FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

BEE USER KEYS

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

BEE USER KEYS

Jump to solution
Thursday
212 Views
acallamp
Contributor III

HI:

After burning and writing my image to BEE USER KEYS unsigned through security tools, there are two codes BOOT BIN APP.BIN works normally even after successful encryption. When I upgraded the APP through BOOT code using the serial port... The code can also function normally... I would like to ask if the APP for serial port upgrade in the future also has encryption function? Did the built-in key automatically encrypt the code when writing NOR FLASH to the serial port? (The app is just the second image)

1733448278916.png1733448123207.png

Tags (1)
0 Kudos
Reply
1 Solution

Jump to solution
Friday
173 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

SEC tool does not encrypt the additional files automatically, the additional images are written to flash same as it is configured in SEC tool. If you set encryption for the region starting at 0x60020000, you must encrypt the application image on command line. You can re-use code from the build script, you will need "bee_config.yaml" with the configuration for additional image and then call "nxpimage bee export" to encrypt the file.

Once the application is encrypted, you can use it as an additional image in SEC tool and also for the online updates.

Note: you can enable "pre_build" script in SEC tool and make encryption there. The pre-build script is invoked before the build, so with this you will always do all necessary steps together. 

Regards,
Marek

View solution in original post

Reply
6 Replies

Jump to solution
Friday
194 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

based on the BEE configuration it seems APP is not encrypted (memory range >=0x60020000 is not encrypted). I do not see any reason why it should not work after upgrade.

Regards,
Marek
0 Kudos
Reply

Jump to solution
Friday
190 Views
acallamp
Contributor III

If I use the 0X6002000 app BIN also has a password, what if I use my own serial BOOT to upgrade the code? Can the new app code still work?

Tags (1)
0 Kudos
Reply

Jump to solution
Friday
174 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

SEC tool does not encrypt the additional files automatically, the additional images are written to flash same as it is configured in SEC tool. If you set encryption for the region starting at 0x60020000, you must encrypt the application image on command line. You can re-use code from the build script, you will need "bee_config.yaml" with the configuration for additional image and then call "nxpimage bee export" to encrypt the file.

Once the application is encrypted, you can use it as an additional image in SEC tool and also for the online updates.

Note: you can enable "pre_build" script in SEC tool and make encryption there. The pre-build script is invoked before the build, so with this you will always do all necessary steps together. 

Regards,
Marek
Reply

Jump to solution
Friday
158 Views
acallamp
Contributor III
Hi: Thank you. Also, may I ask if you have it? Can encrypted burners be mass-produced?
0 Kudos
Reply

Jump to solution
Monday
110 Views
marek-trmac
NXP Employee
NXP Employee

Hi,

I'm not aware of any example, we might have. Also, I'm not aware of any issue, why this cannot be mass produced, but of course I'd recommend testing this well prior the production. 

Regards,
Marek
0 Kudos
Reply

Jump to solution
Friday
158 Views
acallamp
Contributor III
hi :谢谢,还有请问有没有?可以量产的加密的烧录器?
0 Kudos
Reply