ọdịnaya zoo
1 ST Microelectronics STM32 Ngwanrọ nbinye aka
2 Okwu mmalite
3 Wụnye STM32-SignTool
4 STM32-SignTool interface ahịrị iwu
5 Exampmaka STM32-SignTool
6 FAQ
7 Akwụkwọ / akụrụngwa
7.1 Ntụaka

ST Microelectronics STM32 Ngwanrọ nbinye aka

Okwu mmalite

Ngwa ngwa nbinye aka nke STM32 (nke aha ya bụ STM32-SignTool na akwụkwọ a) jikọtara na STM32CubeProgrammer (STM32CubeProg). STM32-SignTool bụ ngwa ọrụ dị mkpa nke na-ekwe nkwa ikpo okwu echedoro ma hụ na ntinye aka na onyonyo ọnụọgụ abụọ site na iji igodo ECC mepụtara site na sọftụwia STM32-KeyGen ( rụtụ aka na nkọwapụta ngwa ngwa STM32 igodo generator (UM2542) maka nkọwa ndị ọzọ). A na-eji onyonyo ọnụọgụ abụọ bịanyere aka na ya n'oge usoro buut echedoro STM32 nke na-akwado yinye buut ntụkwasị obi. Ihe omume a na-eme ka nleba anya na nhụsianya nke onyonyo ndị ebujuru. STM32-SignTool na-ewepụta onyonyo ọnụọgụ abụọ file, igodo ọha file, na igodo nzuzo file. Onyonyo ọnụọgụ abụọ file nwere data ọnụọgụ abụọ a ga-ahazi maka ngwaọrụ ahụ. Igodo ọha file nwere igodo ọha ECC n'ụdị PEM, nke ejiri STM32-KeyGen mepụta. Igodo nzuzo file nwere igodo nzuzo ECC ezoro ezo n'ụdị PEM, nke ejiri STM32-KeyGen mepụta. ọnụọgụ abụọ bịanyere aka na ya file nwekwara ike ịmepụta site na nke abanyelarị file ya na ogbe file ọnọdụ. N'okwu a, paramita ndị a abụghị iwu: ebe ntinye onyonyo, adreesị ibu ihe onyonyo, na paramita ụdị onyonyo. Akwụkwọ a na-emetụta ngwaahịa ndị edepụtara na tebụl dị n'okpuru.

Tebụl 1. Ngwaahịa ndị ọdabara

Ụdị ngwaahịa Nọmba akụkụ ma ọ bụ usoro ngwaahịa
Microcontroller Usoro STM32N6
Microprocessor STM32MP1 na STM32MP2 usoro

Na ngalaba ndị a, STM32 na-ezo aka na ngwaahịa ndị edepụtara na tebụl dị n'elu, ọ gwụla ma ekwuru ya.

Wụnye STM32-SignTool

Ejiri ngwungwu STM32CubeProgrammer (STM32CubeProg) tinye ngwá ọrụ a. Maka ozi ndị ọzọ gbasara usoro ntọlite, rụtụ aka na ngalaba 1.2 nke nkọwa ngwanrọ STM32CubeProgrammer (UM2237). Akụrụngwa a na-akwado ngwaahịa STM32 dabere na ihe nrụpụta Arm® Cortex®.

Mara: Arm bụ ụghalaahịa edenyere n'akwụkwọ ikikere nke Arm Limited (ma ọ bụ ndị enyemaka ya) na US na/ma ọ bụ ebe ọzọ.

STM32-SignTool interface ahịrị iwu

Akụkụ ndị a na-akọwa otu esi eji STM32-SignTool site na ahịrị iwu.

