This is an experimental implementation of the SUIT protocol for the SIP-IoT SecureCare project at RISE Research Institutes of Sweden targeting the Nordic Semiconductor nRF52840. The repository contains partial implementations of the following IETF standards and drafts:
- RFC 8152 CBOR Object Signing and Encryption (COSE)
- Internet-Draft CBOR SUIT Manifest
- Internet-Draft EST over Secure CoAP (EST-CoAPs)
The nRF52840 node is flashed with the default Thread credentials included with the OpenThread border router and should connect automatically to the network. LED1
indicates the Thread connection status: off for detached, blink for connecting and on for connected. The link-local IPv6 addresses of all Thread devices connected to the border router can discovered by pinging ff02::1%wpan0
. The OpenThread border router is pre-configured with a NAT64 interface. Run dns resolve ipv4.google.com fdaa:bb:1::2
from the OpenThread CLI on the node to check Internet connectivity.
key
keys and certificateslib
external librariessrc/cose
COSE, CWT and SUIT parser/encoder sourcessrc/demo
example code for the nRF52840 SoCsrc/est
EST-CoAPs sourcessrc/util
command line utilities
- Run
make
fromkey
to generate keys. (This will overwrite existing keys). - Run
make
fromsrc/demo
to flash the example code to an nRF52840 SoC. - Run
make
fromsrc/util
to compile CLI utilities.
This code has been built and tested on an nRF52840 DK using the nRF5 SDK for Thread v4.1.0. Create an environment variable called $NRF5_SDK
pointing to the SDK directory before running make
. Clone a copy of the micro-ecc repository into $NRF5_SDK/external/micro-ecc/micro-ecc
, then run make
from the $NRF5_SDK/external/micro-ecc/nrf52hf_armgcc/armgcc
directory. The SDK expects to find a copy of the Arm GCC Embedded Toolchain v7-2018-q2-update in the /usr/local
directory.
The Linux-native components of this project depend on a local installation of libcoap and mbedTLS, both of which can be found in lib
.