AnsweredAssumed Answered

Unable to get signed or encrypted image to run on RT1020

Question asked by rshipman on Jan 8, 2020
Latest reply on Jan 29, 2020 by Victor Jimenez

Hi,

 

I am unable to get signed or encrypted image to run on RT1020

 

I have two RT1020 eval boards.

One has the SRK fuses blown and the HAB closed fuse blown.

The other is unchanged from out of the box.

 

I am attempting to run a signed (and an encrypted) image in ITCM at start address 0.

I am using the iled_blinky demo, linked to start at 0x00002000.

I have two versions of this demo, a fast flash and the default (slow) flash.

 

I have successfully managed to download both of these onto the eval board with no fuses blown (unencrypted versions).

 

I have not managed to do the same with a signed or encrypted image onto the eval board with fuses blown.

 

I have successfully created a signed flashloader and downloaded that to the eval board (with fuses blown).

Trying to download an unsigned flashloader fails, so I am fairly confident that I have blown the fuses
correctly. The signed flashloader writes to and reads back from flash and internal memory successfully.

 

Please find attached the following zip files:

 

----------------------------------

 

iled_blinky_itcm_unencrypted_at_0x0000.zip

 

My successful attempt at an unencrypted image. Please see ./slow_com7 and ./fast_com7 scripts (for linux terminal).

The scripts run successfully to the end. When I set the dip switches for internal boot, the led flashes at the appropriate speed depending on the program I have loaded.

 

----------------------------------

 

iled_blinky_itcm_signed_at_0x0000.zip

 

My attempt at a signed image. Please see ./slow_experiment script (for linux terminal).

The script runs successfully to the end. When I set the dip switches for internal boot, the led does not flash.

 

----------------------------------

 

iled_blinky_itcm_encrypted_at_0x0000.zip

 

My attempt at an encrypted image. Please see ./slow_experiment script (for linux terminal).

The script runs successfully to the end. When I set the dip switches for internal boot, the led does not flash.

 

----------------------------------

 

signed_flashloader.zip

 

The signed flashloader that I use successfully on the eval board with the SRK fuses blown.

 

----------------------------------

 

SignedImageProblem.zip

 

Contains screenshots of NXP-MCUBootUtility of the signed attempt:

signed_image_problems_01.png   The fuses on the eval board.

signed_image_problems_02.png   The ivt at 0x60001000

signed_image_problems_03.png   The program image at 0x60002000

signed_image_problems_04.png   The CSF signature data at 0x60007000

 

----------------------------------

 

Sorry it's a lot of data, but if you look at the scripts it will be clear what I have been doing.

 

Is there anything obvious that I am doing with the signed/encrypted versions that means they won't run please?

 

Any help much appreciated.

Outcomes