User Guide - blhost#

This user’s guide describes how to interface with the MCU bootloader using blhost application.

The blhost application is a command-line utility used on the host computer to initiate communication and issue commands to the MCU bootloader. The application only sends one command per invocation.

Communication#

The blhost application can communicate directly with the MCU bootloader over the host computer’s UART (Serial Port) or USB connections.

MCU bootloader typically supports other peripherals such as I2C, SPI, and CAN. However, the blhost application cannot interface with the MCU bootloader over these transports without external hardware.

blhost - USB#

blhost could be connected to MCU Bootloader over USB HID.

USB device identification in SPSDK

blhost - UART#

blhost could be connected to MCU bootloader over UART.

UART device identification in SPSDK

blhost - BUSPAL#

The BusPal acts as a bus translator running on selected platforms. BusPal assists blhost in carrying out commands and responses from the target device through an established connection with blhost over UART, and the target device over I2C, SPI, or CAN.

blhost - LPCUSBSIO#

LPCUSBSIO - LPC USB Serial I/O(LPCUSBSIO), a firmware built in LPC Link2. The LPCUSBSIO acts as a bus translator, and establishes connection with blhost over USB-HID, and the MCU bootloader device over I2C and SPI.

blhost - CAN#

blhost could be connected to MCU bootloader over CAN. Support is based on python-can library. Refer to the documentation of python-can for more information. https://python-can.readthedocs.io/en/stable/ In order to use CAN, extras must be installed with “pip install spsdk[can]”.

MCU bootloader#

The MCU bootloader is intended to be the standard bootloader for all MCU devices. It provides a standard interface to the device using any of the peripherals supported by the bootloader on a given NXP MCU device.

The MCU bootloader is available as source code for customer and flash-based implementations. There are example applications in the package which demonstrates how to interface with the MCU bootloader.

MCU Bootloader for NXP Microcontrollers

MCU bootloader properties#

Current version#

The value of this property is a 4-byte structure containing the current version of the bootloader. This property is encoded in a one-word value.

MCU Bootloader - bit ranges for version components#

Bit

[31:24]

[23:16]

[15:8]

[7:0]

Field

Name

Major Version

Minor Version

Bugfix version

Available peripherals#

The value of this property is a one-word bitfield that lists the peripherals supported by the bootloader and the hardware on which it is running.

MCU Bootloader - peripheral bits#

Bit

5

4

3

2

1

0

Peripheral

Reserved

USB HID

CAN

SPI Slave

I2C Slave

UART

Available commands#

This property value is a bitfield with bits set corresponding to commands enabled in the bootloader.

The bit number that identifies whether a command is present is the command’s tag value minus 1. To get the bit mask for a given command, use this expression

mask = 1 << (tag - 1)
MCU Bootloader - available commands#

1

flash-erase-all (0x01)

2

flash-erase-region (0x02)

3

read-memory (0x03)

4

write-memory (0x04)

5

fill-memory (0x05)

6

flash-security-disable (0x06)

7

get-property (0x07)

8

receive-sb-file (0x08)

9

execute (0x09)

10

call (0x0a)

11

reset (0x0b)

12

set-property (0x0c)

13

flash-erase-all-unsecure (0x0d)

14

flash-program-once (0x0e)

15

flash-read-once (0x0f)

16

flash-read-resource (0x10)

17

configure-memory (0x11)

18

reliable-update (0x12)

19

generate-key-blob (0x13)

20

program-fuse (0x14)

21

key-provisioning (0x15)

22

trust-provisioning (0x16)

23

fuse-read (0x17)

24

update-life-cycle(0x18)

[31:25]

reserved

MCU Bootloader operation#

The correct use of blhost program requires a connection to a MCU device running the MCU bootloader command interface. The diagram shows a simplified view of the MCU bootloader state machine that shows the states relevant to blhost application.

../_images/mcu_bootloader_state_diagram.png

Simplified MCU Bootloader state diagram#

After reset, the bootloader monitors all enabled peripheral devices, UART, I2C, SPI, CAN, USB-HID, and USB-MSC for active communication. After communication is established, all peripherals except the active peripheral are shut down, and the bootloader enters the command processing state.

If the bootloader is in the “Detect Active Peripheral” state, the first use of blhost application establishes the active peripheral and the bootloader transitions to the “Process Commands” state. The active peripheral is established according to the transport used by the initial blhost invocation.

For example, if the -u option was successfully used to send the initial command, the USB-HID is the active peripheral and all future commands must use the -u option unless the bootloader is reset.

If the -p COMx option is used, the UART is the active peripheral and all future commands must use the –p COMx option unless the bootloader is reset. For the UART peripheral, the baud rate is automatically determined by the bootloader when processing the initial ping. Therefore, subsequent blhost invocations must specify the same baud rate as was used for the initial invocation unless the bootloader is reset. If the baud rate is not specified using the -p COMx,<baudrate> option, the UART baud rate is set to 57600.

Note

After the MCU bootloader is in the “Process Commands” state, the device has to be reset to communicate over a different peripheral or at a different baud rate over the same UART peripheral.

Command line interface#

blhost consist of a set of sub-commands followed by options and arguments. The options and the sub-command are separated with a ‘–’.

blhost [options] -- [sub-command]

The “help” guide of blhost lists all of the options and sub-commands supported by the blhost utility.

blhost --help

All sub-commands are not supported on all MCU bootloader platforms. If a sub-command is not supported by the MCU bootloader, it returns k_StatusUnknownCommand.

When flash security is enabled, only the get-property, set-property, reset, flash-security-disable, and flash-erase-all-unsecure sub-commands are supported. The MCU bootloader returns kStatus_SecurityViolation if a sub-command is received that is not supported due to flash security settings.

blhost#

Utility for communication with the bootloader on target.

blhost [OPTIONS] COMMAND [ARGS]...

Options

-p, --port <COM[,speed>#

Serial port configuration. Default baud rate is 57600. Use ‘nxpdevscan’ utility to list devices on serial port.

-u, --usb <VID:PID|USB_PATH|DEV_NAME>#

USB device identifier. | Following formats are supported: <vid>, <vid:pid> or <vid,pid>, device/instance path, device name. | <vid>: hex or dec string; e.g. 0x0AB12, 43794. | <vid/pid>: hex or dec string; e.g. 0x0AB12:0x123, 1:3451. | Use ‘nxpdevscan’ utility to list connected device names.

-sd, --sdio <SDIO_PATH|DEV_NAME>#

SDIO device identifier.

Following formats are supported: device/instance path, device name.
device/instance path: device string; e.g. /dev/mcu-sdio.
Use ‘nxpdevscan’ utility to list connected device names.
-l, --lpcusbsio <usb,VID:PID|USB_PATH|SER_NUM,]spi|i2c>#

USB-SIO bridge interface.

Optional USB device filtering formats: [usb,vid:pid|usb_path|serial_number]

Following serial interfaces are supported:

spi[index][,port,pin,speed_kHz,polarity,phase]
- index … optional index of SPI peripheral. Example: “spi1” (default=0)
- port … bridge GPIO port used as SPI SSEL(default=0)
- pin … bridge GPIO pin used as SPI SSEL
default SSEL is set to 0.15 which works
for the LPCLink2 bridge. The MCULink OB
bridge ignores the SSEL value anyway.(default=15)
- speed_kHz … SPI clock in kHz (default 1000)
- polarity … SPI CPOL option (default=1)
- phase … SPI CPHA option (default=1)
- nirq_port … nIRQ port number (default None)
- nirq_pin … nIRQ pin number (default None)
i2c[index][,address,speed_kHz]
- index … optional index of I2C peripheral. Example: “i2c1” (default=0)
- address … I2C device address (default 0x10)
- speed_kHz … I2C clock in kHz (default 100)
- nirq_port … nIRQ port number (default None)
- nirq_pin … nIRQ pin number (default None)
Following types of interface configuration formats are supported:
- string with coma separated arguments i.e. spi1,0,15,1000,1
- string with coma separated keyword arguments (the order may not be maintained) i.e.spi1,port=0,speed_kHz=1000,nirq_port=1,nirq_pin=7
- string with combination of coma separated arguments and keyword arguments i.e.spi1,0,15,nirq_port=1,nirq_pin=7
-cb, --can <interface[,channel,bitrate,rxid,txid>#

CAN Bus settings

interface[,channel,bitrate,rxid,txid]
- interface … CAN interface name (refer to python-can library)
- channel … CAN channel number
- bitrate … CAN bitrate (default=1000000)
- rxid … default arbitration ID for RX (default=0x123)
- txid … default arbitration ID for TX (default=0x321)
-b, --buspal <spi[,speed,polarity,phase,lsb|msb] | i2c[,address,speed>#

Buspal settings

-x, --plugin <identifier=PLUGIN_IDENTIFIER[,param1=value1,param2=value2>#

Plugin interface settings.

Following format of plugin setting is supported:

identifier=<PLUGIN_IDENTIFIER>[,<key1>=<value1>,<key2>=<value2>,…]
- <PLUGIN_IDENTIFIER>: Corresponds to the ‘identifier’ attribute of the plugin class
- <key1>=<value1>: Represent a single interface parameter
Optional interface settings:
- Any number of optional <key>=<value> scan settings separated by comma can be defined
- The <key>=<value> pairs are used as keyword parameters for ‘scan’ method of a plugin class
-t, --timeout <ms>#

Sets timeout when waiting on data over a serial line. The default is 5000 milliseconds.

-j, --json#

Use JSON output

-v, --verbose#

Print more detailed information

-vv, --debug#

Display more debugging information.

--version#

Show the version and exit.

--help#

Show this message and exit.

-s, --silent#

Silent mode suppresses progress bar and status response

blhost reset#

Resets the device.

A response packet is sent before resetting the device.

blhost reset [OPTIONS]

After the reset the device boots from flash and user image is programmed successfully using ROM bootloader.

Note

After issuing the reset sub-command, allow 5 seconds for the user application to start running from flash.

blhost get-property#

Queries various bootloader properties and settings.

Each supported property has a unique <PROPERTY_TAG>.

PROPERTY_TAG - number or name representing the requested property
INDEX - id/index of the memory (default: 0)
Available properties:
0 or ‘list-properties’ List all properties
1 or ‘current-version’ Bootloader version
2 or ‘available-peripherals’ Available peripherals
3 or ‘flash-start-address’ Start of program flash, <index> is required
4 or ‘flash-size-in-bytes’ Size of program flash, <index> is required
5 or ‘flash-sector-size’ Size of flash sector, <index> is required
6 or ‘flash-block-count’ Blocks in flash array, <index> is required
7 or ‘available-commands’ Available commands
8 or ‘check-status’ Check Status, <status id> is required
9 or ‘reserved’
10 or ‘verify-writes’ Verify Writes flag
11 or ‘max-packet-size’ Max supported packet size
12 or ‘reserved-regions’ Reserved regions
13 or ‘reserved’
14 or ‘ram-start-address’ Start of RAM, <index> is required
15 or ‘ram-size-in-bytes’ Size of RAM, <index> is required
16 or ‘system-device-id’ System device identification
17 or ‘security-state’ Flash security state
18 or ‘unique-device-id’ Unique device identification
19 or ‘flash-fac-support’ FAC support flag
20 or ‘flash-access-segment-size’ FAC segment size
21 or ‘flash-access-segment-count’ FAC segment count
22 or ‘flash-read-margin’ Read margin level of program flash
23 or ‘qspi/otfad-init-status’ QuadSpi initialization status
24 or ‘target-version’ Target version
25 or ‘external-memory-attributes’ External memory attributes, <memoryId> is required
26 or ‘reliable-update-status’ Reliable update status
27 or ‘flash-page-size’ Flash page size, <index> is required
28 or ‘irq-notify-pin’ Interrupt notifier pin
29 or ‘pfr-keystore_update-opt’ PFR key store update option
30 or ‘byte-write-timeout-ms’ Byte write timeout in ms
31 or ‘fuse-locked-status’ Fuse Locked Status
32 or ‘boot status’ Value of Boot Status Register
33 or ‘loadable-fw-version’ LoadableFWVersion
for kw45xx/k32w1xx devices:
10 or ‘verify-erases’ Verify Erases flag
20 or ‘boot status’ Value of Boot Status Register
21 or ‘loadable-fw-version’ LoadableFWVersion
22 or ‘fuse-program-voltage’ Fuse Program Voltage
for kw47xx devices:
10 or ‘verify-erases’ Verify Erases flag
20 or ‘boot status’ Value of Boot Status Register
21 or ‘loadable-fw-version’ LoadableFWVersion
34 or ‘fuse-program-voltage’ Fuse Program Voltage
for mcxa1xx devices:
17 or ‘life-cycle’ Life Cycle
Note: Not all the properties are available for all devices.
blhost get-property [OPTIONS] PROPERTY_TAG [INDEX]

Options

-f, --family <family>#

Select the chip family.

