Zviri mukati hide
1 STM32MPx Series Kusaina Tool Software
2 Product Information
3 Mirayiridzo Yekushandiswa Kwechigadzirwa
4 Mibvunzo Inowanzo bvunzwa (FAQ)
5 Nhanganyaya
6 Isa STM32MP-SignTool
7 STM32MP-SignTool yekuraira-mutsara interface
7.1 PKCS#11 mhinduro
8 Nhoroondo yekudzokorora
9 CHIZIVISO CHINOKOSHA – VERENGA ZVAKANAKA
10 Zvinyorwa / Zvishandiso
10.1 References
11 Related Posts

Signing-Tool-logo

STM32MPx Series Kusaina Tool Software

Product Information

Zvinodiwa:

  • Product NameMufananidzo we STM32MP-SignTool
  • Shanduro: UM2543 - Rev 4
  • Release Date: Chikumi 2024

Mirayiridzo Yekushandiswa Kwechigadzirwa

Kuiswa:
Kuisa STM32MP-SignTool, tevera matanho anopiwa mubhuku rekushandisa.

Command-Line Interface:
Iyi mirairo inotevera inowanikwa kana uchishandisa STM32MP-SignTool kubva pamutsetse wekuraira:

  • -binary-image(-bin), -input(-in)
  • - mufananidzo-shanduro (-iv)
  • -private-kiyi (-prvk)
  • -public-kiyi -pubk

Exampzvishoma:
Tarisa kune exampzviri pazasi kuti unzwisise kuti ungashandisa sei STM32MP-SignTool zvinobudirira:

  1. Example 1: Default algorithm kusarudzwa uye kubuda file kusikwa.
  2. Example 2: Kusaina bhinari file ine musoro vhezheni 2 uye akawanda eruzhinji makiyi.

Standalone Mode:
Paunenge uchishandisa STM32MP-SignTool mune Standalone modhi, tevera matanho aya:

  1. Pinda nzira yakakwana kutanga.
  2. Ipa ruzivo rwunodiwa senge algorithm kusarudzwa, mufananidzo vhezheni, yekupinda, uye kero yekuremedza.

Mibvunzo Inowanzo bvunzwa (FAQ)

  • Ndinosimbisa sei mufananidzo wakabuda file?
    Iwe unogona kuonesa mufananidzo wabuda nekupatsanura zvabuda file uye kutarisa munda wega wega wemusoro. Shandisa murairo:  ./STM32MP_SigningTool_CLI.exe -dump /home/user/output.stm32
  • Ndeupi musiyano uripo pakati pezvinyorwa zvemusoro zvekusaina?
    Iyo yemusoro vhezheni inotara nhamba yemakiyi eruzhinji anodiwa kuti aite chokwadi. For example, musoro vhezheni 1 inoda imwe kiyi nzira yeSTM32MP15xx zvigadzirwa, nepo musoro vhezheni 2 uye yakakura inoda sere makiyi nzira kune vamwe.

Nhanganyaya

  • Iyo STM32MPx yakatevedzana yekusaina chishandiso software (inonzi STM32MP-SignTool mugwaro iri) yakabatanidzwa muSTM32CubeProgrammer (STM32CubeProg).
  • STM32MP-SignTool chishandiso chakakosha chinovimbisa chikuva chakachengeteka uye chinoona kusaina kwemifananidzo yebhinari uchishandisa makiyi eECC anogadzirwa neSTM32MP-KeyGen software (tarisa kubhuku remushandisi STM32MPx akatevedzana kiyi generator software tsananguro (UM2542) kuti uwane rumwe ruzivo).
  • Iwo akasainwa mabhinari mifananidzo anoshandiswa panguva yeSTM32MPx yakatevedzana MPU yakachengeteka bhutsu sequence inotsigira yakavimbika boot cheni. Chiito ichi chinovimbisa huchokwadi uye kutendeseka cheki yemifananidzo yakatakura.
  • STM32MP-SignTool inogadzira mufananidzo webhinari file, kiyi yeruzhinji file, uye kiyi yakavanzika file.
  • Mufananidzo webhinari file ine data yebhinari ichagadzirirwa mudziyo.
  • Kiyi yeruzhinji file ine ECC yeruzhinji kiyi muPEM fomati, yakagadzirwa neSTM32MP-KeyGen.
  • Kiyi yakavanzika file ine yakavharidzirwa ECC yakavanzika kiyi muPEM fomati, yakagadzirwa neSTM32MP-KeyGen.
  • Bhanari yakasainwa file inogona zvakare kugadzirwa kubva kune yakasaina kare file ne batch file mode. Muchiitiko ichi, maparamendi anotevera haasungirwe: nzvimbo yekupinda yemufananidzo, kero yemutoro wemufananidzo, uye paramita yemufananidzo.

