SPRADN0 December   2024 F29H850TU , F29H859TU-Q1

 

  1.   1
  2.   Abstract
  3.   Trademarks
  4. 1Programming Fundamentals
  5. 2Introduction
    1. 2.1 Hardware Security Module
    2. 2.2 ROM Bootloader
    3. 2.3 Combined Image with X.509 Certificate
  6. 3Flash Kernel Implementation
    1. 3.1 CPU1 Firmware Upgrade (HS-FS)
    2. 3.2 Key Provision (HS-FS to HS-KP)
    3. 3.3 CPU1 Secure Firmware Upgrade (HS-KP/SE to HS-SE)
    4. 3.4 HSM Firmware Upgrade (HS-KP/SE to HS-SE)
    5. 3.5 SECCFG Code Provisioning (HS-KP/SE to HS-SE)
  7. 4Host Application: UART Flash Programmer
    1. 4.1 Overview
    2. 4.2 Build UART Flash Programmer with Visual Studio
    3. 4.3 Build UART Flash Programmer with CMake
    4. 4.4 Packet Format
    5. 4.5 Kernel Commands
  8. 5Example Usage
    1. 5.1 Loading the Flash Kernel onto the Device
      1. 5.1.1 Hardware Setup
      2. 5.1.2 Running the UART Flash Programmer
    2. 5.2 CPU1 Device Firmware Upgrade (HS-FS only)
    3. 5.3 Convert HS-FS to HS-SE
    4. 5.4 Loading a RAM-based HSMRt Image
    5. 5.5 Key Provision (HS-FS to HS-KP)
    6. 5.6 Code Provision (HS-KP/SE to HS-SE)
  9. 6Troubleshooting
    1. 6.1 General
    2. 6.2 UART Boot
    3. 6.3 Application Load
  10. 7Summary
  11. 8References

2.3 Combined Image with X.509 Certificate

With the inclusion of the HSM, the BootROM expects all incoming images to be in a binary format and be combined with a X.509 certificate. The first 0x1000 bytes of the binary file must contain the key certificate.

Listed below are the default post-build steps provided by UART flash kernel and other SDK examples to generate the combined binary image with X.509 certificate.

For new Code Composer Studio projects, paste the following script in the Post-build Steps section under Build category of the project properties. To run the script standalone, find import.mak in the root directory of the device SDK for the default alias of the variable.

RAM post-build steps (for Flash Kernel):

${CG_TOOL_OBJCOPY} --strip-all -O binary ${ProjName}.out ${ProjName}.bin
$(PYTHON)  ${COM_TI_MCU_SDK_INSTALL_DIR}/tools/boot/signing/mcu_rom_image_gen.py --image-bin ${ProjName}.bin --core C29 --swrv 1 --loadaddr 0x200E1000 --sign-key ${COM_TI_MCU_SDK_INSTALL_DIR}/tools/boot/signing/mcu_custMpk.pem --out-image ${ProjName}.cert.bin --boot RAM --device f29h85x --debug DBG_SOC_DEFAULT
  • Produces RAM-based binary image: ${ProjName}.cert.bin
  • mcu_rom_image_gen.py ram parameter: --loadaddr 0x200E100 (LDAx RAM), --boot RAM

Flash post-build steps (for Flash application images):

${CG_TOOL_OBJCOPY} --remove-section=cert -O binary ${ProjName}.out ${ProjName}.bin
$(PYTHON) ${COM_TI_MCU_SDK_INSTALL_DIR}/tools/boot/signing/mcu_rom_image_gen.py --image-bin ${ProjName}.bin --core C29 --swrv 1 --loadaddr 0x10001000 --sign-key ${COM_TI_MCU_SDK_INSTALL_DIR}/tools/boot/signing/mcu_gpkey.pem --out-image ${ProjName}_cert.bin --device f29h85x --boot FLASH --img_integ no
${CG_TOOL_OBJCOPY} --update-section cert=C29-cert-pad.bin ${ProjName}.out ${ProjName}_cert.out
$(DELETE) ${ProjName}.out C29-cert-pad.bin;
$(RENAME) ${ProjName}_cert.out ${ProjName}.out
  • Produces Flash-based binary image: ${ProjName}_cert.bin
  • mcu_rom_image_gen.py flash parameter: --loadaddr 0x10001000 (Flash entry address), --boot FLASH

Both post build steps shown above generate a certificate for the application, converts the application .out file into binary, and creates a combined binary image with an X.509 certificate.

Additionally, the post-build steps leverages two different keys provided in the SDK:

  • mcu_gpkey.pem: General purpose key provided by TI to generate TI key certificate.
  • mcu_custMpk.pem: A dummy key that mimics a custom key, can be used as an exemplary custom key to test out Key Provision & Code Provisioning.
Note:

To change the generated key certificate with a custom key certificate, provide an alternate key and pass into the python script via parameter --sign-key. This is necessary for all flash images concerning HS-KP and HS-SE, and HSMRt for HS-SE.