Options:

k32w148 | kw45b41z5 | kw45b41z8 | kw47b42z83 | kw47b42z96 | kw47b42z97 | kw47b42zb2 | kw47b42zb3 | kw47b42zb6 | kw47b42zb7 | kw47z42082 | kw47z42092 | kw47z420b2 | kw47z420b3 | mcxa132 | mcxa133 | mcxa142 | mcxa143 | mcxa144 | mcxa145 | mcxa146 | mcxa152 | mcxa153 | mcxa154 | mcxa155 | mcxa156 | mcxa165 | mcxa166 | mcxa175 | mcxa176 | mcxa275 | mcxa276 | mcxw716a | mcxw716c | mcxw727a | mcxw727c | mcxw727d

Arguments

PROPERTY_TAG#

Required argument

INDEX#

Optional argument

Note

Not all properties are supported by all target. To check the supported properties, see the target’s user manual or the reference manual.

Memory ID#

Internal Memory

Device internal memory space

0

Internal Memory (Default selected memory)

16 (0x10)

Execute-only region on internal flash (Only used for flash-erase-all)

Mapped
External
Memory

The memories that are remapped to internal space, and must be accessed
by internal addresses. (IDs in this group are only used for
flash-erase-all and configure-memory, and ignored by write-memory,
read-memory, flash-erase-region and flash-image(use default 0))

1

QuadSPI Memory

8

SEMC NOR Memory

9

FlexSPI NOR Memory

10 (0xa)

SPIFI NOR Memory

Unmapped
External
Memory

Memories which cannot be remapped to internal space, and only can be
accessed by memories’ addresses. (Must be specified for all commands
with <memoryId> argument)

256 (0x100)

SEMC NAND Memory

257 (0x101)

SPI NAND Memory

272 (0x110)

SPI NOR/EEPROM Memory

273 (0x111)

I2C NOR/EEPROM Memory

288 (0x120)

uSDHC SD Memory

289 (0x121)

uSDHC MMC Memory

blhost set-property#

Changes properties and options in the bootloader.

Accepts the same <PROPERTY_TAG> used with the get-property sub-command; however, only some properties are writable.

PROPERTY_TAG - number or name representing the requested property
VALUE - value to set
Available properties to set:
10 or ‘verify-writes’ Verify Writes flag
22 or ‘flash-read-margin’ Read margin level of program flash
28 or ‘irq-notify-pin’ Interrupt notifier pin
29 or ‘pfr-keystore_update-opt’ PFR key store update option
30 or ‘byte-write-timeout-ms’ Byte write timeout in ms
for kw45xx/k32w1xx devices:
10 or ‘verify-erases’ Verify Erases flag
22 or ‘fuse-program-voltage’ Fuse Program Voltage
for kw47xx devices:
10 or ‘verify-erases’ Verify Erases flag
34 or ‘fuse-program-voltage’ Fuse Program Voltage
Note: Not all properties can be set on all devices.
blhost set-property [OPTIONS] PROPERTY_TAG VALUE

Options

-f, --family <family>#

Select the chip family.

Options:

k32w148 | kw45b41z5 | kw45b41z8 | kw47b42z83 | kw47b42z96 | kw47b42z97 | kw47b42zb2 | kw47b42zb3 | kw47b42zb6 | kw47b42zb7 | kw47z42082 | kw47z42092 | kw47z420b2 | kw47z420b3 | mcxa132 | mcxa133 | mcxa142 | mcxa143 | mcxa144 | mcxa145 | mcxa146 | mcxa152 | mcxa153 | mcxa154 | mcxa155 | mcxa156 | mcxa165 | mcxa166 | mcxa175 | mcxa176 | mcxa275 | mcxa276 | mcxw716a | mcxw716c | mcxw727a | mcxw727c | mcxw727d

Arguments

PROPERTY_TAG#

Required argument

VALUE#

Required argument

Note

If an attempt to write a read-only property is made, an error is returned indicating the property is read-only and cannot be changed.

Properties that can be changed all have 32-bit values.

blhost flash-erase-region#

Erases one or more sectors of the flash memory.

The start <ADDRESS> and <BYTE_COUNT> must be a multiple of the word size. The entire sector(s) containing the start and end address is erased.

ADDRESS - starting address
BYTE_COUNT - number of bytes to erase
MEMORY_ID - id of memory to erase (default: 0)
blhost flash-erase-region [OPTIONS] ADDRESS BYTE_COUNT [MEMORY_ID]

Arguments

ADDRESS#

Required argument

BYTE_COUNT#

Required argument

MEMORY_ID#

Optional argument

Note

If the VerifyWrites property is enabled, the sub-command performs a flash verify erase operation.

blhost flash-erase-all#

Performs an erase of the entire flash memory.

MEMORY_ID - id of memory to erase (default: 0)
Note: excluding protected regions.
blhost flash-erase-all [OPTIONS] [MEMORY_ID]

Arguments

MEMORY_ID#

Optional argument

Note

If any flash regions are protected, the sub-command fails with an error.

If any flash regions are reserved by the bootloader, they are ignored (not erased).

If the VerifyWrites property is enabled, the flash-erase-all sub-command performs a flash verify erase all operation, or multiple flash verify erase options if decomposed due to reserved regions.

blhost flash_security_disable#

Disable flash security by using of backdoor key.

KEY - key value as hex-string (8 bytes long)
blhost flash_security_disable [OPTIONS] KEY

Arguments

KEY#

Required argument

Note

Performs the flash security disable operation by comparing the provided 8-byte backdoor key against the backdoor key stored in the Flash Configuration Field at address 0x400 in flash.

If the backdoor key comparison fails, further attempts to disable security with this command fails until the system is reset.

Backdoor key access must be enabled by setting the KEYEN bitfield of the FSEC byte in the Flash Configuration Field to 0b10. It is disabled by default. The backdoor key in the Flash Configuration Field must also be set to a value other than all zeros or all ones.

blhost read-memory#

Reads the memory and writes it to the file or stdout.

Returns the contents of memory at the given <ADDRESS>, for a specified <BYTE_COUNT>.

ADDRESS - starting address
BYTE_COUNT - number of bytes to read
FILE - store result into this file, if not specified use stdout.
If needed specify MEMORY_ID argument, use ‘-’ instead name of file
to print to stdout.
MEMORY_ID - id of memory to read from (default: 0)
blhost read-memory [OPTIONS] ADDRESS BYTE_COUNT FILE [MEMORY_ID]

Options

-h, --use-hexdump#

Use hexdump format

-f, --fast-mode#

Fast mode for USB-HID data transfer, not reliable !!!

Arguments

ADDRESS#

Required argument

BYTE_COUNT#

Required argument

FILE#

Optional argument

MEMORY_ID#

Optional argument

Note

This sub-command can read any region of memory accessible by the CPU and not protected by security. This includes flash, RAM, and peripheral registers.

Note that the minimum profile does not support reading the peripheral register space.

blhost write-memory#

Writes memory from a file or a hex-data.

Writes memory specified by <MEMORY_ID> at <ADDRESS> from <FILE> or <HEX-DATA> Writes a provided buffer to a specified <BYTE_COUNT> in memory.

ADDRESS - starting address
FILE - write the content of this file
BYTE_COUNT - if specified, load only first BYTE_COUNT number of bytes from file
HEX-DATA - string of hex values: {{112233}}, {{11 22 33}}
- when using Jupyter notebook, use [[ ]] instead of {{ }}: eg. [[11 22 33]]
MEMORY_ID - id of memory to read from (default: 0)
blhost write-memory [OPTIONS] ADDRESS FILE[,BYTE_COUNT] | {{HEX-DATA}}
                    [MEMORY_ID]

Arguments

ADDRESS#

Required argument

FILE[,BYTE_COUNT] | {{HEX-DATA}}#

Required argument

MEMORY_ID#

Optional argument

Note

Can write to all accessible memory, including flash, RAM, and peripheral registers. However, if flash protection is enabled, writes to protected sectors fails. Data specified by file is treated as binary data.

Any flash sector written to must be previously erased with either a flash-erase-all, flash-erase-region, or flash-erase-allunsecure sub-command.

Writing to flash requires the start address to be word aligned. The byte count is rounded up to a multiple of the word size, and trailing bytes are filled with the flash erase pattern (0xff).

Word and half-word-aligned and sized writes to RAM and peripheral registers use appropriately sized writes. This enables writing to registers larger than a byte in a single bus transaction.

Note that the minimum profile does not support writing to the peripheral register space.

If the VerifyWrites property is enabled, writes to flash performs a flash verify program operation.

blhost list-memory#

Lists all memories, supported by the current device.

blhost list-memory [OPTIONS]

blhost receive-sb-file#

Receives a file in a Secure Binary (SB) format.

An SB file is an encapsulated, binary stream of bootloader commands that can be optionally encrypted.

FILE - SB file to send to the target
blhost receive-sb-file [OPTIONS] FILE

Options

-c, --check-errors#

This flag should be used when the receive-sb-file operation fails using USB interface. Without this flag USB transfer is significantly faster (roughly 20x) However, the status code might be misleading in case of an error. In case of an error using USB interface, rerun receive-sb-file with this setting for clearer error message. This setting has no effect interfaces other than USB.

Arguments

FILE#

Required argument

Note

The SB file format is described in the documentation for nxpimage and can be created using the nxpimage tool.

Note that if the SB file contains a JUMP command, the receive-sb-file sub-command is aborted at the point of the jump, and a status of kStatus_AbortDataPhase is returned.

blhost execute#

Jumps to code at the provided address.

The system is returned to a reset state before the jump. The function <ARGUMENT> parameter is passed in R0 to the called code.

The main stack pointer and process stack pointer registers are set to the <STACKPOINTER> parameter. If set to zero, the code being called should set the stack pointer before using the stack.

ADDRESS - Address of the application to run
ARGUMENT - Argument passed to the application
STACKPOINTER - Stack pointer for the application
blhost execute [OPTIONS] ADDRESS ARGUMENT STACKPOINTER

Arguments

ADDRESS#

Required argument

ARGUMENT#

Required argument

STACKPOINTER#

Required argument

Warning

For LPC55S0x/1x/2x/6x

ADDRESS – should be set to initial PC value of the image to be executed. You can read the value from the binary of the application image (second 32-bit word in the application binary)

ARGUMENT – image start address (location in memory where the image is loaded)

STACKPOINTER – should be set to initial SP value of the image to be executed. You can read the value from the binary of the application image (first 32-bit word in the application binary)

Note

The effective prototype of the called function is:

void function(uint32_t arg);

blhost call#

Invokes code at an address, passing an argument to it.