Isa STM32MP-SignTool

  • Ichi chishandiso chakaiswa neiyo STM32CubeProgrammer package (STM32CubeProg). Kuti uwane rumwe ruzivo nezve maitiro ekuseta, tarisa kune chikamu 1.2 chemushandisi bhuku STM32CubeProgrammer tsananguro software (UM2237).
  • Iyi software inoshanda kune STM32MPx yakatevedzana Arm®-based MPUs.
    Cherechedza: Arm chiratidzo chakanyoreswa cheArm Limited (kana vatsigiri vayo) muUS uye/kana kumwewo.

STM32MP-SignTool yekuraira-mutsara interface

Zvikamu zvinotevera zvinotsanangura maitiro ekushandisa STM32MP-SignTool kubva pamutsetse wekuraira.

Mirairo
Mirairo iripo yakanyorwa pazasi:

  • -binary-image(-bin), -input(-in)
    • Tsanangudzo: binary mufananidzo file nzira (.bin extension)
    • Syntax: 1 -bhini /home/Mushandisi/bhinariFile.bin
    • Syntax :2 -in /home/User/binaryFile.bin
  • - mufananidzo-shanduro (-iv)
    • Tsanangudzo: inopinda mushanduro yemufananidzo yemufananidzo wakasainwa file
    • Syntax: -iv
  • -private-kiyi (-prvk)
    • Tsanangudzo: private key file nzira (.pem extension)
    • Syntax: -prvkfile_nzira>
    • Example: -prvk ../privateKey.pem
  • -public-kiyi -pubk
    • Tsanangudzo: kiyi yeruzhinji file nzira
    • Syntax: -pubkFile_Nzira{1..8}>
      • Yemusoro v1: shandisa nzira imwechete yakakosha yeSTM32MP15xx zvigadzirwa
      • Pamusoro pemusoro v2 uye mukuru: shandisa nzira sere dzemakiyi kune vamwe
  • -password (-pwd)
    • Tsanangudzo: password yekiyi yakavanzika (password iyi inofanirwa kunge iine mavara mana)
    • Example: -pwd azerty
  • -load-address (-la)
    • Tsanangudzo: mufananidzo mutoro kero
    • Example: -la
  • -yekupinda-nzvimbo (-ep)
    • Tsanangudzo: mufananidzo wekupinda nzvimbo
    • Example: -ep
  • -sarudzo-mureza (-ye)
    • Tsanangudzo: mufananidzo sarudzo mireza (default value = 0)
    • Example: -of
  • -algorithm (-a)
    • Tsanangudzo: inotsanangura imwe yeprime256v1 (value 1, default) kana brainpoolP256t1 (kukosha 2)
    • Example: -a <2>
  • -kubuda (-o)
    • Tsanangudzo: output file nzira. Iyi parameter ndeyekusarudza. Kana zvisina kutaurwa, zvinobuda file inogadzirwa panzvimbo imwe chete file nzira (semuenzanisoample, iyo binary mufananidzo file iri C:\BinaryFile.bhini). Bhanari yakasainwa file iri C:\BinaryFile_Signed.bin.
    • Syntax: -oFile_Nzira>
  • -rudzi (-t)
    • Tsanangudzo: binary type. Hunhu hunobvira ndeiyi ssbl, fsbl, teeh, teed, teex uye copro
    • Syntax: -t
  • -nyarara (-s)
    Tsanangudzo: hapana meseji inoratidzwa yekutsiva iripo yabuda file
  • -help (-h uye -?)
    Tsanangudzo:     inoratidza rubatsiro
  • -shanduro (-v)
    Tsanangudzo: inoratidza chishandiso vhezheni
  • -enc-dc (-encdc)
    • Tsanangudzo: encryption inotorwa nguva dzose yeFSBL encryption [musoro v2]
    • Syntax: -encdc
  • -enc-kiyi (-enck)
    • Tsanangudzo: OEM chakavanzika file yeFSBL encryption [musoro v2]
    • Syntax: -enck
  • -dump-header (-dump)
    • Tsanangudzo: ongorora uye urase musoro wemufananidzo
    • Syntax: -dumpFile_Nzira>
  • -musoro-vhezheni (-hv)
    • Tsanangudzo: kusaina musoro wevhezheni, zvinokwanisika kukosha: 1, 2, 2.1, 2.2
    •  Example ye STM32MP15: -hv 2
    • Example ye STM32MP25: -hv 2.2
  • -no-makiyi (-nk)
    • Tsanangudzo: kuwedzera musoro usina chinhu pasina makiyi sarudzo
    • Cherechedza: inoda kudzima sarudzo yechokwadi neOption mireza yekuraira.