Iwu

Edepụtara iwu ndị dị n'okpuru:

  • - ọnụọgụ abụọ-ihe oyiyi (-bin), - ntinye (-na)
    • Nkọwa: onyonyo ọnụọgụ abụọ file ụzọ (.bin ndọtị)
    • Syntax: 1-bin /home/User/binaryFile.bin
    • Syntax: 2 -in /home/User/binaryFile.bin
  • -ụdị-ụdị (-iv)
    • Nkọwa: na-abanye na ụdị onyonyo nke mbinye aka file
    • Syntax: -iv
  • - igodo nzuzo (-prvk)
    • Nkọwa: igodo nzuzo file ụzọ (.pem ndọtị)
    • Syntax: -prvkfile_ụzọ>
    • Example: -prvk ../privateKey.pem
  • - igodo ọha - pubk
    • Nkọwa: igodo ọha file ụzọ
    • Syntax: -pubkFile_Ụzọ{1..8}>
      • Maka nkụnye eji isi mee v1: jiri naanị otu igodo ụzọ maka ngwaahịa STM32MP15xx
      • Maka nkụnye eji isi mee v2 na karịa: jiri ụzọ igodo asatọ maka ndị ọzọ
  • - paswọọdụ (-pwd)
    • Nkọwa: paswọọdụ nke igodo nzuzo (okwuntughe a ga-enwerịrị opekata mpe mkpụrụedemede anọ)
    • Example: -pwd azerty
    • • –adreesị ibu (-la)
    • Nkọwa: adreesị ibu onyonyo
    • Example: -la
  • - ebe ntinye (-ep)
    • Nkọwa: ebe ntinye onyonyo
    • Exampnke: ep
  • -Nhọrọ-ọkọlọtọ (-nke)
    • Nkọwa: ọkọlọtọ nhọrọ oyiyi (uru ndabara = 0)
    • Example: -nke
  • algọrithm (-a)
    • Nkọwa: ezipụta otu n'ime prime256v1 (uru 1, ndabara) ma ọ bụ brainpoolP256t1 (uru 2)
    • Example: -a <2>
  • - mmepụta (-o)
    • Nkọwa: mmepụta file uzo. Nke a oke bụ nhọrọ. Ọ bụrụ na akọwapụtaghị ya, mmepụta file na-eme atthe otu isi iyi file ụzọ (maka example, onyonyo ọnụọgụ abụọ file bụ C: \ ọnụọgụ abụọFile.bin). ọnụọgụ abụọ bịanyere aka na ya file bụ C: \ ọnụọgụ abụọFile_Akara aka.bin.
    • Syntax: -oFile_Ụzọ>
  • -ụdị (-t)
    • Nkọwa: ụdị ọnụọgụ abụọ. Ụkpụrụ ndị nwere ike ịbụ ssbl, fsbl, teeh, teed, teex, na copro
    • Syntax: -t
  • -gbachi nkịtị (-s)
    • Nkọwa: enweghị ozi egosipụtara maka dochie mmepụta dị adị file
  • - enyemaka (-h na -?)
    • Nkọwa: na-egosi enyemaka
  • -ụdị (-v)
    • Nkọwa: na-egosiputa ụdị ngwá ọrụ
  • -enc-dc (-encdc)
    • Nkọwa: ntinye ezoro ezo mgbe niile maka izo ya ezo FSBL [nkụnye v2]
    • Syntax: -encdc
  • - igodo-enc (-enck)
    • Nkọwa: OEM nzuzo file maka izo ya ezo FSBL [onye isi v2]
    • Syntax: -nk
  • – mkpofu-isi (-nkpofu)
    • Nkọwa: tụgharịa ma tụfuo nkụnye eji isi mee ihe
    • Syntax: - kpofuoFile_Ụzọ>
  • -ụdị nkụnye eji isi mee (-hv)
    • Nkọwa: mbinye aka ụdị nkụnye eji isi mee, ụkpụrụ enwere ike: 1, 2, 2.1, 2.2, na 2.3
    • Exampmaka STM32MP15xx: -hv 2
    • Exampmaka STM32MP25xx: -hv 2.2
    • Example maka STM32N6xxx: -hv 2.3
  • -enweghị igodo (-nk)
    • Nkọwa: ịgbakwunye nkụnye eji isi mee na-enweghị nhọrọ igodo
    • Mara: mkpa iji gbanyụọ nhọrọ nyocha na iwu ọkọlọtọ nhọrọ