ADDRESS - function code address
ARGUMENT - argument for the function
blhost call [OPTIONS] ADDRESS ARGUMENT

Arguments

ADDRESS#

Required argument

ARGUMENT#

Required argument

Note

The function that is called has the same prototype as for the one called by the execute command.

Because the intention is to return to the bootloader after the function executes, the function must not perform any action that would interfere with the bootloader operation. In particular, the following restrictions apply:

  • Do not use interrupts because the interrupt vectors are still owned by the bootloader.

  • Do not modify any memory locations used by the bootloader (use “get-property 12” to determine reserved regions).

  • Do not modify any pin mux or clock settings used by bootloader peripherals.

blhost flash-program-once#

Writes provided data to a specific program once field.

INDEX - fuse word index
BYTE_COUNT - width in bits (acceptable only 4 or 8-byte long data)
DATA - 4 or 8-byte-hex according to <byte_count>
ENDIANNESS - output sequence is specified by LSB (Default) or MSB
blhost flash-program-once [OPTIONS] INDEX {4|8} DATA [LSB|MSB]

Arguments

INDEX#

Required argument

BYTE_COUNT#

Required argument

DATA#

Required argument

[LSB|MSB]#

Optional argument

Note

Special care must be taken when writing to program once field. The program once field only supports programming once.

Any attempts to reprogram a program once field gets an error response. The number of bytes to be written must be 4-byte aligned for non-FAC fields, and be 8-byte aligned for FAC fields.

blhost flash-read-once#

Returns the contents of a specific program once field.

INDEX - fuse word index
BYTE_COUNT - width in bits (acceptable only 4 or 8-byte long data)
blhost flash-read-once [OPTIONS] INDEX {4|8}

Arguments

INDEX#

Required argument

BYTE_COUNT#

Required argument

blhost efuse-program-once#

Writes data to a specific efuse word.

Each efuse bit can only be programmed once.

ADDRESS - address of OTP word, not the shadowed memory address.
DATA - hex digits without prefix ‘0x’.
blhost efuse-program-once [OPTIONS] ADDRESS DATA [nolock/lock]

Options

-v, --verify, --no-verify#

Verify write operation (don’t verify by default)

Arguments

ADDRESS#

Required argument

DATA#

Required argument

[nolock/lock]#

Optional argument

blhost efuse-read-once#

Returns the contents of a specific efuse word.

ADDRESS - is the address of OTP word, not the shadowed memory address.
blhost efuse-read-once [OPTIONS] ADDRESS

Arguments

ADDRESS#

Required argument

blhost flash-read-resource#

Read resource of flash module.

Reads the contents of Flash IFR or Flash Firmware ID as specified by option and writes result to file or stdout if file is not specified.

ADDRESS - Start address
LENGTH - Number of bytes to read. Must be 4-byte aligned.
OPTION - Area to be read. 0 means Flash IFR, 1 means Flash Firmware ID.
OUT_FILE - Path to file, where the output will be stored
blhost flash-read-resource [OPTIONS] ADDRESS LENGTH {0|1} FILE

Options

-h, --use-hexdump#

Use hexdump format

Arguments

ADDRESS#

Required argument

LENGTH#

Required argument

OPTION#

Required argument

FILE#

Optional argument

blhost configure-memory#

Sets a config at internal memory to memory with ID.

The specified configuration block must have been previously written to memory using the write-memory command.

MEMORY_ID - id of memory
ADDRESS - starting address
blhost configure-memory [OPTIONS] MEMORY_ID ADDRESS

Arguments

MEMORY_ID#

Required argument

ADDRESS#

Required argument

Note

The format of the configuration block is described in the MCU Bootloader Reference Manual document.

blhost flash-image#

Write the formatted image in <FILE> to the memory specified by memoryID.

FILE - path to image file
ERASE - string ‘erase’ determines if flash is erased before writing
MEMORY_ID - id of memory to erase (default: 0)
blhost flash-image [OPTIONS] FILE [ERASE] [MEMORY_ID]

Arguments

FILE#

Required argument

ERASE#

Optional argument

MEMORY_ID#

Optional argument

Note

Write the formatted image in <file> to the memory specified by memoryID. Supported file types are S-Record (.srec and .s19), and Hex (.hex). Flash is erased before writing if [erase] is ‘erase’ or 1. This blhost command does not directly correspond to a bootloader command, but may send multiple bootloader commands to perform the operation.

blhost generate-key-blob#

Generates the Key Blob, and writes it to the file.

<KEY_SEL> selects the blob key encryption key(BKEK) used to generate the key blob.

DEK_FILE - the file with the binary DEK key
BLOB_FILE - the generated file with a binary key blob
KEY_SEL - select the BKEK used to wrap the BK and generate the blob.
For devices with SNVS, valid options of [key_sel] are
0, 1 or OTPMK: OTPMK from FUSE or OTP(default),
2 or ZMK: ZMK from SNVS,
3 or CMK: CMK from SNVS,
For devices without SNVS, this option will be ignored.
blhost generate-key-blob [OPTIONS] DEK_FILE BLOB_FILE [KEY_SEL]

Arguments

DEK_FILE#

Required argument

BLOB_FILE#

Required argument

[KEY_SEL]#

Optional argument

blhost key-provisioning#

Group of sub-commands related to key provisioning.

blhost key-provisioning [OPTIONS] COMMAND [ARGS]...

enroll#

Enrolls key provisioning feature. No argument for this operation.

blhost key-provisioning enroll [OPTIONS]

read_key_nonvolatile#

Loads the key from nonvolatile memory to bootloader.

memoryID - ID of the non-volatile memory, default: 0
blhost key-provisioning read_key_nonvolatile [OPTIONS] memoryID

Arguments

memoryID#

Optional argument

read_key_store#

Reads the key store from the bootloader to host(PC).

<FILE> is the binary file to store the key store.

FILE - Binary file to save the key store.
blhost key-provisioning read_key_store [OPTIONS] FILE

Arguments

FILE#

Required argument

set_key#

Generates a size bytes of the key specified by the type.

TYPE - type of key to generate,
SIZE - size of key to generate
Available KEY TYPES:
2 or ‘OTFADKEK’ OTFAD key
3 or ‘SBKEK’ SB file encryption key
7 or ‘PRINCE0’ Prince region 0 encryption key
8 or ‘PRINCE1’ Prince region 1 encryption key
9 or ‘PRINCE2’ Prince region 2 encryption key
11 or ‘USERKEK’ User/Boot-image encryption key
12 or ‘UDS’ Universal Device Secret for DICE
Note: The valid options of <type> and corresponding <size> are documented
in the target’s Reference Manual or User Manual.
Note: Names are case insensitive
blhost key-provisioning set_key [OPTIONS] TYPE SIZE

Arguments

TYPE#

Required argument

SIZE#

Required argument

set_user_key#

Sends the user key specified by type to the bootloader.

<FILE> is the binary file containing user key plain text. If <SIZE> is not specified, the entire <FILE> will be sent. Otherwise, blhost only sends the first <SIZE> bytes.

If the ‘–key-size’ option is defined, the argument ‘file_and_size’ accepts those formats:
- filename to binary file
- filename to text file
- string with key
The size part is ignored in this case.
TYPE - Type of user key
FILE - Binary file containing user key plaintext
SIZE - If not specified, the entire <file> will be sent. Otherwise, only send
the first <size> bytes.
Available KEY TYPES:
2 or ‘OTFADKEK’ OTFAD key
3 or ‘SBKEK’ SB file encryption key
7 or ‘PRINCE0’ Prince region 0 encryption key
8 or ‘PRINCE1’ Prince region 1 encryption key
9 or ‘PRINCE2’ Prince region 2 encryption key
11 or ‘USERKEK’ User/Boot-image encryption key
12 or ‘UDS’ Universal Device Secret for DICE
Note: The valid options of <type> and corresponding <size> are documented
in the target’s Reference Manual or User Manual.
Note: Names are case insensitive
blhost key-provisioning set_user_key [OPTIONS] TYPE FILE[,SIZE]

Options

-s, --key-size <key_size>#

Key size in bits. If this field is defined, the command could load as text as binary form of key.

Arguments

TYPE#

Required argument

FILE[,SIZE]#

Required argument

write_key_nonvolatile#

Writes the key to nonvolatile memory.

memoryID - ID of the non-volatile memory, default: 0
blhost key-provisioning write_key_nonvolatile [OPTIONS] memoryID

Arguments

memoryID#

Optional argument

write_key_store#

Sends the key store to the bootloader.

<FILE> is the binary file containing key store. If <SIZE> is not specified, the entire <FILE> will be sent. Otherwise, only send the first <SIZE> bytes.

FILE - Binary file containing key store.
SIZE - If not specified, the entire <file> will be sent. Otherwise, only send
the first <size> bytes.
blhost key-provisioning write_key_store [OPTIONS] FILE[,SIZE]

Arguments

FILE[,SIZE]#

Required argument

blhost program-aeskey#

Sends raw binary, which contains an aes key, to the devices and program it to the OTP field.

FILE - file, which contains an aes key
blhost program-aeskey [OPTIONS] FILE

Arguments

FILE#

Required argument

blhost flash-erase-all-unsecure#

Erase complete flash memory and recover flash security section.

blhost flash-erase-all-unsecure [OPTIONS]

Note

This command is only supported in new versions of the flash controller. Most MCU devices do not support this command, and the bootloader sends a kStatus_UnknownCommand error in response.

Performs a mass erase of the flash memory, including protected sectors and any reserved regions in flash. Flash security is immediately disabled if it was enabled and the FSEC byte in the Flash Configuration Field at address 0x40C is programmed to 0xFE.

The Mass Erase Enable option in the FSEC field is honored by this command. If mass erase is disabled, then this command fails.

This command is only useful and only present in ROM configurations of the bootloader because it erases reserved regions in flash.

blhost reliable-update#

Reliable Update.

ADDRESS - starting address
blhost reliable-update [OPTIONS] ADDRESS

Arguments

ADDRESS#

Required argument

Note

For software implementation: Checks the validity of backup application at <addr>, then copies the contents of backup application from <addr> to main application region.

For hardware implementation: Verifies if the provided <addr> is a valid swap indicator address for flash swap system, then checks the validity of backup application resided in upper flash block. After that, it swaps the flash system.

blhost fuse-program#

Program fuse.

ADDRESS - starting address
FILE - write the content of this file
BYTE_COUNT - if specified, load only first BYTE_COUNT number of bytes from file
HEX-DATA - string of hex values: {{112233}}, {{11 22 33}}
- when using Jupyter notebook, use [[ ]] instead of {{ }}: eg. [[11 22 33]]
MEMORY_ID - id of memory to read from (default: 0)
blhost fuse-program [OPTIONS] ADDRESS FILE[,BYTE_COUNT] | {{HEX-DATA}}
                    [MEMORY_ID]

Arguments

ADDRESS#

Required argument

FILE[,BYTE_COUNT] | {{HEX-DATA}}#

Required argument

MEMORY_ID#

Optional argument

blhost fuse-read#

Reads the fuse and writes it to the file or stdout.

Returns the contents of memory at the given <ADDRESS>, for a specified <BYTE_COUNT>.

