FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

How to manage encrypted code larger than 98kB internal RAM ?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to manage encrypted code larger than 98kB internal RAM ?

‎12-05-2016 02:23 AM
1,114 Views
sylvio5
Contributor II

Hello

We already made project using LPC43xx controller and build our bootloader as this :

Bootloader located at 0x1A bank for 64kB

Application code located at 0x1A + 0x10000 and whole 0x1B flash

The bootloader is able to read a (non consecutive) bin file from an SD card and program it to the 2 flash and also to read the flash to do a backup onto the SDcard.

We are beginning a new project that requires to have encrypted firmware. So we want to start programming on an LPC43S57. I m studying your LPCScrypt documentation, LPC43XX user manual and I found this answer : https://community.nxp.com/thread/420419

As I understood the firmware files have to be encoded using LPCScrypt tool and the AES key have to be programmed with it as well.
The begging of the code must be linked for bank 0x10.
Then -as a newbie in encrypted device - I think I missed something... or I didn't get something. Internal SRAM at bank 0x10 is only 96kB. So how to manage larger code ? We except there is a possibility to use the whole 2 banks of 512kB of Flash for code no ?
In example, if we have an external RAM how to set the firmware decrypting engin to copy decrypted code at the correct RAM address ?

Another question, what about our booloader code that is using IAP functions, will those IAP functions work the same once the AES key is programmed into the OTP memory ?

Labels (1)
Labels
Tags (2)
0 Kudos
Reply
2 Replies

‎12-29-2016 02:33 PM
858 Views
soledad
NXP Employee
NXP Employee

Hello Sylvio,

You are correct you need to use the LPCScrypt tool, in order ot encode your code and you need to use the AES key just like you mention in your thread. In order to flash the larger application,The flash address to program can either be specified as a numeric hex address or (if programming from the base address of the flash) as the name returned from a queryflash command. Images can be programmed at an offset from the flash base address, but care must be taken to link and align such images to a flash sector base address

You can find more details in the  LPCScrypt User Guide,   https://www.lpcware.com/system/files/LPCScrypt_User_Guide_0.pdf 

Regarding using IAP functions, once the the device it is encrypted you can not use it.

Best Regards,

Sol

0 Kudos
Reply

‎01-02-2017 02:20 AM
858 Views
sylvio5
Contributor II
Hello
Thanks for your answer.
The flash address to program can either be specified as a numeric hex address or (if programming from the base address of the flash) as the name returned from a queryflash command. Images can be programmed at an offset from the flash base address, but care must be taken to link and align such images to a flash sector base address
My question is not about larger Flash but larger RAM for execution. As I understood the decryption boot rom copy the code to execute at bank 0x10 but at this bank we only have 96kB of RAM... so if we link our code to a second external RAM do we need to program the decryption / copy algorithm manually or is there a way to set the extended execution RAM address to the boot rom to make it working automatically ?
Is there any project examples for that mechanism specific to the LPC S series ? There is no code samples about that with LPCscrypt application notes.
I see there is a dev board of LPC43S67 but is there application samples ?
Regarding IAP functions... well how could we do a firmware upgrade application if IAP are not more usable ? Is there another firmware writing serial API ?
Thanks for help
0 Kudos
Reply