Skip to end of banner
Go to start of banner

LPC55Sxx - FlashPro-ARM - GangPro-ARM - Secure Binary

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Preparing the environment for programming with a secure binary file.

Programming with SB file requires UART and high state on ISP pin.
You must have the files/data prepared:

  • Secure Binary file with the extension .sb.

  • CMPA data,

  • CFPA data,

  • SBKEK and (if you want) USERKEK.

All previously mentioned files/data are for example generated by MCUXpresso Secure Provisioning Tool.

\uD83D\uDCD8 Instructions

  • Open FlashPro-ARM / GangPro-ARM.

  • Select the appropriate “Microcontroller Type”. Only LPC55Sxx can use the protected binary file.

  • Open “Setup” => “Memory option”.

  • In the "Memory Erase/Write/Verify Address Range" window, select the "OTP/INFO/EEPROM" option and click “OK”.

  • Click “Open Code File”.

  • Select cfpa.bin. CFPA - Customer In-field Programmable Area. In this file is nessesary configuration.

  • Write BASE address (For LPC55S0xx and LPC55S1xx - 0x3DE00, for LPC55S2xx and LPC55S6xx - 0x9DE00) and click “OK”.

  • In the main window click “Append”.

  • Select cmpa_sealed.bin or cmpa_non_sealed.bin. CMPA - Customer Manufacturing/Factory
    Programmable Area. In this file is nessesary configuration. The option of whether SEAL CMPA should be selected later.

  • Write BASE address. (For LPC55S0xx and LPC55S1xx - 0x3E400, for LPC55S2xx and LPC55S6xx - 0x9E400) and click “OK”

  • Open “Setup” => “Memory Protection”.

  • Select “User-Defined”. Only with this option do we support a secure binary file.

  • Check “Write CFPA_EN”, “Write CMPA_EN”, “Write Key_Store_Area_EN” and “Write Secure Binary”. This will allow the device to be fully programmed.

  • Select “Customer Field Programmable Area - CFPA”.

  • Click “Copy Values From File to User-Defined” or enter the data. Check “Protection register EN” for all abilities. Next click “OK”.

  • Select “Customer Manufacturing/Factory Configuration Area - CMPA”.

  • Click “Copy Values From File to User-Defined” or enter the data. Check “Protection register EN” for all abilities. If you want, you can check "SEAL_PART" (this operation is irreversible!!). Next click “OK”.

  • Select “Key Store Area”.

  • Cheak “Enroll the PUF” and “SBKEK - EN”. Enter the SBKEK key and any other necessary keys. You can paste 64 characters code and click “Conversion SBKEK to hex”. Only hex fields are valid!
    Example key (8CAABD3A84243FCD936018BF08284D7E5A8CBF8CD6ADB245F38B1D87DA57F28F) and its input. Next click “OK”.

  • Select “Open Secure Binary Code”.

  • Open yournamefile.sb file.

  • In the main protection window click “OK”.

  • Cheak Memory Protection - “Enable”.

  • Click “AUTO PROG. (F8)”.

  • No labels