uhk/bootloader
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
chore-change-xcode-project-settings
bootloader/apps/demo_qspi/bdfile/qspi_image_encrypt_a000.bd
László Monda e6c1fce5b4 Add KBOOT.
2016-08-10 01:45:15 +02:00

70 lines
2.5 KiB
Plaintext
Raw Permalink Blame History

# The sources block assigns file names to identifiers
sources {
# SREC File path
mySrecFile = "led_demo_qspi_a000.srec";
# QCB file path
qspiConfigBlock = "qspi_config_block.bin";
}
# The keyblob creates a structure with up to 4 keyblob entries.
# The empty parentheses syntax specifies an entry of all zeros (no encryption)
# Each entry consists of 4 parameters:
# start - start address of encrypted block.
# end - end address of encrypted block.
# key - AES-CTR mode encryption key for this range.
# counter - initial counter value for AES-CTR encryption for this range.
keyblob (0) {
(
start=0x68001000,
end = 0x68001fff,
key="000102030405060708090a0b0c0d0e0f",
counter="0123456789abcdef"
)
()
()
()
}
# The section block specifies the sequence of boot commands to be written to
# the SB file
section (0) {
#1. Erase the vector table and flash config field.
erase 0xa000..0xc000;
# Step 2 and Step 3 are optional if the QuadSPI is configured at startup.
#2. Load the QCB to RAM
load qspiConfigBlock > 0x20000000;
#3. Configure QuadSPI with the QCB above
enable qspi 0x20000000;
#4. Erase the QuadSPI memory region before programming.
erase 0x68000000..0x68004000;
#5.Load the QCB above to the start address of QuadSPI memory
load qspiConfigBlock > 0x68000000;
#6,7. The encrypt statement indicates that load commands should encrypt load from the srec file using AES-CTR mode encrypteion.
# The encrypt argument (0) specifies the keyblob parameters range of one of the keyblob entries are left unencrypted.
encrypt(0) {
# Load all the RO data from SREC field.
load mySrecFile;
}
#8. Load kek to 0xb000
load {{000102030405060708090a0b0c0d0e0f}} > 0xb000;
#9. Load the encrypted keyblob block to specified location.
# The keywrap statement wraps (encrypts) the keyblob specified in the argument (0) using the specified Key Encryption Key (KEK) and loads the keyblob to internal flash.
# The load destination (0xc000, which is defined via keyBlobPointer in BCA) must match the keyblob pointer in the Bootloader Configuraion Area(BCA) contained in the SREC image.
# Make sure the sector at 0xc000 has not been written by the srec file load above, otherwise it will need to be erased again.
keywrap (0) {
load {{000102030405060708090a0b0c0d0e0f}} > 0xc000;
}
#10. Reset target.
reset;
}
Reference in New Issue View Git Blame Copy Permalink