Exampmaka STM32-SignTool

Ndị na-esonụ examples gosi otu esi eji STM32-SignTool:

Example 1

-bin /home/User/BinarịFile.bin –pubk /home/user/publicKey.pem –prvk /home/user/privateKey.pem –iv 5 –pwd azerty –la 0x20000000 –ep 0x08000000 A na-ahọrọ algọridim ndabara (prime256v1) yana uru ọkọlọtọ nhọrọ bụ 0). ọnụọgụ abụọ mbinye aka file (Ọnụ abụọFile_Signed.bin) ka emebere na /home/user/ folder

Example 2

-bin /ụlọ/Onye ọrụ/Nchekwa1/Ọnọdụ abụọFile.bin –pubk /home/user/publicKey.pem –prvk /home/user/privateKey.pem –iv 5 –pwd azerty –s –la 0x20000000 –ep 0x08000000 –a 2 –o /home/signer/Folder2/edode3File.bin The BrainpoolP256t1 algọridim ka ahọpụtara na nke a. Ọbụlagodi na nchekwa 2 na nchekwa 3 adịghị, emepụtara ha. Site n'iwu -s, ọ bụrụgodị na a file dị na otu aha a kapịrị ọnụ, a na-edochi ya na-akpaghị aka na-enweghị ozi ọ bụla.

Example 3

Binye aka na ọnụọgụ abụọ file na-eji ụdị nkụnye eji isi mee 2 nke gụnyere igodo ọha asatọ maka mgbaba nyocha.

./STM32_SigningTool_CLI.exe -bin /home/user/input.bin -pubk ọhaKey00.pem ọhaKey01.pem ọhaKey02.pem ọhaKey03.pem ọhaKey04.pem ọhaKey05.pem ọhaKey06.pem ọhaKey07.pem ọhaKey00.pem ọhaKey0.pe nzuzo -t fsbl -iv 00000000x0 -la 20000000x0 -ep 08000000x0 -nke 80000001x32 -o /home/user/output.stmXNUMX

Example 4

Binye aka na ọnụọgụ abụọ file na-eji ụdị nkụnye eji isi mee 2 nke gụnyere igodo ọha asatọ maka nyocha yana ntinye nzuzo.

./STM32_SigningTool_CLI.exe -bin /home/user/input.bin -pubk ọhaKey00.pem ọhaKey01.pem ọhaKey02.pem ọhaKey03.pem ọhaKey04.pem ọhaKey05.pem ọhaKey06.pem ọhaKey07.pem ọhaKey00.pem ọhaKey0.pe nzuzo 00000000x0 -pwd azerty -la 20000000x0 -ep 08000000x0 -t fsbl -nke 00000003x0 -encdc 25205x0f32e -enck /home/user/OEM_SECRET/usXNUMXm

Example 5

Nyochaa onyonyo arụpụtara site n'ịtụle nsonaazụ file ma lelee mpaghara nkụnye eji isi mee nke ọ bụla. ./STM32_SigningTool_CLI.exe -dump /home/user/output.stm32

Example 6

Tinye nkụnye eji isi mee na-enweghị mbinye aka yana na-ebunyeghị igodo. STM32_SigningTool_CLI.exe -in input.bin -nk -nke 0x0 -iv 1 -hv 2.2 -o mmepụta.stm32

Ọnọdụ kwụụrụ onwe ya

Mgbe ị na-eme STM32-SignTool na ọnọdụ kwụ ọtọ, a ga-ebu ụzọ tinye ụzọ zuru oke. A na-arịọzi paswọọdụ ugboro abụọ maka nkwenye, dị ka egosiri na foto dị n'okpuru.

Ọgụgụ 1. STM32-Ngwaọrụ Signal na ọnọdụ kwụ ọtọ

Nzọụkwụ na-esote bụ ndị a:

  • Họrọ otu n'ime algọridim abụọ ahụ.
  • Tinye ụdị onyonyo, ebe ntinye onyonyo, na adreesị ibu onyonyo.
  • Tinye uru ọkọlọtọ nhọrọ.

