DFU: Error: Invalid object

[webjay]

Creating a packet for update via DFU works, meaning I can create a zip file and see the content:

 nrfutil pkg display ../Sites/spaceinvader/blu-transmogrifier/firmware.zip  

Which shows:

DFU Package: <../Sites/spaceinvader/blu-transmogrifier/firmware.zip>:
|
|- Image count: 1
|
|- Image #0:
   |- Type: application
   |- Image file: firmware.bin
   |- Init packet file: initpacket.dat
      |
      |- op_code: INIT
      |- signature_type: ECDSA_P256_SHA256
      |- signature (little-endian): b'c37f96f6f0f97e5ab7be9c875138a0a332f63de83fca836703f282bc41406ca301f9746c2c1a24996af9a9ee4c93ab311652958b8e5decd158b735ce81ea9f60'
      |
      |- fw_version: 0x00000001 (1)
      |- hw_version 0x00000034 (52)
      |- sd_req: 0x103
      |- type: APPLICATION
      |- sd_size: 0
      |- bl_size: 0
      |- app_size: 50844
      |
      |- hash_type: SHA256
      |- hash (little-endian): b'0c5269a9ff94200b0e1bc86c84fc5ac87c58b6de82939410d40f4096b2bb183e'
      |
      |- boot_validation_type: ['VALIDATE_GENERATED_CRC']
      |- boot_validation_signature (little-endian): [b'']
      |
      |- is_debug: False

A packet created via a OpenHaystack fork looks similar:

DFU Package: <EA140CF93E0D.zip>:
|
|- Image count: 1
|
|- Image #0:
   |- Type: application
   |- Image file: firmware.bin
   |- Init packet file: initpacket.dat
      |
      |- op_code: INIT
      |- signature_type: ECDSA_P256_SHA256
      |- signature (little-endian): b'c16814676d0f81a45116136994d5b56f8daba7bf5295dec18a2c349c262284390955d994a618cd8db52036b9c52d7c99e5d7838809eb384dd92232d9793b327d'
      |
      |- fw_version: 0x00000001 (1)
      |- hw_version 0x00000034 (52)
      |- sd_req: 0x103
      |- type: APPLICATION
      |- sd_size: 0
      |- bl_size: 0
      |- app_size: 50844
      |
      |- hash_type: SHA256
      |- hash (little-endian): b'2c46d628a4fdd7d96b224f4cdaab3294b23708d481dee86bdabaf65b89aaa37c'
      |
      |- boot_validation_type: ['VALIDATE_GENERATED_CRC']
      |- boot_validation_signature (little-endian): [b'']
      |
      |- is_debug: False

The EA140CF93E0D.zip can be succesfully transferred to the Moko device. The blu-transmogrifier/firmware.zip fails the DFU process with "Invalid object".

The halfbaked firmware is baked in a process like this.

The initpacket is made here: https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/main/src/initpacket.ts Based on protocol buffers: https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/main/src/protobuf/dfu.proto

The signature is made in signData: https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/main/src/crypt.ts

Device Firmware Update process: https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.sdk5.v15.0.0/lib_bootloader_dfu_process.html

This seems to be how the device validates: https://github.com/DiUS/nRF5-SDK-15.3.0-reduced/blob/master/components/libraries/bootloader/dfu/nrf_dfu_validation.c#L341-L417

Following this will show each step: https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/main/test/main.test.ts

[webjay]

Half baked firmware 🧑‍🍳

To see how a firmware is built, before the public key for Apple is inserted, it is probably easiest to follow this step: https://github.com/SpaceInvaderTech/openhaystack_moko/tree/actions#compile-via-docker Which produces this output: https://github.com/SpaceInvaderTech/openhaystack_moko/pull/1#issue-2028337592

[webjay]

https://devzone.nordicsemi.com/f/nordic-q-a/106408/dfu-error-invalid-object

[webjay]

The problems were:

• The key we use for signing is ecdsa-sha2-nistp256. So I just had to replace sign(null, ... with sign('sha256', .... https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/0f50ba1af025c0cc6c5da6c9eb49415b9a6279f8/src/crypt.ts#L40-L43
• dfu.Command.encode(commandMessage).finish() is prepended with 4 bytes which is presumed to be the length. So I strip those, and it works 🤷 https://github.com/SpaceInvaderTech/blu-transmogrifier/blob/0f50ba1af025c0cc6c5da6c9eb49415b9a6279f8/src/initpacket.ts#L63-L67