Cov ntsiab lus zais
1 ST Microelectronics STM32 Kos Npe Tool Software
2 Taw qhia
3 Nruab STM32-SignTool
4 STM32-SignTool hais kom ua kab interface
5 Examples rau STM32-SignTool
6 FAQ
7 Cov ntaub ntawv / Cov ntaub ntawv
7.1 Cov ntaub ntawv

ST Microelectronics STM32 Kos Npe Tool Software

Taw qhia

STM32 kos npe cov cuab yeej software (lub npe STM32-SignTool hauv daim ntawv no) yog kev koom ua ke hauv STM32CubeProgrammer (STM32CubeProg). STM32-SignTool yog lub cuab yeej tseem ceeb uas lav lub platform ruaj ntseg thiab ua kom muaj kev kos npe ntawm binary dluab siv ECC yuam sij tsim los ntawm STM32-KeyGen software (saib rau cov neeg siv phau ntawv STM32 tseem ceeb generator software piav qhia (UM2542) kom paub meej ntxiv). Cov duab kos npe binary yog siv thaum lub sij hawm STM32 ruaj ntseg khau raj ua ntu zus uas txhawb nqa cov hlua khau khau uas ntseeg siab. Qhov kev txiav txim no ua kom muaj kev lees paub thiab kev ncaj ncees ntawm cov duab uas tau teev tseg. STM32-SignTool tsim cov duab binary file, public key file, thiab tus yuam sij ntiag tug file. Daim duab binary file muaj cov ntaub ntawv binary uas yuav tsum tau programmed rau lub cuab yeej. Public key file muaj ECC pej xeem tus yuam sij hauv PEM hom, tsim nrog STM32-KeyGen. Tus yuam sij ntiag tug file muaj qhov encrypted ECC tus yuam sij hauv PEM hom, tsim nrog STM32-KeyGen. Ib tug kos npe binary file tuaj yeem tsim los ntawm ib qho uas tau kos npe file nrog batch file hom. Nyob rau hauv cov ntaub ntawv no, cov nram qab no tsis yuav tsum tau: cov duab nkag point, cov duab load chaw nyob, thiab cov duab version tsis. Cov ntaub ntawv no siv tau rau cov khoom uas tau teev tseg hauv cov lus hauv qab no.

Rooj 1. Cov khoom siv tau

Yam khoom Tus naj npawb lossis cov khoom series
Microcontroller STM32N6 series
Microprocessor STM32MP1 thiab STM32MP2 series

Hauv ntu nram qab no, STM32 hais txog cov khoom lag luam uas tau teev tseg hauv cov lus saum toj no, tshwj tsis yog hais tias lwm yam.

Nruab STM32-SignTool

Cov cuab yeej no tau nruab nrog STM32CubeProgrammer pob (STM32CubeProg). Yog xav paub ntxiv txog cov txheej txheem teeb tsa, saib rau ntu 1.2 ntawm tus neeg siv phau ntawv STM32CubeProgrammer software piav qhia (UM2237). Cov software no txhawb nqa STM32 cov khoom raws li Arm® Cortex® processor.

Nco tseg: Arm yog ib lub cim lag luam ntawm Arm Limited (lossis nws cov koom tes) hauv Asmeskas thiab / lossis lwm qhov.

STM32-SignTool hais kom ua kab interface

Cov ntu hauv qab no piav qhia yuav ua li cas siv STM32-SignTool los ntawm kab hais kom ua.

Cov lus txib

Cov lus txib muaj nyob hauv qab no:

