LPC54S018 second attempt at encryption

cancel
Showing results for 
Search instead for 
Did you mean: 

LPC54S018 second attempt at encryption

189 Views
Contributor III

I use the routine “lpcxpresso54s018m_xip_with_secure_boot_an_demo” provided by AN12352SW to encrypt, and do the secure boot of LPC54S018 in 5 steps referring to AN12352. 

1. Divide the image into two parts by modifying linker script. The demo have done it and I did not make any changes.

微信图片_20191127105215.pngSnap21.bmp

2. Create the image.

Snap22.bmp

Note : In the case of normally boot, if I loaded the image directly, it will run successfully.

Split the image as secure-plain text and non-secure.

Snap25.bmp

From the image above, the image_length equals 0x000056CC, so the total length of the image is 0x000056CC+4.

The secure-plain text image is from address 0 to address (0x000056CC+4-1) of the original image binary. This image is used to create the secure-bootable part image.
The non-secure image is from address 0x0010_0000 to the end of the original image. This image is as non-secure part image.

Create the secure bootable part image based on secure-plain text image.

Use elftosb to generate 128 bits AES key.

A3QI2E{0({(ZBLF46`T3RRI.png

Use the elftosb-gui to create the secure-bootable part image.

Snap26.bmp

3. Program the two parts of the image into the flash.

program secure bootable part image into Flash.

Snap28.bmp

Snap27.bmp

It would prompt me to add check code and I clicked 'No'.

 

program the non-secure part image into Flash

Snap29.bmp

4. Program the 128 bits AES key to OTP.

program the AES key use blhost.

Snap30.bmp

Snap16.bmp

5. Program the related OTP bit fields to enable secure boot.

use blhost and the following commands to program related OTP bit fields.

 blhost.exe -u 0x1fc9,0x01a2 -- efuse-program-once 12 00000010

 blhost.exe -u 0x1fc9,0x01a2 -- efuse-program-once 12 00000004

finally, I reset my board, but it was failed, because there was no any print on debug consule and the debug on Keil can not check my core. I can't connect the PC and the board with SWD.

What did I do wrong?I need some help. Thanks.

Labels (1)
0 Kudos
3 Replies

8 Views
NXP TechSupport
NXP TechSupport

Hello Kunsen Chen,

Refer to the AN12352, not recommend use Jflash to program:

pastedImage_1.png

Have a great day,
TIC

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos

8 Views
Contributor III

The reason why JFlash cannot be used is because a checksum may be added. However, I have ensure that the code programming into the chip didn't add the checksum. 

At first, I used JFlash to load my code, and indeed added the checksum. I read back the flash code through JFlash and the code is as follow. Except for the red box, other data is consistent with the code file to be downloaded.

Snap7.bmp

but then I cancelled the option to add the checksum, and I read the flash code through JFlash, and it did not add the checksum. I used the data comparison function of HxD for comparison, the data is completely consistent with the code file to be downloaded.

Am I right? I worry that I am doing something wrong elsewhere. Do you think my other operations are OK?

0 Kudos

8 Views
NXP TechSupport
NXP TechSupport

Hello Kunsen,

I recommend you first completely refer to the steps in AN12352.

0 Kudos