ADDRESS - starting address
BYTE_COUNT - number of bytes to read
FILE - store result into this file, if not specified use stdout
MEMORY_ID - id of memory to read from (default: 0)
blhost fuse-read [OPTIONS] ADDRESS BYTE_COUNT FILE [MEMORY_ID]

Options

-h, --use-hexdump#

Use hexdump format

Arguments

ADDRESS#

Required argument

BYTE_COUNT#

Required argument

FILE#

Optional argument

MEMORY_ID#

Optional argument

blhost trust-provisioning#

Group of sub-commands related to trust provisioning.

blhost trust-provisioning [OPTIONS] COMMAND [ARGS]...

dsc_hsm_create_session#

Command used by OEM to provide it share to create the initial trust provisioning keys.

OEM_SEED_INPUT_ADDR - address of 128-bit entropy seed value provided by the OEM.
OEM_SEED_INPUT_SIZE - OEM seed size in bytes
OEM_SHARE_OUTPUT_ADDR - A 128-bit encrypted token.
OEM_SHARE_OUTPUT_SIZE - size in bytes
blhost trust-provisioning dsc_hsm_create_session [OPTIONS] OEM_SEED_INPUT_ADDR
                                                 OEM_SEED_INPUT_SIZE
                                                 OEM_SHARE_OUTPUT_ADDR
                                                 OEM_SHARE_OUTPUT_SIZE

Arguments

OEM_SEED_INPUT_ADDR#

Required argument

OEM_SEED_INPUT_SIZE#

Required argument

OEM_SHARE_OUTPUT_ADDR#

Required argument

OEM_SHARE_OUTPUT_SIZE#

Required argument

dsc_hsm_enc_blk#

Command used to encrypt the given block sliced by the nxpimage.

This command is only supported after issuance of dsc_hsm_create_session.

SBX_HEADER_INPUT_ADDR - SBx header containing file size, Firmware version and Timestamp data.
Except for hash digest of block 0, all other fields should be valid.
SBX_HEADER_INPUT_SIZE - size of the header in bytes
BLOCK_NUM - Number of block
BLOCK_DATA_ADDR - Address of data block
BLOCK_DATA_SIZE - Size of data block
blhost trust-provisioning dsc_hsm_enc_blk [OPTIONS] SBX_HEADER_INPUT_ADDR
                                          SBX_HEADER_INPUT_SIZE BLOCK_NUM
                                          BLOCK_DATA_ADDR BLOCK_DATA_SIZE

Arguments

SBX_HEADER_INPUT_ADDR#

Required argument

SBX_HEADER_INPUT_SIZE#

Required argument

BLOCK_NUM#

Required argument

BLOCK_DATA_ADDR#

Required argument

BLOCK_DATA_SIZE#

Required argument

dsc_hsm_enc_sign#

Command used for signing the data buffer provided.

This command is only supported after issuance of dsc_hsm_create_session.

BLOCK_DATA_INPUT_ADDR - Address of data buffer to be signed
BLOCK_DATA_INPUT_SIZE - Size of data buffer in bytes
SIGNATURE_OUTPUT_ADDR - Address to output signature data
SIGNATURE_OUTPUT_SIZE - Size of the output signature data in bytes
blhost trust-provisioning dsc_hsm_enc_sign [OPTIONS] BLOCK_DATA_INPUT_ADDR
                                           BLOCK_DATA_INPUT_SIZE
                                           SIGNATURE_OUTPUT_ADDR
                                           BLOCK_DATA_ADDR

Arguments

BLOCK_DATA_INPUT_ADDR#

Required argument

BLOCK_DATA_INPUT_SIZE#

Required argument

SIGNATURE_OUTPUT_ADDR#

Required argument

BLOCK_DATA_ADDR#

Required argument

el2go_close_device#

Close the device using EdgeLock2Go TP Firmware.

ADDRESS - Address of the Secure Objects in target to provision
blhost trust-provisioning el2go_close_device [OPTIONS] ADDRESS

Options

-d, --dry-run#

Dry run mode

Arguments

ADDRESS#

Required argument

hsm_enc_blk#

Encrypts the given SB3 data block.

MFG_CUST_MK_SK_0_BLOB_INPUT_ADDR - The input buffer address where the CKDF Master Key Blob locates at
MFG_CUST_MK_SK_0_BLOB_INPUT_SIZE - The byte count of the CKDF Master Key Blob
KEK_ID - The CKDF Master Key Encryption Key ID
(0x10: NXP_CUST_KEK_INT_SK, 0x11: NXP_CUST_KEK_EXT_SK)
SB3_HEADER_INPUT_ADDR - The input buffer address where the SB3 Header(block0) locates at
SB3_HEADER_INPUT_SIZE - The byte count of the SB3 Header
BLOCK_NUM - The index of the block. Due to SB3 Header(block 0) is always unencrypted,
the index starts from block1
BLOCK_DATA_ADDR - The buffer address where the SB3 data block locates at
BLOCK_DATA_SIZE - The byte count of the SB3 data block
blhost trust-provisioning hsm_enc_blk [OPTIONS]
                                      MFG_CUST_MK_SK_0_BLOB_INPUT_ADDR
                                      MFG_CUST_MK_SK_0_BLOB_INPUT_SIZE KEK_ID
                                      SB3_HEADER_INPUT_ADDR
                                      SB3_HEADER_INPUT_SIZE BLOCK_NUM
                                      BLOCK_DATA_ADDR BLOCK_DATA_SIZE

Arguments

MFG_CUST_MK_SK_0_BLOB_INPUT_ADDR#

Required argument

MFG_CUST_MK_SK_0_BLOB_INPUT_SIZE#

Required argument

KEK_ID#

Required argument

SB3_HEADER_INPUT_ADDR#

Required argument

SB3_HEADER_INPUT_SIZE#

Required argument

BLOCK_NUM#

Required argument

BLOCK_DATA_ADDR#

Required argument

BLOCK_DATA_SIZE#

Required argument

hsm_enc_sign#

Signs the given data.

It uses the private key in the given key blob, which is generated by HSM_GEN_KEY.

KEY_BLOB_INPUT_ADDR - The input buffer address where signing key blob locates at
KEY_BLOB_INPUT_SIZE - The byte count of the signing key blob
BLOCK_DATA_INPUT_ADDR - The input buffer address where the data locates at
BLOCK_DATA_INPUT_SIZE - The byte count of the data
SIGNATURE_OUTPUT_ADDR - The output buffer address where ROM writes the signature to
SIGNATURE_OUTPUT_SIZE - The output buffer size in byte
blhost trust-provisioning hsm_enc_sign [OPTIONS] KEY_BLOB_INPUT_ADDR
                                       KEY_BLOB_INPUT_SIZE
                                       BLOCK_DATA_INPUT_ADDR
                                       BLOCK_DATA_INPUT_SIZE
                                       SIGNATURE_OUTPUT_ADDR
                                       SIGNATURE_OUTPUT_SIZE

Arguments

KEY_BLOB_INPUT_ADDR#

Required argument

KEY_BLOB_INPUT_SIZE#

Required argument

BLOCK_DATA_INPUT_ADDR#

Required argument

BLOCK_DATA_INPUT_SIZE#

Required argument

SIGNATURE_OUTPUT_ADDR#

Required argument

SIGNATURE_OUTPUT_SIZE#

Required argument

hsm_gen_key#

Creates OEM common keys, including encryption keys and signing keys.

It outputs the key blob, which is wrapped by NXP_CUST_KEK_IN_SK and the public portion of the signing key.

KEY_TYPE - Type of key to generate (MFWISK, MFWENCK, GENSIGNK, GETCUSTMKSK)
RESERVED - Reserved must be 0
KEY_BLOB_OUTPUT_ADDR - Output buffer address where ROM writes the key blob to
KEY_BLOB_OUTPUT_SIZE - Output buffer size in bytes
ECDSA_PUK_OUTPUT_ADDR - Output buffer address where ROM writes the public key to
ECDSA_PUK_OUTPUT_SIZE - Output buffer size in bytes
blhost trust-provisioning hsm_gen_key [OPTIONS] KEY_TYPE RESERVED
                                      KEY_BLOB_OUTPUT_ADDR
                                      KEY_BLOB_OUTPUT_SIZE
                                      ECDSA_PUK_OUTPUT_ADDR
                                      ECDSA_PUK_OUTPUT_SIZE

Arguments

KEY_TYPE#

Required argument

RESERVED#

Required argument

KEY_BLOB_OUTPUT_ADDR#

Required argument

KEY_BLOB_OUTPUT_SIZE#

Required argument

ECDSA_PUK_OUTPUT_ADDR#

Required argument

ECDSA_PUK_OUTPUT_SIZE#

Required argument

hsm_store_key#

Stores known keys, and generate the corresponding key blob.

It wraps the known key, which is given by the customer, using NXP_CUST_KEK_EXT_SK, and output the RFC3396 key blob.

KEY_TYPE - Type of key to generate (CKDFK, HKDFK, HMACK, CMACK, AESK, KUOK)
KEY_PROPERTY - Bit 0: Key Size, 0 for 128bit, 1 for 256bit. Bits 30-31: set key protection CSS mode
KEY_INPUT_ADDR - The input buffer address where the key locates at
KEY_INPUT_SIZE - The byte count of the key
KEY_BLOB_OUTPUT_ADDR - The output buffer address where ROM writes the key blob to
KEY_BLOB_OUTPUT_SIZE - The output buffer size in byte
blhost trust-provisioning hsm_store_key [OPTIONS] KEY_TYPE KEY_PROPERTY
                                        KEY_INPUT_ADDR KEY_INPUT_SIZE
                                        KEY_BLOB_OUTPUT_ADDR
                                        KEY_BLOB_OUTPUT_SIZE

Arguments

KEY_TYPE#

Required argument

KEY_PROPERTY#

Required argument

KEY_INPUT_ADDR#

Required argument

KEY_INPUT_SIZE#

Required argument

KEY_BLOB_OUTPUT_ADDR#

Required argument

KEY_BLOB_OUTPUT_SIZE#

Required argument

isp_set_wrap_data#

Start the process of setting wrapped OEM data.

ADDRESS - Address of the Wrapped data package in target
CONTROL - Controls location of the Wrapped data package (1 - by address /default/, 2 - in firmware)
STAGE - Stage of the OEM TrustProvisioning process
blhost trust-provisioning isp_set_wrap_data [OPTIONS] ADDRESS [CONTROL]
                                            [STAGE]

Arguments

ADDRESS#

Required argument

CONTROL#

Optional argument

STAGE#

Optional argument

nxp_get_id#

Command used for harvesting device ID blob during wafer test as part of RTS flow.

This command is allowed only when LC_STATE < 0x3.

ID_BLOB_ADDR - address of ID blob defined by Round-trip trust provisioning specification.
ID_BLOB_SIZE - length of buffer in bytes
blhost trust-provisioning nxp_get_id [OPTIONS] ID_BLOB_ADDR ID_BLOB_SIZE

Arguments

ID_BLOB_ADDR#

Required argument

ID_BLOB_SIZE#

Required argument

oem_gen_master_share#

Creates shares for initial trust provisioning keys.

