Versions Compared

Old Version 5

changes.mady.by.user Kamil Możdżyński

Saved on

compared with

New Version 6

changes.mady.by.user Kamil Możdżyński

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Preparation of the keys (private_key.pem, public_key.pem and public_key_hash) using KeyGen Tool STM32MP_KeyGen_CLI

  2. Preparation of Device Tree files (.dts) for the custom board using STM32CubeMX or STM32CubeIDE.

  3. TFA-SSP compilation (tf-a_ssp<custom board>.bin) using Developers Package with SDK and Device Tree files from previous step.

  4. Signing of the TF-A SSP (tf-a_ssp<custom board>.stm32) using STM32MP_SigningTool_CLI

  5. Preparation of a secret data file (*.ssp) using STM32TrustedPackageCreator (SSP tab) or STM32TrustedPackageCreator_CLI (-ssp option)

  6. Programming HSM modules with a limited number of licenses using STM32TrustedPackageCreator (HSM tab) or STM32TrustedPackageCreator_CLI (-hsm option)

2. Programming secrets in OTP using Elprotronic Gangflasher-ST on Windows

  1. Open Gangflasher-ST

  2. Check connection with the board or scan “Setup->USB Location“

  3. Check connection with HSM “View->HSM“

  4. Load TF-A SSP and *.ssp files in the setup window “Setup->SSP/SFI“

  5. Check “Enable” box in SSP/SFI area.

  6. Click “Write“ Button in SSP/SFI area.

  7. Confirm the operation in the pop-up window.

  8. View report for target in Reports area.

Info

SSP operation is also capable using .dll and Gangflasher_CLI

Gangflasher_CLI

Performing SSP operation requires specifying *.cfg configuration file and *.ssp and tfa-ssp files according to the command below

Code Block
./GangFlasher-CLI -target_cfg <path to config file *.cfg> -ssp <path to secrets file *.ssp> -tfa_ssp <path to signed tf-a ssp file *.stm32>

Example:

Code Block
./GangFlasher-CLI -target_cfg "setup.cfg" -ssp ssp.out -tfa_ssp tf-a-ssp-Signed.stm32

Possible Errors

...