  • -binary-duab(-bin), -input(-in)
    • Nqe lus piav qhia: binary duab file path (.bin extension)
    • Syntax: 1 -bin /home/User/binaryFile.bin
    • Syntax: 2 -in /home/User/binaryFile.bin
  • -Image-version (-iv)
    • Nqe lus piav qhia: nkag mus rau cov duab version ntawm daim duab kos npe file
    • Syntax: -iv
  • -private-key (-prvk)
    • Nqe lus piav qhia: tus yuam sij ntiag tug file path (.pem extension)
    • Syntax: -prvkfile_path >
    • Example: -prvk ../privateKey.pem
  • -public-key -pubk
    • Description: public key file txoj kev
    • Syntax: -pubFile_Path{1..8}>
      • Rau header v1: siv ib txoj hauv kev tseem ceeb rau STM32MP15xx cov khoom
      • Rau header v2 thiab ntau dua: siv yim txoj hauv kev rau lwm tus
  • -Password (-pwd)
    • Nqe lus piav qhia: lo lus zais ntawm tus yuam sij ntiag tug (tus password no yuav tsum muaj tsawg kawg yog plaub lub cim)
    • Example: -pwd azerty
    • • –load-chaw nyob (-la)
    • Nqe lus piav qhia: duab chaw nyob load
    • Example: -la
  • - nkag-point (-ep)
    • Nqe lus piav qhia: duab nkag point
    • Example: -ep
  • -option- chij (-ntawm)
    • Nqe lus piav qhia: duab xaiv chij (default value = 0)
    • Example: -os
  • -algorithm (-a)
    • Nqe lus piav qhia: qhia ib qho ntawm prime256v1 (tus nqi 1, lub neej ntawd) lossis brainpoolP256t1 (tus nqi 2)
    • Example: -a <2>
  • - tso zis (-o)
    • Nqe lus piav qhia: tso zis file txoj kev. Qhov no parameter yog xaiv tau. Yog tsis tau teev tseg, cov zis file yog generated ntawm tib qhov chaw file path (example, binary duab file yog C:\BinaryFile.bin). Kos npe binary file yog C:\BinaryFile_Signed.bin.
    • Syntax: -oFile_Pab>
  • -Type (-t)
    • Nqe lus piav qhia: binary hom. Cov txiaj ntsig tau yog ssbl, fsbl, teeh, teed, teex, thiab copro
    • Syntax: -t
  • - ntsiag to (-s)
    • Nqe lus piav qhia: tsis muaj cov lus tso tawm los hloov cov khoom tso tawm uas twb muaj lawm file
  • -pab (-h thiab -?)
    • Description: qhia kev pab
  • -version (-v)
    • Nqe lus piav qhia: qhia cov cuab yeej version
  • -enc-dc (-encdc)
    • Nqe lus piav qhia: encryption derivation tas li rau FSBL encryption [header v2]
    • Syntax: -encdc
  • -enc-key (-enck)
    • Nqe lus piav qhia: OEM zais cia file rau FSBL encryption [header v2]
    • Syntax: -enck
  • -dump-header (–dum)
    • Nqe lus piav qhia: parse thiab dump duab header
    • Syntax: -dumFile_Pab>
  • -header-version (-hv)
    • Nqe lus piav qhia: kos npe header version, qhov muaj peev xwm ua tau: 1, 2, 2.1, 2.2, thiab 2.3
    • Example for STM32MP15xx: -hv 2
    • Example for STM32MP25xx: -hv 2.2
    • Example for STM32N6xxx: -hv 2.3
  • -no-keys (-nk)
    • Nqe lus piav qhia: ntxiv lub taub hau khoob uas tsis muaj kev xaiv tseem ceeb
    • Daim ntawv ceeb toom: yuav tsum tau lov tes taw authentication xaiv nrog xaiv chij hais kom ua

Examples rau STM32-SignTool

Cov nram qab no examples qhia siv STM32-SignTool:

Examplwm 1

-bin /home/User/binaryFile.bin –pubk /home/user/publicKey.pem –prvk /home/user/privateKey.pem –iv 5 –pwd azerty –la 0x20000000 –ep 0x08000000 default algorithm (prime256v1) tus nqi yog xaiv thiab xaiv tus nqi. Qhov kos npe tso zis binary file (BinaryFile_Signed.bin) yog tsim nyob rau hauv /home/user/ folder

Examplwm 2

-bin /home/User/Folder1/binaryFile.bin –pubk /home/user/publicKey.pem –prvk /home/user/privateKey.pem –iv 5 –pwd azerty –s –la 0x20000000 –ep 0x08000000 –a 2 –o /home/user/Folder2/edFile.bin Lub BrainpoolP256t1 algorithm raug xaiv nyob rau hauv rooj plaub no. Txawm tias Folder2 thiab Folder3 tsis muaj, lawv raug tsim. Nrog cov lus txib -s, txawm tias a file muaj nyob nrog tib lub npe teev, nws tau hloov pauv yam tsis muaj lus.

Examplwm 3

Kos npe rau binary file siv header version 2 uas suav nrog yim tus yuam sij pej xeem rau kev lees paub qhov tseeb.

./STM32_SigningTool_CLI.exe -bin /home/user/input.bin -pubk publicKey00.pem publicKey01.pem publicKey02.pem publicKey03.pem publicKey04.pem publicKey05.pem publicKey06.pem publicKeyprv07.pem publicKey00.pem -t fsbl -iv 0x00000000 -la 0x20000000 -ep 0x08000000 -of 0x80000001 -o /home/user/output.stm32

Examplwm 4

Kos npe rau binary file siv header version 2 uas suav nrog yim tus yuam sij pej xeem rau kev lees paub ntxiv rau kev nkag mus.