OEM_SHARE_INPUT_ADDR - The input buffer address where the OEM Share(entropy seed) locates at
OEM_SHARE_INPUT_SIZE - The byte count of the OEM Share
OEM_ENC_SHARE_OUTPUT_ADDR - The output buffer address where ROM writes the Encrypted OEM Share to
OEM_ENC_SHARE_OUTPUT_SIZE - The output buffer size in byte
OEM_ENC_MASTER_SHARE_OUTPUT_ADDR - The output buffer address where ROM writes the Encrypted OEM Master Share to
OEM_ENC_MASTER_SHARE_OUTPUT_SIZE - The output buffer size in byte.
OEM_CUST_CERT_PUK_OUTPUT_ADDR - The output buffer address where ROM writes
the OEM Customer Certificate Public Key to
OEM_CUST_CERT_PUK_OUTPUT_SIZE - The output buffer size in byte
blhost trust-provisioning oem_gen_master_share [OPTIONS] OEM_SHARE_INPUT_ADDR
                                               OEM_SHARE_INPUT_SIZE
                                               OEM_ENC_SHARE_OUTPUT_ADDR
                                               OEM_ENC_SHARE_OUTPUT_SIZE OEM_E
                                               NC_MASTER_SHARE_OUTPUT_ADDR OEM
                                               _ENC_MASTER_SHARE_OUTPUT_SIZE
                                               OEM_CUST_CERT_PUK_OUTPUT_ADDR
                                               OEM_CUST_CERT_PUK_OUTPUT_SIZE

Arguments

OEM_SHARE_INPUT_ADDR#

Required argument

OEM_SHARE_INPUT_SIZE#

Required argument

OEM_ENC_SHARE_OUTPUT_ADDR#

Required argument

OEM_ENC_SHARE_OUTPUT_SIZE#

Required argument

OEM_ENC_MASTER_SHARE_OUTPUT_ADDR#

Required argument

OEM_ENC_MASTER_SHARE_OUTPUT_SIZE#

Required argument

OEM_CUST_CERT_PUK_OUTPUT_ADDR#

Required argument

OEM_CUST_CERT_PUK_OUTPUT_SIZE#

Required argument

oem_get_cust_cert_dice_puk#

Creates the initial trust provisioning keys.

OEM_RKTH_INPUT_ADDR - The input buffer address where the OEM RKTH locates at
OEM_RKTH_INPUT_SIZE - The byte count of the OEM RKTH
OEM_CUST_CERT_DICE_PUK_OUTPUT_ADDR - The output buffer address where ROM writes the OEM Customer
Certificate Public Key for DICE to
OEM_CUST_CERT_DICE_PUK_OUTPUT_SIZE - The output buffer size in byte
blhost trust-provisioning oem_get_cust_cert_dice_puk [OPTIONS]
                                                     OEM_RKTH_INPUT_ADDR
                                                     OEM_RKTH_INPUT_SIZE OEM_C
                                                     UST_CERT_DICE_PUK_OUTPUT_
                                                     ADDR OEM_CUST_CERT_DICE_P
                                                     UK_OUTPUT_SIZE

Arguments

OEM_RKTH_INPUT_ADDR#

Required argument

OEM_RKTH_INPUT_SIZE#

Required argument

OEM_CUST_CERT_DICE_PUK_OUTPUT_ADDR#

Required argument

OEM_CUST_CERT_DICE_PUK_OUTPUT_SIZE#

Required argument

oem_get_cust_dice_response#

Creates DICE response for given challenge.

CHALLENGE_ADDR - The input buffer address where the challenge is located
CHALLENGE_SIZE - The byte count of the challenge
RESPONSE_ADDR - The output buffer address where ROM writes DICE response
RESPONSE_SIZE - The byte count of the response
blhost trust-provisioning oem_get_cust_dice_response [OPTIONS] CHALLENGE_ADDR
                                                     CHALLENGE_SIZE
                                                     RESPONSE_ADDR
                                                     RESPONSE_SIZE

Arguments

CHALLENGE_ADDR#

Required argument

CHALLENGE_SIZE#

Required argument

RESPONSE_ADDR#

Required argument

RESPONSE_SIZE#

Required argument

oem_set_master_share#

Takes the entropy seed and the Encrypted OEM Master Share.

blhost trust-provisioning oem_set_master_share [OPTIONS] OEM_SHARE_INPUT_ADDR
                                               OEM_SHARE_INPUT_SIZE
                                               OEM_ENC_MASTER_SHARE_INPUT_ADDR
                                               OEM_ENC_MASTER_SHARE_INPUT_SIZE

Arguments

OEM_SHARE_INPUT_ADDR#

Required argument

OEM_SHARE_INPUT_SIZE#

Required argument

OEM_ENC_MASTER_SHARE_INPUT_ADDR#

Required argument

OEM_ENC_MASTER_SHARE_INPUT_SIZE#

Required argument

prove_genuinity#

Start the process of proving genuinity.

ADDRESS - Address where is the prove_genuinity request stored
BUFFER_SIZE - Maximal size of the generated prove_genuinity response
blhost trust-provisioning prove_genuinity [OPTIONS] ADDRESS BUFFER_SIZE

Arguments

ADDRESS#

Required argument

BUFFER_SIZE#

Required argument

wpc_get_id#

Command used for harvesting device ID blob.

WPC_ID_BLOB_ADDR - Buffer address
WPC_ID_BLOB_SIZE - Buffer size
blhost trust-provisioning wpc_get_id [OPTIONS] WPC_ID_BLOB_ADDR
                                     WPC_ID_BLOB_SIZE

Arguments

WPC_ID_BLOB_ADDR#

Required argument

WPC_ID_BLOB_SIZE#

Required argument

wpc_insert_cert#

Command used for certificate validation before it is written into flash.

This command does following things:

Extracts ECID and WPC PUK from certificate Validates ECID and WPC PUK. If both are OK it returns success. Otherwise returns fail

WPC_CERT_ADDR - address of inserted certificate
WPC_CERT_LEN - length in bytes of inserted certificate
EC_ID_OFFSET - offset to 72-bit ECID
WPC_PUK_OFFSET - WPC PUK offset from beginning of inserted certificate
blhost trust-provisioning wpc_insert_cert [OPTIONS] WPC_CERT_ADDR WPC_CERT_LEN
                                          EC_ID_OFFSET WPC_PUK_OFFSET

Arguments

WPC_CERT_ADDR#

Required argument

WPC_CERT_LEN#

Required argument

EC_ID_OFFSET#

Required argument

WPC_PUK_OFFSET#

Required argument

wpc_sign_csr#

Command used for signing CSR data (TBS portion).

CSR_TBS_ADDR - address of CSR-TBS data
CSR_TBS_LEN - length in bytes of CSR-TBS data
SIGNATURE_ADDR - address where to store signature
SIGNATURE_LEN - expected length of signature
blhost trust-provisioning wpc_sign_csr [OPTIONS] CSR_TBS_ADDR CSR_TBS_LEN
                                       SIGNATURE_ADDR SIGNATURE_LEN

Arguments

CSR_TBS_ADDR#

Required argument

CSR_TBS_LEN#

Required argument

SIGNATURE_ADDR#

Required argument

SIGNATURE_LEN#

Required argument

blhost batch#

Invoke blhost commands defined in command file.

Command file contains one blhost command per line. example: “read-memory 0 4096 memory.bin” example: “get-property 24 # read target version”

Comments are supported. Everything after ‘#’ is a comment (just like in Python/Shell)

Note: This is an early experimental format, it may change at any time.

COMMAND_FILE - path to blhost command file
blhost batch [OPTIONS] COMMAND_FILE

Arguments

COMMAND_FILE#

Required argument

blhost update-life-cycle#

Update life cycle of device.

LIFE CYCLE - Device life cycle to be device move to.
blhost update-life-cycle [OPTIONS] LIFE CYCLE

Arguments

LIFE CYCLE#

Required argument

blhost ele-message#

Send message to EdgeLock Enclave.

This command is designed to be, as general, as is possible to work with EdgeLock Enclave. EdgeLock Enclave message is prepared in PC and stored in target RAM (for example by ‘blhost write-memory’). The response of ELE command is stored also in target memory on place that is defined by ‘resp-msg-addr and could be read back (for example by ‘blhost read-memory’).

Size of command message and response is in count of 32-bit words.

COMMAND MESSAGE ADDRESS - Address in target where is stored the command words.
COMMAND MESSAGE COUNT - Count of the stored command words.
RESPONSE MESSAGE ADDRESS - Address in target memory space where the ELE store response.
RESPONSE MESSAGE COUNT - Maximal count of words reserved for response.
blhost ele-message [OPTIONS] COMMAND MESSAGE ADDRESS COMMAND MESSAGE COUNT
                   RESPONSE MESSAGE ADDRESS RESPONSE MESSAGE COUNT