Ihe mmepụta ọzọ file Enwere ike ịkọwa ụzọ ma ọ dị mkpa, ma ọ bụ pịa tinye ka ịga n'ihu na nke dị.

PKCS#11 ngwọta
A na-eji onyonyo ọnụọgụ abụọ bịanyere aka na ya n'oge usoro buut echedoro STM32 nke na-akwado yinye buut ntụkwasị obi.
Ihe omume a na-eme ka nleba anya na nhụsianya nke onyonyo ndị ebujuru.
Iwu mbinye aka ochie na-arịọ ka enyenye igodo ọha na nke nzuzo dịka ntinye files. Ndị a bụ
onye ọ bụla na-ekwe ka ọ rụọ ọrụ mbinye aka nwere ike ịnweta ozugbo. N'ikpeazụ, enwere ike ịtụle nke a
na-a nche ntapu. Enwere ọtụtụ ụzọ iji chebe igodo megide mbọ ọ bụla izu ohi data. Na nke a
N'okwu ya, anabatala PKCS#11 ngwọta.
Enwere ike iji PKCS#11 API ijikwa ma chekwaa igodo nzuzo. Nke a interface ezipụta ka esi
na-akpakọrịta na ngwaọrụ cryptographic dị ka HSM (modul nchekwa ngwaike) na smartcards. Nke
Ebumnuche nke ngwaọrụ ndị a bụ ịmepụta igodo cryptographic na banye ozi na-egosighi igodo nzuzo
ihe na n'èzí ụwa.
Ngwa ngwa ngwa nwere ike ịkpọ API iji ihe ndị a maka:
• Mepụta igodo symmetric/asymmetric
• ezoro ezo na ntupu
• Ịgbakọ na nyochaa mbinye aka dijitalụ
PKCS #11 na-egosi ngwa a na-ahụkarị, ezi uche view nke ngwaọrụ a na-akpọ cryptographic token na ya
na-ekenye oghere oghere na akara ngosi ọ bụla. Ngwa na-achọpụta akara ọ chọrọ ịnweta site na ịkọwapụta
NJ oghere kwesịrị ekwesị.
A na-eji STM32SigningTool jikwaa isi ihe echekwara na smartcards yana nchekwa PKCS#11 yiri ya.
akara ngosi ebe igodo nzuzo adịghị ahapụ ngwaọrụ ahụ.
STM32SigningTool na-eji PKCS#11 interface iji megharịa na bịanye aka na ọnụọgụ ntinye dabere na ECDSA.
igodo ọha/onwe. A na-echekwa igodo ndị a na akara nchekwa (ngwaike ma ọ bụ ngwanrọ).

Iwu PKCS#11 agbakwunyere

  • -modul (-m)
    • Nkọwa: ezipụta usoro PKCS#11 modul/ụzọ ọba akwụkwọ iji buo ya (dll, so)
    • Syntax:-m
    • • -key-index (-ki)
  • - igodo-index (-ki)
    • Nkọwa: ndepụta ndepụta igodo ejiri mee ihe na usoro hex
      • Jiri otu ndeksi maka nkụnye eji isi mee v1 na ndeksi asatọ maka nkụnye eji isi mee v2 (nke oghere kewara)
    • Syntax: -ki
  • -oghere-index (-si)
    • Nkọwa: ezipụta ndepụta ntụaka nke oghere ị ga-eji (0x0 ndabara)
    • Syntax:-si
  • – oghere – ihe nchọpụta (-sid)
    • Nkọwa: ezipụta ihe nchọpụta oghere ị ga-eji (nhọrọ, n'ụdị decimal ma ọ bụ hexadecimal)
    • Syntax:-sid
      • Ọ bụrụ na-eji nhọrọ –slot-identifier n'out oge na-slot-index, ngwá ọrụ na-enyocha ma ọ bụrụ na nhazi a dabara n'otu oghere ahụ. Ihe njirimara na-egosipụta index nke ekwuru; ma ọ bụghị ya, njehie na-eme.
      • Ọ ga-ekwe omume iji -slot-identifier na-ekwupụtaghị -slot-index. Ngwá ọrụ ahụ na-achọpụta ndepụta nke oghere n'usoro.
  • -Index-key na-arụ ọrụ (-aki)
    • Nkọwa: ezipụta ndepụta igodo na-arụ ọrụ n'ezie (nke mbụ 0)
    • Syntax: -aki <hexValue>