./STM32_SigningTool_CLI.exe -bin /home/user/input.bin -pubk publicKey00.pem publicKey01.pem publicKey02.pem publicKey03.pem publicKey04.pem publicKey05.pem publicKey06.pem publicKeyprev07.pem publicKey00.pem 0x00000000 -pwd azerty -la 0x20000000 -ep 0x08000000 -t fsbl -of 0x00000003 -encdc 0x25205f0e -enck /home/user/OEM_SECRET.binusst -o /put32.

Examplwm 5

Txheeb xyuas cov duab tshwm sim los ntawm kev txheeb xyuas cov zis file thiab xyuas txhua qhov chaw header. ./STM32_SigningTool_CLI.exe -dump /home/user/output.stm32

Examplwm 6

Ntxiv lub header yam tsis tau kos npe thiab tsis siv cov yuam sij. STM32_SigningTool_CLI.exe -in input.bin -nk -of 0x0 -iv 1 -hv 2.2 -o output.stm32

Standalone hom

Thaum ua tiav STM32-SignTool hauv hom standalone, ib txoj hauv kev yuav tsum tau nkag mus ua ntej. Tom qab ntawv tus password raug thov ob zaug rau kev lees paub, raws li qhia hauv daim duab hauv qab no.

Daim duab 1. STM32-SignTool nyob rau hauv hom standalone

Cov kauj ruam tom ntej yog cov hauv qab no:

  • Xaiv ib qho ntawm ob algorithms.
  • Nkag mus rau daim duab version, daim duab nkag, thiab qhov chaw nyob ntawm daim duab load.
  • Nkag mus rau qhov kev xaiv chij tus nqi.

Lwm qhov tso zis file txoj kev tuaj yeem raug teev yog tias xav tau, lossis nias nkag mus txuas ntxiv nrog rau qhov uas twb muaj lawm.

PKCS#11 solution
Cov duab kos npe binary yog siv thaum lub sij hawm STM32 ruaj ntseg khau raj ua ntu zus uas txhawb nqa cov hlua khau khau uas ntseeg siab.
Qhov kev txiav txim no ua kom muaj kev lees paub thiab kev ncaj ncees ntawm cov duab uas tau teev tseg.
Cov lus txib kos npe classic thov kom txhua tus yuam sij rau pej xeem thiab ntiag tug raug muab tso rau hauv files. Cov no yog
ncaj qha mus saib tau los ntawm txhua tus neeg uas tau tso cai los ua qhov kev pabcuam kos npe. Thaum kawg, qhov no tuaj yeem xav txog
los ua kev ruaj ntseg leak. Muaj ntau txoj hauv kev los tiv thaiv cov yuam sij tiv thaiv kev sim nyiag cov ntaub ntawv tseem ceeb. Hauv no
Cov ntsiab lus, PKCS #11 kev daws teeb meem tau txais.
PKCS #11 API tuaj yeem siv los tswj thiab khaws cov yuam sij cryptographic. Qhov no interface qhia txog yuav ua li cas
sib txuas lus nrog cryptographic li xws li HSMs (hardware security modules) thiab smartcards. Cov
Lub hom phiaj ntawm cov cuab yeej no yog tsim cov yuam sij cryptographic thiab kos npe cov ntaub ntawv yam tsis tau nthuav tawm tus yuam sij ntiag tug
khoom siv rau lub ntiaj teb sab nraud.
Cov ntawv thov software tuaj yeem hu rau API siv cov khoom no rau:
• Tsim cov yuam sij symmetric / asymmetric
• Encryption thiab decryption
• Kev suav thiab txheeb xyuas qhov kos npe digital
PKCS #11 nthuav qhia rau cov ntawv thov ib qho, muaj laj thawj view ntawm cov cuab yeej hu ua cryptographic token thiab nws
muab tus lej ID rau txhua tus token. Ib daim ntawv thov txheeb xyuas lub token uas nws xav nkag los ntawm kev qhia qhov
tsim nyog qhov chaw ID.
STM32SigningTool yog siv los tswj cov khoom tseem ceeb uas khaws cia ntawm smartcards thiab zoo sib xws PKCS#11 kev ruaj ntseg
tokens qhov twg rhiab tus yuam sij ntiag tug yeej tsis tawm ntawm lub cuab yeej.
STM32SigningTool siv PKCS#11 interface los tswj thiab kos npe binaries raws li ECDSA
public/private keys. Cov yawm sij no tau muab khaws cia rau hauv cov tokens kev ruaj ntseg (hardware lossis software).