Arguments

COMMAND MESSAGE ADDRESS#

Required argument

COMMAND MESSAGE COUNT#

Required argument

RESPONSE MESSAGE ADDRESS#

Required argument

RESPONSE MESSAGE COUNT#

Required argument

Error Codes#

Mboot error codes#

Error code

Name

Description

0

SUCCESS

Success

1

FAIL

Fail

2

READ_ONLY

Read Only Error

3

OUT_OF_RANGE

Out Of Range Error

4

INVALID_ARGUMENT

Invalid Argument Error

5

TIMEOUT

Timeout Error

6

NO_TRANSFER_IN_PROGRESS

No Transfer In Progress Error

100

FLASH_SIZE_ERROR

FLASH Driver: Size Error

101

FLASH_ALIGNMENT_ERROR

FLASH Driver: Alignment Error

102

FLASH_ADDRESS_ERROR

FLASH Driver: Address Error

103

FLASH_ACCESS_ERROR

FLASH Driver: Access Error

104

FLASH_PROTECTION_VIOLATION

FLASH Driver: Protection Violation

105

FLASH_COMMAND_FAILURE

FLASH Driver: Command Failure

106

FLASH_UNKNOWN_PROPERTY

FLASH Driver: Unknown Property

107

FLASH_ERASE_KEY_ERROR

FLASH Driver: Provided Key Does Not Match Programmed Flash Memory Key

108

FLASH_REGION_EXECUTE_ONLY

FLASH Driver: Region Execute Only

109

FLASH_EXEC_IN_RAM_NOT_READY

FLASH Driver: Execute In RAM Function Not Ready

111

FLASH_COMMAND_NOT_SUPPORTED

FLASH Driver: Command Not Supported

112

FLASH_READ_ONLY_PROPERTY

FLASH Driver: Flash Memory Property Is Read-Only

113

FLASH_INVALID_PROPERTY_VALUE

FLASH Driver: Flash Memory Property Value Out Of Range

114

FLASH_INVALID_SPECULATION_OPTION

FLASH Driver: Flash Memory Prefetch Speculation Option Is Invalid

116

FLASH_ECC_ERROR

FLASH Driver: ECC Error

117

FLASH_COMPARE_ERROR

FLASH Driver: Destination And Source Memory Contents Do Not Match

118

FLASH_REGULATION_LOSS

FLASH Driver: Loss Of Regulation During Read

119

FLASH_INVALID_WAIT_STATE_CYCLES

FLASH Driver: Wait State Cycle Set To Read/Write Mode Is Invalid

121

FLASH_COMMAND_ABORT_OPTION

FLASH Driver: Operation is aborted

132

FLASH_OUT_OF_DATE_CFPA_PAGE

FLASH Driver: Out Of Date CFPA Page

133

FLASH_BLANK_IFR_PAGE_DATA

FLASH Driver: Blank IFR Page Data

134

FLASH_ENCRYPTED_REGIONS_ERASE_NOT_DONE_AT_ONCE

FLASH Driver: Encrypted Regions Erase Not Done At Once

135

FLASH_PROGRAM_VERIFICATION_NOT_ALLOWED

FLASH Driver: Program Verification Not Allowed

136

FLASH_HASH_CHECK_ERROR

FLASH Driver: Hash Check Error

137

FLASH_SEALED_PFR_REGION

FLASH Driver: Sealed PFR Region

138

FLASH_PFR_REGION_WRITE_BROKEN

FLASH Driver: PFR Region Write Broken

139

FLASH_NMPA_UPDATE_NOT_ALLOWED

FLASH Driver: NMPA Update Not Allowed

140

FLASH_CMPA_CFG_DIRECT_ERASE_NOT_ALLOWED

FLASH Driver: CMPA Cfg Direct Erase Not Allowed

141

FLASH_PFR_BANK_IS_LOCKED

FLASH Driver: PFR Bank Is Locked

148

FLASH_CFPA_SCRATCH_PAGE_INVALID

FLASH Driver: CFPA Scratch Page Invalid

149

FLASH_CFPA_VERSION_ROLLBACK_DISALLOWED

FLASH Driver: CFPA Version Rollback Disallowed

150

FLASH_READ_HIDING_AREA_DISALLOWED

FLASH Driver: Flash Memory Hiding Read Not Allowed

151

FLASH_MODIFY_PROTECTED_AREA_DISALLOWED

FLASH Driver: Flash Firewall Page Locked Erase And Program Are Not Allowed

152

FLASH_COMMAND_OPERATION_IN_PROGRESS

FLASH Driver: Flash Memory State Busy Flash Memory Command Is In Progress

153

FLASH_IFR1_ACCESS_NOT_ALLOWED

FLASH Driver: IFR1 Access Not Allowed

154

FLASH_ERASE_VERIFY_FAILED

FLASH Driver: Flash Memory Erase Verify Failed

200

I2C_SLAVE_TX_UNDERRUN

I2C Driver: Slave Tx Underrun

201

I2C_SLAVE_RX_OVERRUN

I2C Driver: Slave Rx Overrun

202

I2C_ARBITRATION_LOST

I2C Driver: Arbitration Lost

300

SPI_SLAVE_TX_UNDERRUN

SPI Driver: Slave Tx Underrun

301

SPI_SLAVE_RX_OVERRUN

SPI Driver: Slave Rx Overrun

400

QSPI_FLASH_SIZE_ERROR

QSPI Driver: Flash Size Error

401

QSPI_FLASH_ALIGNMENT_ERROR

QSPI Driver: Flash Alignment Error

402

QSPI_FLASH_ADDRESS_ERROR

QSPI Driver: Flash Address Error

403

QSPI_FLASH_COMMAND_FAILURE

QSPI Driver: Flash Command Failure

404

QSPI_FLASH_UNKNOWN_PROPERTY

QSPI Driver: Flash Unknown Property

405

QSPI_NOT_CONFIGURED

QSPI Driver: Not Configured

406

QSPI_COMMAND_NOT_SUPPORTED

QSPI Driver: Command Not Supported

407

QSPI_COMMAND_TIMEOUT

QSPI Driver: Command Timeout

408

QSPI_WRITE_FAILURE

QSPI Driver: Write Failure

500

OTFAD_SECURITY_VIOLATION

OTFAD Driver: Security Violation

501

OTFAD_LOGICALLY_DISABLED

OTFAD Driver: Logically Disabled

502

OTFAD_INVALID_KEY

OTFAD Driver: Invalid Key

503

OTFAD_INVALID_KEY_BLOB

OTFAD Driver: Invalid Key Blob

1812

SENDING_OPERATION_CONDITION_ERROR

Send Operation Condition failed

6000

FLEXSPI_SEQUENCE_EXECUTION_TIMEOUT_1

FLEXSPI: Sequence Execution Timeout

6001

FLEXSPI_INVALID_SEQUENCE_1

FLEXSPI: Invalid Sequence

6002

FLEXSPI_DEVICE_TIMEOUT_1

FLEXSPI: Device Timeout

7000

FLEXSPI_SEQUENCE_EXECUTION_TIMEOUT_2

FLEXSPI: Sequence Execution Timeout

7001

FLEXSPI_INVALID_SEQUENCE_2

FLEXSPI: Invalid Sequence

7002

FLEXSPI_DEVICE_TIMEOUT_2

FLEXSPI: Device Timeout

10000

UNKNOWN_COMMAND

Unknown Command

10001

SECURITY_VIOLATION

Security Violation

10002

ABORT_DATA_PHASE

Abort Data Phase

10003

PING_ERROR

Ping Error

10004

NO_RESPONSE

No response packet from target device

10005

NO_RESPONSE_EXPECTED

No Response Expected

10006

UNSUPPORTED_COMMAND

Unsupported Command

10100

ROMLDR_SECTION_OVERRUN

ROM Loader: Section Overrun

10101

ROMLDR_SIGNATURE

ROM Loader: Signature Error

10102

ROMLDR_SECTION_LENGTH

ROM Loader: Section Length Error

10103

ROMLDR_UNENCRYPTED_ONLY

ROM Loader: Unencrypted Only

10104

ROMLDR_EOF_REACHED

ROM Loader: EOF Reached

10105

ROMLDR_CHECKSUM

ROM Loader: Checksum Error

10106

ROMLDR_CRC32_ERROR

ROM Loader: CRC32 Error

10107

ROMLDR_UNKNOWN_COMMAND

ROM Loader: Unknown Command

10108

ROMLDR_ID_NOT_FOUND

ROM Loader: ID Not Found

10109

ROMLDR_DATA_UNDERRUN

ROM Loader: Data Underrun

10110

ROMLDR_JUMP_RETURNED

ROM Loader: Jump Returned

10111

ROMLDR_CALL_FAILED

ROM Loader: Call Failed

10112

ROMLDR_KEY_NOT_FOUND

ROM Loader: Key Not Found

10113

ROMLDR_SECURE_ONLY

ROM Loader: Secure Only

10114

ROMLDR_RESET_RETURNED

ROM Loader: Reset Returned

10115

ROMLDR_ROLLBACK_BLOCKED

ROM Loader: Rollback Blocked

10116

ROMLDR_INVALID_SECTION_MAC_COUNT

ROM Loader: Invalid Section Mac Count

10117

ROMLDR_UNEXPECTED_COMMAND

ROM Loader: Unexpected Command

10118

ROMLDR_BAD_SBKEK

ROM Loader: Bad SBKEK Detected

10119

ROMLDR_PENDING_JUMP_COMMAND

ROM Loader: Pending Jump Command

10200

MEMORY_RANGE_INVALID

Memory Range Invalid

10201

MEMORY_READ_FAILED

Memory Read Failed

10202

MEMORY_WRITE_FAILED

Memory Write Failed

10203

MEMORY_CUMULATIVE_WRITE

Memory Cumulative Write

10204

MEMORY_APP_OVERLAP_WITH_EXECUTE_ONLY_REGION

Memory App Overlap with exec region

10205

MEMORY_NOT_CONFIGURED

Memory Not Configured

10206

MEMORY_ALIGNMENT_ERROR

Memory Alignment Error

10207

MEMORY_VERIFY_FAILED

Memory Verify Failed

10208

MEMORY_WRITE_PROTECTED

Memory Write Protected

10209

MEMORY_ADDRESS_ERROR

Memory Address Error

10210

MEMORY_BLANK_CHECK_FAILED

Memory Black Check Failed

10211

MEMORY_BLANK_PAGE_READ_DISALLOWED

Memory Blank Page Read Disallowed

10212

MEMORY_PROTECTED_PAGE_READ_DISALLOWED

Memory Protected Page Read Disallowed

10213

MEMORY_PFR_SPEC_REGION_WRITE_BROKEN

Memory PFR Spec Region Write Broken

10214

MEMORY_UNSUPPORTED_COMMAND

Memory Unsupported Command

10300

UNKNOWN_PROPERTY

Unknown Property

10301

READ_ONLY_PROPERTY

Read Only Property

10302

INVALID_PROPERTY_VALUE

Invalid Property Value

10400

APP_CRC_CHECK_PASSED

Application CRC Check: Passed

10401

APP_CRC_CHECK_FAILED

Application: CRC Check: Failed

10402

APP_CRC_CHECK_INACTIVE

Application CRC Check: Inactive

10403

APP_CRC_CHECK_INVALID

Application CRC Check: Invalid

10404

APP_CRC_CHECK_OUT_OF_RANGE

Application CRC Check: Out Of Range

10500

PACKETIZER_NO_PING_RESPONSE

Packetizer Error: No Ping Response

10501

PACKETIZER_INVALID_PACKET_TYPE

Packetizer Error: No response received for ping command

10502

PACKETIZER_INVALID_CRC

Packetizer Error: Invalid packet type

10503

PACKETIZER_NO_COMMAND_RESPONSE

Packetizer Error: No response received for command

10600

RELIABLE_UPDATE_SUCCESS

Reliable Update: Success

10601

RELIABLE_UPDATE_FAIL

Reliable Update: Fail

10602

RELIABLE_UPDATE_INACTIVE

Reliable Update: Inactive

10603

RELIABLE_UPDATE_BACKUPAPPLICATIONINVALID

Reliable Update: Backup Application Invalid

10604

RELIABLE_UPDATE_STILLINMAINAPPLICATION

Reliable Update: Still In Main Application

10605

RELIABLE_UPDATE_SWAPSYSTEMNOTREADY

Reliable Update: Swap System Not Ready

10606

RELIABLE_UPDATE_BACKUPBOOTLOADERNOTREADY

Reliable Update: Backup Bootloader Not Ready

10607

RELIABLE_UPDATE_SWAPINDICATORADDRESSINVALID

Reliable Update: Swap Indicator Address Invalid

10608

RELIABLE_UPDATE_SWAPSYSTEMNOTAVAILABLE

Reliable Update: Swap System Not Available

10609

RELIABLE_UPDATE_SWAPTEST

Reliable Update: Swap Test

10700

SERIAL_NOR_EEPROM_ADDRESS_INVALID

SerialNorEeprom: Address Invalid

10701

SERIAL_NOR_EEPROM_TRANSFER_ERROR

SerialNorEeprom: Transfer Error

10702

SERIAL_NOR_EEPROM_TYPE_INVALID

SerialNorEeprom: Type Invalid

10703

SERIAL_NOR_EEPROM_SIZE_INVALID