Exampzvimwe zve STM32MP-SignTool
Anotevera exampratidza mashandisiro e STM32MP-SignTool:

  • Example 1 

    STM32MPx-Series-Signing-Tool-Software-fig-1
    Iyo yakasarudzika algorithm (prime256v1) inosarudzwa uye sarudzo yemureza kukosha ndeye 0 (default value). Iyo yakasainwa yakabuda binary file (BinaryFile_Signed.bin) inogadzirwa mu /home/user/ folda

  • Example 2STM32MPx-Series-Signing-Tool-Software-fig-2

    Iyo BrainpoolP256t1 algorithm inosarudzwa mune iyi kesi. Kunyangwe kana Folder2 uye Folder3 isipo, inogadzirwa. Ne -s murairo, kunyange kana a file iripo ine zita rakataurwa, rinotsiviwa pasina meseji.

  • Example 3
    Saina binary file uchishandisa musoro vhezheni 2 iyo inosanganisira masere eruzhinji makiyi ekuyerera kwechokwadi.STM32MPx-Series-Signing-Tool-Software-fig-3
  • Example 4
    Saina binary file uchishandisa musoro vhezheni 2 iyo inosanganisira masere eruzhinji makiyi ekusimbisa uye encryption kuyerera.STM32MPx-Series-Signing-Tool-Software-fig-4
  • Example 5
    Chengetedza mufananidzo wabuda nekupatsanura zvabuda file uye tarisa imwe neimwe yemusoro ndima.STM32MPx-Series-Signing-Tool-Software-fig-5
  • Example 6
    Wedzera musoro usina kusaina uye pasina kutumira makiyi.STM32MPx-Series-Signing-Tool-Software-fig-6

Standalone mode
Paunenge uchiita STM32MP-SignTool muStandalone modhi, nzira yakakwana inofanira kutanga yapinzwa. Pasiwedhi inokumbirwa kaviri kuti isimbiswe, sezvinoratidzwa pamufananidzo uri pazasi.

STM32MPx-Series-Signing-Tool-Software-fig-7

Matanho anotevera ndeaya anotevera:

  • Sarudza imwe yeaviri algorithms.
  • Pinda mufananidzo wevhezheni, nzvimbo yekupinda mufananidzo, uye kero yemufananidzo.
  • Pinda iyo sarudzo yemureza kukosha.
    Kumwe kubuda file nzira inogona kutsanangurwa kana ichidikanwa, kana dzvanya Enter kuti uenderere mberi neiripo.
PKCS#11 mhinduro
  • Iwo akasainwa mabinari mifananidzo anoshandiswa panguva yeSTM32MP yakachengeteka bhutsu sequence inotsigira yakavimbika boot cheni. Ichi chiito chinovimbisa huchokwadi uye kutendeseka cheki yemifananidzo yakatakura.
  • Yemhando yekusaina yekuraira inokumbira kuti makiyi ese eruzhinji neakavanzika apiwe sekupinza files. Aya anowanikwa zvakananga nemunhu chero upi zvake anotenderwa kuita basa rekusaina. Pakupedzisira, izvi zvinogona kutorwa sekuchengetedzwa kwekuchengetedza. Pane mhinduro dzinoverengeka dzekuchengetedza makiyi kubva kune chero kuedza kuba data kiyi. Muchirevo chechinyorwa chino, mhinduro yePKCS#11 yakagamuchirwa.
  • Iyo PKCS#11 API inogona kushandiswa kubata nekuchengetedza cryptographic kiyi. Iyi interface inotsanangura nzira yekutaurirana necryptographic zvishandiso senge HSMs (hardware kuchengetedza modules) uye smartcards. Chinangwa chemidziyo iyi kugadzira makiyi ecryptographic uye kusaina ruzivo pasina kuburitsa zvakavanzika-kiyi zvinhu kune kunze kwenyika.
  • Zvishandiso zveSoftware zvinogona kufonera API kushandisa zvinhu izvi ku:
    • Gadzira symmetric/asymmetric kiyi
    • Encryption uye decryption
    • Komputa uye simbisa siginecha yedhijitari
  • PKCS #11 inopa kune zvikumbiro zvakajairika, zvine musoro view yemudziyo unonzi cryptographic token uye unopa slot ID kune yega tokeni. Chikumbiro chinozivisa chiratidzo chainoda kuwana nekutsanangura yakakodzera slot ID.
  • Iyo STM32SigningTool inoshandiswa kubata zvinhu zvakakosha zvakachengetwa pasmartcards uye akafanana PKCS#11 chengetedzo tokeni uko makiyi akavanzika akavanzika haambosiya mudziyo.
  • Iyo STM32SigningTool inoshandisa iyo PKCS#11 interface kunyengedza nekusaina mabhinari ekuisa zvichienderana neECDSA makiyi eruzhinji/akavanzika. Aya makiyi anochengetwa mumatokeni ekuchengetedza (hardware kana software).

Yekuwedzera PKCS#11 mirairo

  • -module (-m)
    • Tsanangudzo: tsanangura PKCS#11 module/raibhurari nzira yekuisa (dll, saka)
    • Syntax:-m
  • -kiyi-index (-ki)
    • -kiyi-index (-ki)
    • Tsanangudzo: rondedzero yeakashandiswa makiyi indexes mune hex fomati
      Shandisa imwe index yemusoro v1 uye masere indexes emusoro v2 (yakaparadzaniswa nenzvimbo)
    • Syntax: -ki
  • -slot-index (-si)
    • Tsanangudzo: tsanangura indekisi ye slot yekushandisa (default 0x0)
    • Syntax:-si
  • -active-keyIndex (-aki)
    • Tsanangudzo: tsanangura iyo chaiyo inoshanda kiyi index (default 0)
    • Syntax: -aki < hexValue >

PKH/PKTH file generation
Mushure mekugadzirisa basa rekusaina, chishandiso chinogadzira PKH files yekushandisa mushure meOTP fuse.

  • PKH file yakanzi pkcsHashPublicKey0x{active_key_index}.bin yemusoro v1
  • PKTH file yakanzi pkcsPublicKeysHashHashes.bin yemusoro v2

Examples
Chishandiso chinogona kusaina mapindiro files yezvose musoro v1 uye musoro v2, ine musiyano mudiki mumutsetse wekuraira.

  • Musoro v1 

    STM32MPx-Series-Signing-Tool-Software-fig-8

  • Musoro v2 

    STM32MPx-Series-Signing-Tool-Software-fig-9

    • Kukanganisa pamutsara wekuraira, kana kusakwanisa kwechishandiso kuona zvinhu zvakakosha zvinoenderana, zvinoita kuti meseji yemhosho iratidzike. Izvi zvinoratidza kwakabva dambudziko.
    • Iyo SigningTool inokwanisa chete kushandisa preconfigured HSMs, uye haina kugadzirwa kubata kana kugadzira zvinhu zvitsva zvekuchengetedza. Naizvozvo, zvinodikanwa kuisa software yemahara kumisikidza nzvimbo yakakodzera. Makiyi anogona kubva agadzirwa, uye ruzivo nezvezvinhu zvakawanikwa.