Ntxiv PKCS#11 cov lus txib

  • -Module (-m)
    • Nqe lus piav qhia: qhia PKCS # 11 module / tsev qiv ntawv txoj hauv kev kom thauj khoom (dll, yog li)
    • Syntax: -m
    • • –key-index (-ki)
  • -key-index (-ki)
    • Nqe lus piav qhia: daim ntawv teev cov yuam sij indexes hauv hex hom
      • Siv ib qhov Performance index rau header v1 thiab yim indexes rau header v2 (sib cais los ntawm qhov chaw)
    • Syntax: -ki
  • -slot-index (-si)
    • Nqe lus piav qhia: qhia qhov ntsuas qhov ntsuas ntawm qhov siv (default 0x0)
    • Syntax: -si
  • -slot-identifier (-sid)
    • Nqe lus piav qhia: qhia tus cim ntawm qhov siv (optional, decimal lossis hexadecimal format)
    • Syntax:-sib
      • Yog tias qhov kev xaiv -slot-identifier siv ib txhij nrog -slot-index, cov cuab yeej kuaj xyuas yog tias qhov kev teeb tsa no sib phim tib lub qhov. Tus cim qhia qhov ntsuas qhov ntsuas tau hais; txwv tsis pub, muaj qhov yuam kev tshwm sim.
      • Nws tuaj yeem siv -slot-identifier yam tsis tau hais txog -slot-index. Cov cuab yeej tshawb xyuas qhov ntsuas ntsuas qhov systematically.
  • -active-keyIndex (-aki)
    • Nqe lus piav qhia: qhia qhov tseeb qhov tseem ceeb index (default 0)
    • Syntax: -aki < hexValue >

PKH/PKTH file tiam

Tom qab kev ua haujlwm ntawm kev kos npe, cov cuab yeej systematically generates PKH files siv tom qab rau OTP fuse.

  • PKH file npe pkcsHashPublicKey0x{active_key_index}.bin rau header v1
  • PKTH file npe pkcsPublicKeysHashHashes.bin rau header v2

Examples

Cov cuab yeej tuaj yeem kos npe nkag files rau ob qho tib si header v1 thiab header v2, nrog qhov sib txawv me me hauv kab hais kom ua.

  • Lub taub hau v1
    -bin input.bin -iv - pwd -la -ep -t - ntawm -
    -key-index -aki 0 ​​-module - slot-index -o output.stm32
  • Lub taub hau v2
    -bin input.bin -iv - pwd -la -ep -t - ntawm --key-index -aki -module - slot-index -o output.stm0

Ib qho yuam kev ntawm kab hais kom ua, lossis qhov tsis muaj peev xwm ntawm lub cuab yeej los txheeb xyuas cov khoom tseem ceeb uas phim, ua rau cov lus yuam kev tshwm sim. Qhov no qhia txog lub hauv paus ntawm qhov teeb meem. Lub SigningTool tsuas tuaj yeem siv HSMs preconfigured, thiab nws tsis yog tsim los tswj lossis tsim cov khoom ruaj ntseg tshiab. Yog li ntawd, nws yog ib qho tsim nyog rau nruab software dawb los teeb tsa ib qho chaw tsim nyog. Cov yuam sij tuaj yeem raug tsim tawm, thiab cov ntaub ntawv hais txog cov khoom tau txais.

Qhov kev xaiv tus ID nkag mus:

  • -bin input.bin -type fsbl -hv 1 -key-index 0x40 -aki 0 ​​-module softhsm2.dll -password prg-dev -ep 0x2ffe4000 -s -si 0 -sid 0x51a53ad8 -la 0x2ffc2500 -iv 0 -of0 output.

yuam kev examples:

  • Invalid slot index

Daim duab 2. HSM TOKEN_NOT_RECOGNIZED
Tsis paub cov khoom tseem ceeb uas tau hais hauv -key-index hais kom ua

Daim duab 3. HSM OBJECT_HANDLE_INVALID

Cov cuab yeej kho cov khoom ua ntu zus. Yog tias nws tsis tuaj yeem txheeb xyuas cov khoom tseem ceeb ntawm qhov kev sim thawj zaug, kev ua haujlwm kos npe yuav nres cov txheej txheem. Cov lus yuam kev yog tom qab ntawd tso tawm kom pom qhov chaw ntawm qhov teeb meem.

Kev kho keeb kwm

Table 2. Cov ntaub ntawv kho dua tshiab

Hnub tim Version Hloov
14- Peb-2019 1 Kev tso tawm thawj zaug.
 