SerialNorEeprom: Size Invalid

10704

SERIAL_NOR_EEPROM_COMMAND_INVALID

SerialNorEeprom: Command Invalid

10801

ROM_API_NEED_MORE_DATA

RomApi: Need More Data

10802

ROM_API_BUFFER_SIZE_NOT_ENOUGH

RomApi: Buffer Size Not Enough

10803

ROM_API_INVALID_BUFFER

RomApi: Invalid Buffer

20000

FLEXSPINAND_READ_PAGE_FAIL

FlexSPINAND: Read Page Fail

20001

FLEXSPINAND_READ_CACHE_FAIL

FlexSPINAND: Read Cache Fail

20002

FLEXSPINAND_ECC_CHECK_FAIL

FlexSPINAND: Ecc Check Fail

20003

FLEXSPINAND_PAGE_LOAD_FAIL

FlexSPINAND: Page Load Fail

20004

FLEXSPINAND_PAGE_EXECUTE_FAIL

FlexSPINAND: Page Execute Fail

20005

FLEXSPINAND_ERASE_BLOCK_FAIL

FlexSPINAND: Erase Block Fail

20006

FLEXSPINAND_WAIT_TIMEOUT

FlexSPINAND: Wait Timeout

20007

FlexSPINAND_NOT_SUPPORTED

SPI NAND: PageSize over the max supported size

20008

FlexSPINAND_FCB_UPDATE_FAIL

SPI NAND: Failed to update Flash config block to SPI NAND

20009

FlexSPINAND_DBBT_UPDATE_FAIL

SPI NAND: Failed to update discovered bad block table to SPI NAND

20010

FLEXSPINAND_WRITEALIGNMENTERROR

FlexSPINAND: Write Alignment Error

20011

FLEXSPINAND_NOT_FOUND

FlexSPINAND: Not Found

20100

FLEXSPINOR_PROGRAM_FAIL

FLEXSPINOR: Program Fail

20101

FLEXSPINOR_ERASE_SECTOR_FAIL

FLEXSPINOR: Erase Sector Fail

20102

FLEXSPINOR_ERASE_ALL_FAIL

FLEXSPINOR: Erase All Fail

20103

FLEXSPINOR_WAIT_TIMEOUT

FLEXSPINOR:Wait Timeout

20104

FLEXSPINOR_NOT_SUPPORTED

FlexSPINOR: PageSize over the max supported size

20105

FLEXSPINOR_WRITE_ALIGNMENT_ERROR

FlexSPINOR:Write Alignment Error

20106

FLEXSPINOR_COMMANDFAILURE

FlexSPINOR: Command Failure

20107

FLEXSPINOR_SFDP_NOTFOUND

FlexSPINOR: SFDP Not Found

20108

FLEXSPINOR_UNSUPPORTED_SFDP_VERSION

FLEXSPINOR: Unsupported SFDP Version

20109

FLEXSPINOR_FLASH_NOTFOUND

FLEXSPINOR Flash Not Found

20110

FLEXSPINOR_DTR_READ_DUMMYPROBEFAILED

FLEXSPINOR: DTR Read Dummy Probe Failed

20200

OCOTP_READ_FAILURE

OCOTP: Read Failure

20201

OCOTP_PROGRAM_FAILURE

OCOTP: Program Failure

20202

OCOTP_RELOAD_FAILURE

OCOTP: Reload Failure

20203

OCOTP_WAIT_TIMEOUT

OCOTP: Wait Timeout

20905

XSPINOR_WRITE_ALIGNMENT_ERROR

xSPINOR: Write Alignment Error

21100

SEMCNOR_DEVICE_TIMEOUT

SemcNOR: Device Timeout

21101

SEMCNOR_INVALID_MEMORY_ADDRESS

SemcNOR: Invalid Memory Address

21102

SEMCNOR_UNMATCHED_COMMAND_SET

SemcNOR: unmatched Command Set

21103

SEMCNOR_ADDRESS_ALIGNMENT_ERROR

SemcNOR: Address Alignment Error

21104

SEMCNOR_INVALID_CFI_SIGNATURE

SemcNOR: Invalid Cfi Signature

21105

SEMCNOR_COMMAND_ERROR_NO_OP_TO_SUSPEND

SemcNOR: Command Error No Op To Suspend

21106

SEMCNOR_COMMAND_ERROR_NO_INFO_AVAILABLE

SemcNOR: Command Error No Info Available

21107

SEMCNOR_BLOCK_ERASE_COMMAND_FAILURE

SemcNOR: Block Erase Command Failure

21108

SEMCNOR_BUFFER_PROGRAM_COMMAND_FAILURE

SemcNOR: Buffer Program Command Failure

21109

SEMCNOR_PROGRAM_VERIFY_FAILURE

SemcNOR: Program Verify Failure

21110

SEMCNOR_ERASE_VERIFY_FAILURE

SemcNOR: Erase Verify Failure

21116

SEMCNOR_INVALID_CFG_TAG

SemcNOR: Invalid Cfg Tag

21200

SEMCNAND_DEVICE_TIMEOUT

SemcNAND: Device Timeout

21201

SEMCNAND_INVALID_MEMORY_ADDRESS

SemcNAND: Invalid Memory Address

21202

SEMCNAND_NOT_EQUAL_TO_ONE_PAGE_SIZE

SemcNAND: Not Equal To One Page Size

21203

SEMCNAND_MORE_THAN_ONE_PAGE_SIZE

SemcNAND: More Than One Page Size

21204

SEMCNAND_ECC_CHECK_FAIL

SemcNAND: Ecc Check Fail

21205

SEMCNAND_INVALID_ONFI_PARAMETER

SemcNAND: Invalid Onfi Parameter

21206

SEMCNAND_CANNOT_ENABLE_DEVICE_ECC

SemcNAND: Cannot Enable Device Ecc

21207

SEMCNAND_SWITCH_TIMING_MODE_FAILURE

SemcNAND: Switch Timing Mode Failure

21208

SEMCNAND_PROGRAM_VERIFY_FAILURE

SemcNAND: Program Verify Failure

21209

SEMCNAND_ERASE_VERIFY_FAILURE

SemcNAND: Erase Verify Failure

21210

SEMCNAND_INVALID_READBACK_BUFFER

SemcNAND: Invalid Readback Buffer

21216

SEMCNAND_INVALID_CFG_TAG

SemcNAND: Invalid Cfg Tag

21217

SEMCNAND_FAIL_TO_UPDATE_FCB

SemcNAND: Fail To Update Fcb

21218

SEMCNAND_FAIL_TO_UPDATE_DBBT

SemcNAND: Fail To Update Dbbt

21219

SEMCNAND_DISALLOW_OVERWRITE_BCB

SemcNAND: Disallow Overwrite Bcb

21220

SEMCNAND_ONLY_SUPPORT_ONFI_DEVICE

SemcNAND: Only Support Onfi Device

21221

SEMCNAND_MORE_THAN_MAX_IMAGE_COPY

SemcNAND: More Than Max Image Copy

21222

SEMCNAND_DISORDERED_IMAGE_COPIES

SemcNAND: Disordered Image Copies

22000

SPIFINOR_PROGRAM_FAIL

SPIFINOR: Program Fail

22001

SPIFINOR_ERASE_SECTORFAIL

SPIFINOR: Erase Sector Fail

22002

SPIFINOR_ERASE_ALL_FAIL

SPIFINOR: Erase All Fail

22003

SPIFINOR_WAIT_TIMEOUT

SPIFINOR: Wait Timeout

22004

SPIFINOR_NOT_SUPPORTED

SPIFINOR: Not Supported

22005

SPIFINOR_WRITE_ALIGNMENTERROR

SPIFINOR: Write Alignment Error

22006

SPIFINOR_COMMAND_FAILURE

SPIFINOR: Command Failure

22007

SPIFINOR_SFDP_NOT_FOUND

SPIFINOR: SFDP Not Found

30000

EDGELOCK_INVALID_RESPONSE

EDGELOCK: Invalid Response

30001

EDGELOCK_RESPONSE_ERROR

EDGELOCK: Response Error

30002

EDGELOCK_ABORT

EDGELOCK: Abort

30003

EDGELOCK_OPERATION_FAILED

EDGELOCK: Operation Failed

30004

EDGELOCK_OTP_PROGRAM_FAILURE

EDGELOCK: OTP Program Failure

30005

EDGELOCK_OTP_LOCKED

EDGELOCK: OTP Locked

30006

EDGELOCK_OTP_INVALID_IDX

EDGELOCK: OTP Invalid IDX

30007

EDGELOCK_INVALID_LIFECYCLE

EDGELOCK: Invalid Lifecycle

52801

OTP_INVALID_ADDRESS

OTP: Invalid OTP address

52802

OTP_PROGRAM_FAIL

OTP: Programming failed

52803

OTP_CRC_FAIL

OTP: CRC check failed

52804

OTP_ERROR

OTP: Error happened during OTP operation

52805

OTP_ECC_CRC_FAIL

OTP: ECC check failed during OTP operation

52806

OTP_LOCKED

OTP: Field is locked when programming

52807

OTP_TIMEOUT

OTP: Operation timed out

52808

OTP_CRC_CHECK_PASS

OTP: CRC check passed

52009

OTP_VERIFY_FAIL

OTP: Failed to verify OTP write

1515890085

SECURITY_SUBSYSTEM_ERROR

Security SubSystem Error

0

TP_SUCCESS

TP: SUCCESS

80000

TP_GENERAL_ERROR

TP: General error

80001

TP_CRYPTO_ERROR

TP: Error during cryptographic operation

80002

TP_NULLPTR_ERROR

TP: NULL pointer dereference or when buffer could not be allocated

80003

TP_ALREADYINITIALIZED

TP: Already initialized

80004

TP_BUFFERSMALL

TP: Buffer is too small

80005

TP_ADDRESS_ERROR

TP: Address out of allowed range or buffer could not be allocated

80006

TP_CONTAINERINVALID

TP: Container header or size is invalid

80007

TP_CONTAINERENTRYINVALID

TP: Container entry invalid

80008

TP_CONTAINERENTRYNOTFOUND

TP: Container entry not found in container

80009

TP_INVALIDSTATEOPERATION

TP: Attempt to process command in disallowed state

80010

TP_COMMAND_ERROR

TP: ISP command arguments are invalid

80011

TP_PUF_ERROR

TP: PUF operation error

80012

TP_FLASH_ERROR

TP: Flash erase/program/verify_erase failed

80013

TP_SECRETBOX_ERROR

TP: SBKEK or USER KEK cannot be stored in secret box

80014

TP_PFR_ERROR

TP: Protected Flash Region operation failed

80015

TP_VERIFICATION_ERROR

TP: Container signature verification failed

80016

TP_CFPA_ERROR

TP: CFPA page cannot be stored

80017

TP_CMPA_ERROR

TP: CMPA page cannot be stored or ROTKH or SECU registers are invalid

80018

TP_ADDR_OUT_OF_RANGE

TP: Address is out of range

80019

TP_CONTAINER_ADDR_ERROR

TP: Container address in write context is invalid or there is no memory for entry storage

80020

TP_CONTAINER_ADDR_UNALIGNED

TP: Container address in read context is unaligned

80021

TP_CONTAINER_BUFF_SMALL

TP: There is not enough memory to store the container

80022

TP_CONTAINER_NO_ENTRY

TP: Attempt to sign an empty container

80023

TP_CERT_ADDR_ERROR

TP: Destination address of OEM certificate is invalid

80024

TP_CERT_ADDR_UNALIGNED

TP: Destination address of certificate is unaligned

80025

TP_CERT_OVERLAPPING

TP: OEM certificates are overlapping due to wrong destination addresses

80026

TP_PACKET_ERROR

TP: Error during packet sending/receiving

80027

TP_PACKET_DATA_ERROR

TP: Data in packet handle are invalid

80028

TP_UNKNOWN_COMMAND

TP: Unknown command was received

80029

TP_SB3_FILE_ERROR

TP: Error during processing SB3 file

80101

TP_GENERAL_CRITICAL_ERROR

TP: Critical error

80102

TP_CRYPTO_CRITICAL_ERROR

TP: Error of crypto module which prevents proper functionality

80103

TP_PUF_CRITICAL_ERROR

TP: Initialization or start of the PUF periphery failed

80104

TP_PFR_CRITICAL_ERROR

TP: Initialization of PFR or reading of activation code failed

80105

TP_PERIPHERAL_CRITICAL_ERROR

TP: Peripheral failure

80106

TP_PRINCE_CRITICAL_ERROR

TP: Error during PRINCE encryption/decryption

80107

TP_SHA_CHECK_CRITICAL_ERROR

TP: SHA check verification failed

100002

IAP_OUT_OF_MEMORY

IAP: Heap Size Not Large Enough During API Execution

100003

IAP_READ_DISALLOWED

IAP: Read Memory Operation Disallowed During API Execution

100004

IAP_CUMULATIVE_WRITE

IAP: Flash Memory Region To Be Programmed Is Not Empty

100005

IAP_ERASE_FAILURE

IAP: Erase Operation Failed

100006

IAP_COMMAND_NOT_SUPPORTED

IAP: Specific Command Not Supported

100007

IAP_MEMORY_ACCESS_DISABLED

IAP: Memory Access Disabled

1515870810

EL2GO_PROV_SUCCESS

Device has been successfully provisioned.