Error exampzvishoma:

  • Slot index haisiriyoSTM32MPx-Series-Signing-Tool-Software-fig-10
  • Chinhu chakakosha chisingazivikanwe chinotaurwa mu -key-index commandSTM32MPx-Series-Signing-Tool-Software-fig-11
    Chishandiso chinobata zvinhu zvakatevedzana. Kana ikasakwanisa kuona zvinhu zvakakosha pakuedza kwekutanga, kusaina kumisa maitiro. Meseji yemhosho inozoratidzwa kuratidza kwabva dambudziko.

Nhoroondo yekudzokorora

Date Version Kuchinja
14-Feb-2019 1 Kusunungurwa kwekutanga.
 

 

26-Nov-2021

  

 

2

 Updated:

• Chikamu 2.1: Mirairo

• Chikamu 2.2: Eksampzvimwe zve STM32MP-SignTool

• Yakawedzerwa Chikamu 2.4: PKCS#11 mhinduro
27-Jun-2022 3 Yakagadziridzwa Chikamu 2.1: Mirairo
 

 

 

26-Jun-2024

  

 

 

4

 Yakatsiviwa mugwaro rose:

• STM32MP1 series by STM32MPx series

• STM32MP1-SignTool neSTM32MP-SignTool

• STM32MP1-KeyGen neSTM32MP-KeyGen

Yakagadziridzwa -public-kiyi -pubk uye yakawedzerwa -header-version (-hv) uye -no-makiyi (- nk) muChikamu 2.1: Mirairo.

Yakawedzerwa "Muenzaniso 6" muChikamu 2.2: Eksampzvimwe zve STM32MP-SignTool.

CHIZIVISO CHINOKOSHA – VERENGA ZVAKANAKA

  • STMicroelectronics NV nevatsigiri vayo (“ST”) vanochengeta kodzero yekuita shanduko, kugadzirisa, kuvandudza, gadziridzo, uye kuvandudza kune ST zvigadzirwa uye/kana kugwaro iri chero nguva pasina chiziviso. Vatengi vanofanirwa kuwana ruzivo rwazvino rwakakodzera pane zvigadzirwa zveST vasati vaisa maodha. Zvigadzirwa zveST zvinotengeswa zvichiteerana ne ST zvirevo uye mamiriro ekutengesa aripo panguva yekuodha kubvuma.
  • Vatengi ndivo vane basa rekusarudza, kusarudza, uye kushandiswa kweST zvigadzirwa uye ST haitore mhosva yerubatsiro rwekushandisa kana dhizaini yezvigadzirwa zvevatengi.
  • Hapana rezinesi, kutaura kana kurehwa, kune chero kodzero yepfuma inopihwa neST muno.
  • Kutengeswazve kwezvigadzirwa zveST zvine zvipimo zvakasiyana neruzivo rwataurwa pano kuchabvisa chero waranti yakapihwa neST yechigadzirwa chakadaro.
  • ST uye ST logo zviratidzo zve ST. Kuti uwane rumwe ruzivo nezve ST trademarks, tarisa kune www.st.com/trademarks. Zvese zvimwe zvigadzirwa kana sevhisi mazita zvinhu zvevaridzi vazvo.
  • Ruzivo rwuri mugwaro rino rinotsiva uye kutsiva ruzivo rwakambopihwa mune chero shanduro dzekare dzegwaro iri.
    © 2024 STMicroelectronics – Kodzero dzese dzakachengetwa

Zvinyorwa / Zvishandiso

STM32MPx Series Kusaina Tool Software [pdf] User Manual
STM32MPx Series Signing Tool Software, STM32MPx Series, Signing Tool Software, Tool Software, Software

References

Related Posts

Siya mhinduro

Yako email kero haizoburitswa. Nzvimbo dzinodiwa dzakamakwa *