ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Is BEE automatically enabled when programming an encrypted image?

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

Is BEE automatically enabled when programming an encrypted image?

ソリューションへジャンプ
‎07-19-2019 08:07 AM
1,251件の閲覧回数
henrique1
Contributor III

Hi,

I'm trying to learn more about the secure manufacturing programming techniques with the imx 1020. To maintain code confidentiality, the programmed flash image should be encrypted, and, from my understanding, the standard process then is to generate an SB file and use it with the MfgTools to automatically setup the device for the required configurations.

My question is then, if I want to perform flash writes/reads later on, is the encryption/decryption going to happen transparently or should I purposefully set up the bus encryption engine to make it work?

Thanks in advance!

Henrique

ラベル(1)
ラベル
タグ(3)
返信
1 解決策

ソリューションへジャンプ
‎07-22-2019 10:42 PM
1,053件の閲覧回数
jay_heng
NXP Employee
NXP Employee

image encryption always needs to be done manually, that's why we have another host tool to do this job.

you can update part of encrypted code, only if new code is encrypted by the same key.

元の投稿で解決策を見る

返信
3 返答(返信)

ソリューションへジャンプ
‎07-20-2019 06:30 PM
1,053件の閲覧回数
jay_heng
NXP Employee
NXP Employee

You can try this one-stop GUI tool for encrypted image downloading: GitHub - JayHeng/NXP-MCUBootUtility: A one-stop boot utility tool based on Python2.7+wxPython4.0, it...

if BEE has been well configured by ROM, any AHB flash read in your app will be with BEE decryption automatically, but for flash write, it has nothing to do with BEE

返信

ソリューションへジャンプ
‎07-21-2019 11:32 PM
1,053件の閲覧回数
henrique1
Contributor III

Hi Jay Heng,

Thank you very much for your reply.

So, if I want to secure the dynamic flash read/writes I should manually take care of encrypting/decrypting that data, since it would be outside the BEE region, right?

But what if I would like to perform field-firmware-updates and replace the app-code data with new encrypted code? Will that be possible to set up as well, meaning, using the same SNVS key to encrypt the data in flash?

Best regards,

Henrique

0 件の賞賛
返信

ソリューションへジャンプ
‎07-22-2019 10:42 PM
1,054件の閲覧回数
jay_heng
NXP Employee
NXP Employee

image encryption always needs to be done manually, that's why we have another host tool to do this job.

you can update part of encrypted code, only if new code is encrypted by the same key.

返信