PKH/PKTH file ọgbọ

Mgbe nhazi nke ọrụ ntinye aka, ngwá ọrụ ahụ na-emepụta PKH n'usoro files iji mgbe maka OTP fuse.

  • PKH file akpọrọ pkcsHashPublicKey0x{active_key_index}.bin maka nkụnye eji isi mee v1
  • PKTH file akpọrọ pkcsPublicKeysHashHashes.bin maka nkụnye eji isi mee v2

Examples

Ngwa nwere ike banye ntinye files maka ma nkụnye eji isi mee v1 na nkụnye eji isi mee v2, yana obere ọdịiche dị na ahịrị iwu.

  • Isi v1
    -bin ntinye.bin -iv -pwd -la -ep -t -nke -
    - igodo-index -aki 0 ​​-modul - oghere-index -o mmepụta.stm32
  • Isi v2
    -bin ntinye.bin -iv -pwd -la -ep -t -nke - - igodo-index -aka - modul - oghere-index -o mmepụta.stm0

Njehie dị na ahịrị iwu, ma ọ bụ enweghị ike nke ngwaọrụ iji chọpụta isi ihe dabara na ya, na-eme ka egosipụta ozi njehie. Nke a na-egosi isi iyi nke nsogbu ahụ. Ngwá ọrụ Signing nwere ike iji naanị HSM ahaziri ahazi, ma emeghị ya iji jikwaa ma ọ bụ mepụta ihe nchekwa ọhụrụ. Ya mere, ọ dị mkpa ịwụnye ngwanrọ n'efu iji guzobe ebe kwesịrị ekwesị. Enwere ike ịmepụta igodo ndị ahụ, yana ozi gbasara ihe enwetara.

Nhọrọ njirimara oghere:

  • -bin ntinye.bin -ụdị fsbl -hv 1 -key-index 0x40 -aki 0 ​​-module softhsm2.dll -password prg-dev -ep 0x2ffe4000 -s -si 0 -sid 0x51a53ad8 -la 0x2ffc2500 -iv0x0st80000000 -of32 -ofXNUMX

Erro examples:

  • Ndekọ oghere na ezighi ezi

Ọgụgụ 2. HSM TOKEN_NOT_RECOGNIZED
Ihe igodo amaghi ama nke ekwuru na iwu igodo-index

Ọgụgụ 3. HSM OBJECT_HANDLE_INVALID

Ngwá ọrụ na-emeso ihe ndị ahụ n'usoro. Ọ bụrụ na ọ nweghị ike ịchọpụta isi ihe dakọtara na nnwale mbụ, ọrụ mbinye aka na-akwụsị usoro ahụ. A na-egosipụtakwa ozi mperi iji gosi ebe nsogbu ahụ si abịa.

Akụkọ ngbanwe

Tebụl 2. Akụkọ ndegharị akwụkwọ

Ụbọchị Ụdị Mgbanwe
14-February-2019 1 Ntọhapụ mbụ.
 

 

26-Nọvemba-2021

  

 

2

 Emelitere:

• Nkebi 2.1: Iwu

• Nkebi 2.2: Ọpụampmaka STM32-SignTool

• agbakwunyere Nkebi 2.4: PKCS#11 ngwọta
27-June-2022 3 Nkebi 2.1 emelitere: Iwu
 

 

 

26-June-2024

  

 

 

4

 Dochiri n'ime akwụkwọ niile:

• Usoro STM32MP1 site na usoro STM32MPx

• STM32MP1-Ngwaọrụ akara nke STM32MP-SignTool

• STM32MP1-KeyGen sitere na STM32MP-KeyGen

Emelitere – igodo ọha -pubk wee gbakwunye –ụdị isi (-hv) na –enweghị igodo (- nk) na ngalaba 2.1: Iwu.

agbakwunyere “Example 6” na Nkebi 2.2: Ọpụampmaka STM32-SignTool.
 