 

26-Nov-2021

  

 

2

 Hloov tshiab:

• Ntu 2.1: Cov lus txib

• Ntu 2.2: Examples rau STM32-SignTool

• Ntxiv Ntu 2.4: PKCS#11 daws
27-Lub Ib Hlis-2022 3 Hloov Kho Ntu 2.1: Cov lus txib
 

 

 

26-Lub Ib Hlis-2024

  

 

 

4

 Hloov nyob rau hauv tag nrho cov ntaub ntawv:

• STM32MP1 series los ntawm STM32MPx series

• STM32MP1-SignTool los ntawm STM32MP-SignTool

• STM32MP1-KeyGen los ntawm STM32MP-KeyGen

Hloov kho -public-key -pubk thiab ntxiv -header-version (-hv) thiab -no-keys (- nk) hauv Tshooj 2.1: Cov lus txib.

Ntxiv “Example 6" in Section 2.2: Examples rau STM32-SignTool.
 

 

 

14-Nov-2024

  

 

 

5

 Ntxiv:

• STM32N6 series rau cov khoom siv hloov pauv hauv tag nrho cov ntaub ntawv:

• STM32MP los ntawm STM32

Hloov tshiab:

• Ntu 2.1: Cov lus txib
 

06 - Peb 2025

  

6

 Hloov tshiab:

• Ntu 2.4.1: Ntxiv PKCS#11 cov lus txib

• Ntu 2.4.3: Examples

CEEB TOOM - Nyeem ua tib zoo nyeem

STMicroelectronics NV thiab nws cov chaw ua haujlwm (“ST”) muaj cai hloov pauv, kho, txhim kho, hloov kho, thiab txhim kho rau STproducts thiab/lossis cov ntaub ntawv no txhua lub sijhawm yam tsis muaj ntawv ceeb toom. Cov neeg yuav khoom yuav tsum tau txais cov ntaub ntawv tseem ceeb ntawm ST cov khoom ua ntej muab xaj. ST cov khoom raug muag raws li ST cov nqe lus thiab cov xwm txheej ntawm kev muag khoom nyob rau hauv qhov chaw thaum lub sijhawm lees paub kev txiav txim. Cov neeg yuav khoom tsuas yog lub luag haujlwm rau kev xaiv, xaiv, thiab siv cov khoom ST thiab ST xav tias tsis muaj kev lav phib xaub rau daim ntawv thov kev pab lossis kev tsim khoom ntawm cov neeg yuav khoom. Tsis muaj daim ntawv tso cai, qhia lossis qhia, rau txhua txoj cai kev txawj ntse tau tso cai los ntawm ST ntawm no. Kev muag khoom ntawm ST nrog cov kev cai sib txawv ntawm cov ntaub ntawv tau teev tseg hauv no yuav tsis muaj kev lav phib xaub uas tau tso cai los ntawm ST rau cov khoom zoo li no. ST thiab ST logo yog cov cim lag luam ntawm ST. Yog xav paub ntxiv txog ST cov cim lag luam, xa mus rau www.st.com/trademarks. Tag nrho lwm yam khoom lossis kev pabcuam npe yog cov cuab yeej ntawm lawv cov tswv. Cov ntaub ntawv hauv daim ntawv no hloov pauv thiab hloov cov ntaub ntawv yav dhau los uas tau muab rau hauv ib qho ua ntej ntawm daim ntawv no.

© 2025 STMicroelectronics - All rights reserved

FAQ

  • Q: Kuv yuav ua li cas yog tias kuv ntsib qhov yuam kev thaum siv STM32-SignTool?
    • A: Txheeb xyuas cov lus hais kom ua, xyuas kom meej tag nrho cov kev ntsuas yuav tsum tau muab kom raug, thiab xa mus rau tus neeg siv phau ntawv qhia txog kev daws teeb meem.
  • Q: Kuv puas tuaj yeem siv STM32-SignTool ntawm cov haujlwm sib txawv?
    • A: STM32-SignTool yog tsim los ua haujlwm ntawm cov haujlwm tshwj xeeb. Xa mus rau software specifications rau cov ntsiab lus compatibility.

Cov ntaub ntawv / Cov ntaub ntawv

ST Microelectronics STM32 Kos Npe Tool Software [ua pdf] Tus neeg siv phau ntawv
STM32N6 series, STM32MP1, STM32MP2 series, STM32 Kos npe cuab yeej Software, STM32, Kos npe cuab yeej Software, cuab yeej Software, Software

Cov ntaub ntawv

Cia ib saib

Koj email chaw nyob yuav tsis raug luam tawm. Cov teb uas yuav tsum tau muaj yog cim *