Hi tom fang,
Glad to see you, you are always welcome!
Answer your questions:
1. This is my understanding of XIP encryption process, is it correct?
1) PC side: an unsigned image (plain image) ->add BEE configuration->.sb file (it isn't encrypted)
2) download process: .sb file is being downloaded to flash, but data belonging to the ranges of BEE indicated will be encrypted while writing, so the file in flash would be different from the original one ( in step 1)
3) bootup process: after a reboot, MCU will run the image, but once it runs code belonging to the special ranges must be decrypted firstly.
Answer: The PC side use the unsigned image, then it should add the BEE encrypted code, then download the encrypted code directly. You have checked AN12079, you can find when generate the .sb files, it is using:
elftosb.exe -f kinetis -V -c program_flexspinor_image_hyperflash_encrypt.bd -o boot_image.sb ivt_application_unsigned_nopadding.bin
It means, the boot_image.sb already the encrypted code, then use the MFGtool, just need to download the code.
You can find when do the download, it just download the flashloader, the fuse and the .sb files.
This is my understanding. If you have the interest, you also can try the BEE encrypted operation details, then check each steps generated files, and compare with your last downloaded and flash readout memory. You can check my HAB operation process, may useful to your understanding:
RT1050 HAB Encrypted Image Generation and Analysis
BEE is simliar.
When do the BEE boot, the spcial ranges which is encrypted must do decrypted at first. BEE is runing while decrypted directly. Not like the HAB encrypted, which will copy to the internal RAM, and do the decrypted, then run from RAM driectly.
2. My bootloader did have done the HAB signature and run in flash as XIP, yes, flashloader was signed as well, but it did run as XIP. So according to your answers, it seems APP couldn't do signature encryption, because it needs a signed flashloader to work together, and only ROM code can do that, am I right?
Answer: Please note, HAB signature and encrypted just to the Non XIP code. If it is the XIP code, you need to use the BEE. Non XIP code means the real app code in the internal RAM. The signed flashloader needs the ROM code to do it.
Wish it helps you!
Have a great day,
Kerry
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi tom fang,
Glad to see you, you are always welcome!
Answer your questions:
1. This is my understanding of XIP encryption process, is it correct?
1) PC side: an unsigned image (plain image) ->add BEE configuration->.sb file (it isn't encrypted)
2) download process: .sb file is being downloaded to flash, but data belonging to the ranges of BEE indicated will be encrypted while writing, so the file in flash would be different from the original one ( in step 1)
3) bootup process: after a reboot, MCU will run the image, but once it runs code belonging to the special ranges must be decrypted firstly.
Answer: The PC side use the unsigned image, then it should add the BEE encrypted code, then download the encrypted code directly. You have checked AN12079, you can find when generate the .sb files, it is using:
elftosb.exe -f kinetis -V -c program_flexspinor_image_hyperflash_encrypt.bd -o boot_image.sb ivt_application_unsigned_nopadding.bin
It means, the boot_image.sb already the encrypted code, then use the MFGtool, just need to download the code.
You can find when do the download, it just download the flashloader, the fuse and the .sb files.
This is my understanding. If you have the interest, you also can try the BEE encrypted operation details, then check each steps generated files, and compare with your last downloaded and flash readout memory. You can check my HAB operation process, may useful to your understanding:
RT1050 HAB Encrypted Image Generation and Analysis
BEE is simliar.
When do the BEE boot, the spcial ranges which is encrypted must do decrypted at first. BEE is runing while decrypted directly. Not like the HAB encrypted, which will copy to the internal RAM, and do the decrypted, then run from RAM driectly.
2. My bootloader did have done the HAB signature and run in flash as XIP, yes, flashloader was signed as well, but it did run as XIP. So according to your answers, it seems APP couldn't do signature encryption, because it needs a signed flashloader to work together, and only ROM code can do that, am I right?
Answer: Please note, HAB signature and encrypted just to the Non XIP code. If it is the XIP code, you need to use the BEE. Non XIP code means the real app code in the internal RAM. The signed flashloader needs the ROM code to do it.
Wish it helps you!
Have a great day,
Kerry
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
