response to Shreya_S
‎Nov 17, 2022 11:20 PM
‎Nov 17, 2022 11:20 PM
Jump to solution

Hi @Shreya_S

Thank you for your feedback.

I do not use MCUboot, I use only Cypress DFU lib.

For the bootloader the integrity of the bootloader is checked throught a SHA256 encrypted with RSASSA-PKCS signature.

I want to implement exactly the same thing for user app1. Do you have a Cy_DFU_ValidateApp() implementation according to cymcuelftool SHA256 encrypted with RSASSA-PKCS signature generation ?

Thank you for your support,

Kind regards,

0 Likes
lock attach
Attachments are accessible only for community members.
Log in arrow right alert

Re: MTB DFU signature

Shreya_S
Moderator
Moderator
Moderator
First comment on blog 100 replies posted 25 solutions authored
In response to PSOC6_dev
‎Dec 01, 2022 08:58 PM
‎Dec 01, 2022 08:58 PM
Jump to solution

Hi @PSOC6_dev 

Please find attached zip containing a code example that can help you with.

There is a Cy_DFU_ValidateApp() function present in bootloader_cm4/cy_dfu_user.c which contains the functionality to verify the signature using RSASSA-PKCS.
This code example is built for target CY8CPROTO-062-4343W, you can use the library manager to set the target on which you are working.

Let me know if fulfils your need.

Thanks & Regards,
Shreya

Basic_Device_Firmware_Upgrade_With_RSA_Verification.zip
0 Likes

Re: MTB DFU signature

PSOC6_dev
Level 4
Level 4
10 questions asked 25 sign-ins 25 replies posted
In response to Shreya_S
‎Dec 01, 2022 11:07 PM
‎Dec 01, 2022 11:07 PM
Jump to solution

Hi @Shreya_S 

 

Thank you for your feedback!

I'll integrate this in next days and I keep you informed

 

Regards,

0 Likes

Re: MTB DFU signature

Shreya_S
Moderator
Moderator
Moderator
First comment on blog 100 replies posted 25 solutions authored
In response to PSOC6_dev
‎Dec 05, 2022 08:29 PM
‎Dec 05, 2022 08:29 PM
Jump to solution

Hi there,

Please let me know if this solution has worked for you. If yes, please accept the solution. 🙂

Thanks & Regards,
Shreya

0 Likes

Re: MTB DFU signature

PSOC6_dev
Level 4
Level 4
10 questions asked 25 sign-ins 25 replies posted
In response to Shreya_S
‎Dec 21, 2022 11:00 PM
‎Dec 21, 2022 11:00 PM
Jump to solution

Hi @Shreya_S 

 

Thank you again for your support,

All is working fine,

 

Regards

0 Likes