 

 

14-Nọvemba-2024

  

 

 

5

 agbakwunyere:

• Usoro STM32N6 na ngwaahịa ndị ọdabara Dochiri n'ime akwụkwọ niile:

• STM32MP nke STM32

Emelitere:

• Nkebi 2.1: Iwu
 

06-Mar-2025

  

6

 Emelitere:

• Nkebi 2.4.1: Mgbakwunye PKCS#11 iwu

• Nkebi 2.4.3: Ọpụamples

ỌMỤMỤ dị mkpa – Gụọ nke ọma

STMicroelectronics NV na ndị enyemaka ya (“ST”) debere ikike ime mgbanwe, ndozi, nkwalite, mgbanwe na nkwalite na ngwaahịa ST na/ma ọ bụ akwụkwọ a n'oge ọ bụla na-enweghị ọkwa. Ndị na-azụ ahịa kwesịrị ịnweta ozi kacha ọhụrụ dị mkpa na ngwaahịa ST tupu ha etinye iwu. A na-ere ngwaahịa ST dabere na usoro na ọnọdụ ọrịre nke ST n'oge nnabata. Ndị na-azụ ahịa bụ naanị maka nhọrọ, nhọrọ, na ojiji nke ngwaahịa ST yana ST anaghị ewere ụgwọ ọ bụla maka enyemaka ngwa ma ọ bụ imepụta ngwaahịa ndị zụrụ ya. Enweghị ikike, ekwupụtara ma ọ bụ egosipụtara, ikike ikike ọgụgụ isi ọ bụla nke ST nyere n'ime ebe a. Mweghachi nke ngwaahịa ST nwere ndokwa dị iche na ozi e depụtara n'ime ya ga-emebi akwụkwọ ikike ọ bụla ST nyere maka ụdị ngwaahịa a. ST na akara ST bụ ụghalaahịa nke ST. Maka ozi ndị ọzọ gbasara ụghalaahịa ST, rụtụ aka na www.st.com/trademarks. Ngwaahịa ma ọ bụ aha ọrụ ndị ọzọ bụ ihe onwunwe nke ndị nwe ha. Ozi dị n'ime akwụkwọ a nọchiri ma dochie ozi enyere na mbụ na ụdị akwụkwọ a mbụ.

© 2025 STMicroelectronics – Ikike niile echekwabara

FAQ

  • Ajụjụ: Gịnị ka m ga-eme ma ọ bụrụ na m zutere njehie mgbe m na-eji STM32-SignTool?
    • A: Lelee syntax iwu ahụ, hụ na etinyere paramita niile achọrọ nke ọma, ma rụtụ aka na ntuziaka onye ọrụ maka ndụmọdụ nsogbu.
  • Ajụjụ: Enwere m ike iji STM32-SignTool na sistemụ arụmọrụ dị iche iche?
    • A: STM32-SignTool e mere na-arụ ọrụ na kpọmkwem sistem. Rụtụ aka na nkọwapụta ngwanrọ maka nkọwa ndakọrịta.

Akwụkwọ / akụrụngwa

ST Microelectronics STM32 Ngwanrọ nbinye aka [pdf] Akwụkwọ ntuziaka onye ọrụ
Usoro STM32N6, STM32MP1, STM32MP2 usoro, STM32 Ngwa ngwa nbinye aka, STM32, Ngwa ngwa nbinye, Ngwa ngwa, Ngwanrọ

Ntụaka

Hapụ ikwu

Agaghị ebipụta adreesị ozi-e gị. Akara mpaghara achọrọ akara *