This blog is to show to use the non-secure bootloader on the nRF52810 chipset. This example is based on the SDK 14.2 with softdevice S132v5.1. This example is working on the single bank OTA without external flash approach.
Goal
On the Nordic nRF5 SDK, the size of the secure bootloader (BLE) is 32KB which includes
- Bootloader 24KB
- Bootloader Setting 4KB
- MBR Param Setting 4KB
The total size of the bootloader is 32KB.
Memory layout of the nRF52810 / nRF52811 with OTA bootloader is
The goal is to reduce the bootloader size by disable the secure feature. Thus, I select the smallest softdevices S132v5.1 and S112v5.1 for trying.
S132v5.1 (140KB)
- Support BLE Central / Peripheral / Advertiser / Observer role
S112v5.1 (96KB)
- Support BLE Peripheral and Advertiser role only
The non-secure bootloader would be reduced to 16KB + 4KB = 20KB totally.
Methodology
The idea of the non-secure bootloader is just removed all the secure routine and micro-ecc library.
//==========================================================
// <e> NRF_CRYPTO_ENABLED - nrf_crypto - Cryptography library
//==========================================================
#ifndef NRF_CRYPTO_ENABLED
#define NRF_CRYPTO_ENABLED 0
#endif
// <q> NRF_CRYPTO_BACKEND_CC310_LIB - Enable the ARM Cryptocell CC310 backendBy configure the section placement
The size of the bootloader is limited to 0x4000 (16KB).
The starting address of the bootloader is 0x2B000.
The total size of the bootloader (after compile) would be 15.9KB.
How to setup the demo
Place the source code package under the example\dfu folders
The project of the bootloader is “bootloader_non-secure_ble”.
Two test BLE application firmware
- ble_app_uart1 (BLE device name: 832UARTS132_1)
- ble_app_uart2 (BLE device name: 832UARTS132_2)
Generate the Private Key
nrfutil keys generate demo_private.key
Generate the public key
nrfutil keys display --key pk --format code demo_private.key --out_file demo_public_key.c Generate the zip package
nrfutil pkg generate --hw-version 52 --application-version 1 --application ..\ble_app_uart1\pca10040e_s132\s132\ses\Output\Release\Exe\ble_app_uart_pca10040e_s132.hex --sd-req 0xA5 --key-file demo_private.key app_ble_nus_1_pca10040e_s132.zip
nrfutil pkg generate --hw-version 52 --application-version 1 --application ..\ble_app_uart2\pca10040e_s132\s132\ses\Output\Release\Exe\ble_app_uart_pca10040e_s132.hex --sd-req 0xA5 --key-file demo_private.key app_ble_nus_2_pca10040e_s132.zipGenerate the Bootloader Setting (no backup)
nrfutil settings generate --family NRF52810 --application ble_app_uart_1_pca10040e_s132.hex --application-version 0 --bootloader-version 0 --no-backup --bl-settings-version 1 bl_setting_ble_nus_1.hex
nrfutil settings generate --family NRF52810 --application ble_app_uart_2_pca10040e_s132.hex --application-version 0 --bootloader-version 0 --no-backup --bl-settings-version 1 bl_setting_ble_nus_2.hex This demo code is not using the backup region. It needs to add the --no-backup option inside the nrfutil.
Bootloader Setting file no backup
Merge the bootloader, bootloader setting, softdevice and application firmware
mergehex.exe -m secure_dfu_ble_s132_pca10040e.hex bl_setting_no_backup_ble_nus_1.hex -o bl_and_setting_ble_nus_1.hex
mergehex.exe -m ble_app_uart_1_pca10040e_s132.hex bl_and_setting_ble_nus_1.hex ..\s132_nrf52_5.1.0_softdevice.hex -o app_nus_1_bl_and_setting_softdevice.hex
By using the nrfjprog to program combine hex on nRF52810.
If you would like to get this demo code, please give me your project requirement first.
JimmyIoT 