2768290048

STATUS_GET_0TP_SHARES_FAIL

STATUS_GET_0TP_SHARES_FAIL: Failure in reading out OTP shares

2768290304

STATUS_DER_NXP_DIE_EXT_MK_SK_FAIL

STATUS_DER_NXP_DIE_EXT_MK_SK_FAIL: Failure in key derivation

2768290560

STATUS_DER_NXP_DIE_EL2GOSYM_MK_SK_FAIL

STATUS_DER_NXP_DIE_EL2GOSYM_MK_SK_FAIL: Failure in key derivation

2768290816

STATUS_DER_NXP_DIE_EL2GOOEM_MK_SK_FAIL

STATUS_DER_NXP_DIE_EL2GOOEM_MK_SK_FAIL: Failure in key derivation

2768291072

STATUS_DER_NXP_DIE_EL2GOIMPORT_KEK_SK_FAIL

STATUS_DER_NXP_DIE_EL2GOIMPORT_KEK_SK_FAIL: Failure in key derivation

2768291328

STATUS_VER_NXP_DIE_EL2GOIMPORT_KEK_SK_FAIL

STATUS_VER_NXP_DIE_EL2GOIMPORT_KEK_SK_FAIL

2768291584

STATUS_DER_NXP_DIE_EL2GOIMPORT_AUTH_SK_FAIL

STATUS_DER_NXP_DIE_EL2GOIMPORT_AUTH_SK_FAIL: Failure in key derivation

2768291840

STATUS_VER_NXP_DIE_EL2GOIMPORT_AUTH_SK_FAIL

STATUS_VER_NXP_DIE_EL2GOIMPORT_AUTH_SK_FAIL

1962985728

STATUS_DELETE_KEY_FAIL

STATUS_DELETE_KEY_FAIL: Failure in key deletion

2768292352

STATUS_READ_0TP_SHARES_FAIL

STATUS_READ_0TP_SHARES_FAIL

2768292608

STATUS_DER_NXP_DIE_EL2GOIMPORTTFM_KEK_SK_FAIL

STATUS_DER_NXP_DIE_EL2GOIMPORTTFM_KEK_SK_FAIL: Failure in key derivation

2768293889

STATUS_PARSE_BLOB_FAIL

STATUS_PARSE_BLOB_FAIL: Failure in parsing an EdgeLock 2GO’s Secure Object fields

2768293890

STATUS_CMAC_VERIFY_FAILED

STATUS_CMAC_VERIFY_FAILED: Failure in verifying an EdgeLock 2GO’s Secure Object signature

2768293891

STATUS_KEYIN_VERIFY_FAILED

STATUS_KEYIN_VERIFY_FAILED: Failure in importing an EdgeLock 2GO’s Secure Object key

1962987536

STATUS_VALID_LCS_FAIL

STATUS_VALID_LCS_FAIL: Not valid device lifecycle

1962987537

STATUS_BLANK_PUF_FUSES

STATUS_BLANK_PUF_FUSES: Blank PUF OTP fuses

1962987538

STATUS_BLANK_OTP_SHARES_FUSES

STATUS_BLANK_OTP_SHARES_FUSES: Blank OTP shares fuses

1962987539

STATUS_NXP_DIE_INT_MK_SK_FAIL

STATUS_NXP_DIE_INT_MK_SK_FAIL: Failure in key derivation

1962987540

STATUS_DER_NXP_DIE_KEK_SK_FAIL

STATUS_DER_NXP_DIE_KEK_SK_FAIL: Failure in key derivation

1962991872

STATUS_KEYIN_FAIL

STATUS_KEYIN_FAIL: Failure in importing an EdgeLock 2GO’s Secure Object key

1962992128

STATUS_KEYOUT_FAIL

STATUS_KEYOUT_FAIL: Failure in exporting an EdgeLock 2GO’s Secure Object key

1962992384

STATUS_NON_BLANK_CUST_MK_SK_FAIL

STATUS_NON_BLANK_CUST_MK_SK_FAIL: Non blank OEM FW Decryption key’s OTP fuses

1962992640

STATUS_NON_BLANK_RKTH_FAIL

STATUS_NON_BLANK_RKTH_FAIL: Non blank OEM FW Authentication Key Hash OTP fuses

1962992896

STATUS_WRITE_CUST_MK_SK_FAIL

STATUS_WRITE_CUST_MK_SK_FAIL: Failure in programming OEM FW Decryption key’s OTP fuses

1962993152

STATUS_WRITE_RKTH_FAIL

STATUS_WRITE_RKTH_FAIL: Failure in programming OEM FW Authentication Key Hash OTP fuses

1962993408

STATUS_CMP_FUSES_BUFFER_FAIL

STATUS_CMP_FUSES_BUFFER_FAIL: Failure in programming the expected value in OTP fuses

1962993664

STATUS_READ_CUST_MK_SK_FAIL

STATUS_READ_CUST_MK_SK_FAIL: Failure in reading out OEM FW Decryption key’s OTP fuses

1962993920

STATUS_READ_RKTH_FAIL

STATUS_READ_RKTH_FAIL: Failure in reading out OEM FW Authentication Key Hash OTP fuses

2768304811

STATUS_ATTR_OEM_KEY_MAGIC_FAIL

STATUS_ATTR_OEM_KEY_MAGIC_FAIL: Invalid OEM FW Decryption key Secure Object’s magic value

2768304826

STATUS_ATTR_OEM_KEY_USAGE_FAIL

STATUS_ATTR_OEM_KEY_USAGE_FAIL: Invalid OEM FW Decryption key Secure Object’s key usage value

2768305082

STATUS_ATTR_OEM_DEVICE_LCS_FAIL

STATUS_ATTR_OEM_DEVICE_LCS_FAIL: Invalid OEM FW Decryption key Secure Object’s device lifecycle value

2768941312

STATUS_ATTR_OEM_DEVICE_WRAPP_ALG_FAIL

STATUS_ATTR_OEM_DEVICE_WRAPP_ALG_FAIL: Invalid OEM FW Decryption key Secure Object’s wrapping algorithm value

2768941568

STATUS_ATTR_OEM_DEVICE_SIGN_ALG_FAIL

STATUS_ATTR_OEM_DEVICE_SIGN_ALG_FAIL: Invalid OEM FW Decryption key Secure Object’s signing algorithm value

2768941824

STATUS_ATTR_OEM_KEY_LCS_FAIL

STATUS_ATTR_OEM_KEY_LCS_FAIL: Invalid OEM FW Decryption key Secure Object’s key lifecycle value

2768942080

STATUS_ATTR_OEM_KEY_ALG_FAIL

STATUS_ATTR_OEM_KEY_ALG_FAIL: Invalid OEM FW Decryption key Secure Object’s key algorithm value

2768942336

STATUS_ATTR_RKTH_MAGIC_FAIL

STATUS_ATTR_RKTH_MAGIC_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s magic value

2768942592

STATUS_ATTR_RKTH_KEY_ALG_FAIL

STATUS_ATTR_RKTH_KEY_ALG_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s key algorithm value

2768942848

STATUS_ATTR_RKTH_KEY_USAGE_FAIL

STATUS_ATTR_RKTH_KEY_USAGE_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s key usage value

2768943104

STATUS_ATTR_RKTH_KEY_LCS_FAIL

STATUS_ATTR_RKTH_KEY_LCS_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s key lifecycle value

2768943360

STATUS_ATTR_RKTH_DEVICE_LCS_FAIL

STATUS_ATTR_RKTH_DEVICE_LCS_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s device lifecycle value

2768943616

STATUS_ATTR_RKTH_DEVICE_WRAPP_KEY_ID_FAIL

STATUS_ATTR_RKTH_DEVICE_WRAPP_KEY_ID_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s wrapping key ID value

2768943872

STATUS_ATTR_RKTH_KEY_SIGN_ALG_FAIL

STATUS_ATTR_RKTH_KEY_SIGN_ALG_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s signing algorithm value

2768944128

STATUS_ATTR_RKTH_DEVICE_WRAPP_ALG_FAIL

STATUS_ATTR_RKTH_DEVICE_WRAPP_ALG_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s wrapping algorithm value

2768944384

STATUS_ATTR_RKTH_DEVICE_SING_KEY_ID_FAIL

STATUS_ATTR_RKTH_DEVICE_SING_KEY_ID_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s signing key ID value

2768944896

STATUS_ATTR_BLOB_KEY_ID_FAIL

STATUS_ATTR_BLOB_KEY_ID_FAIL: Invalid Secure Object’s key ID value

2768942337

STATUS_ATTR_OEM_DEVICE_WRAPP_KEY_ID_FAIL

STATUS_ATTR_OEM_DEVICE_WRAPP_KEY_ID_FAIL: Invalid OEM FW Decryption key Secure Object’s wrapping key ID value

2768942338

STATUS_ATTR_OEM_DEVICE_SING_KEY_ID_FAIL

STATUS_ATTR_OEM_DEVICE_SING_KEY_ID_FAIL: Invalid OEM FW Decryption key Secure Object’s signing key ID value

2768942339

STATUS_ATTR_OEM_DEVICE_KEY_TYPE_FAIL

STATUS_ATTR_OEM_DEVICE_KEY_TYPE_FAIL: Invalid OEM FW Decryption key Secure Object’s key type value

2768942340

STATUS_ATTR_OEM_DEVICE_KEY_BITS_FAIL

STATUS_ATTR_OEM_DEVICE_KEY_BITS_FAIL: Invalid OEM FW Decryption key Secure Object’s key bits value

2768942341

STATUS_ATTR_RKTH_KEY_TYPE_FAIL

STATUS_ATTR_RKTH_KEY_TYPE_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s key type value

2768942342

STATUS_ATTR_RKTH_KEY_BITS_FAIL

STATUS_ATTR_RKTH_KEY_BITS_FAIL: Invalid OEM FW Authentication Key Hash Secure Object’s key bits value

2768942343

STATUS_ATTR_OTP_DATA_MAGIC_FAIL

STATUS_ATTR_OTP_DATA_MAGIC_FAIL: Invalid OTP Configuration Data Secure Object’s magic value

2768942344

STATUS_ATTR_OTP_DATA_KEY_ALG_FAIL

STATUS_ATTR_OTP_DATA_KEY_ALG_FAIL: Invalid OTP Configuration Data Secure Object’s key algorithm value

2768942345

STATUS_ATTR_OTP_DATA_KEY_USAGE_FAIL

STATUS_ATTR_OTP_DATA_KEY_USAGE_FAIL: Invalid OTP Configuration Data Secure Object’s key usage value

2768942346

STATUS_ATTR_OTP_DATA_KEY_TYPE_FAIL

STATUS_ATTR_OTP_DATA_KEY_TYPE_FAIL: Invalid OTP Configuration Data Secure Object’s key type value

2768942347

STATUS_ATTR_OTP_DATA_KEY_LCS_FAIL

STATUS_ATTR_OTP_DATA_KEY_LCS_FAIL: Invalid OTP Configuration Data Secure Object’s key lifecycle value

2768942348

STATUS_ATTR_OTP_DATA_DEVICE_LCS_FAIL

STATUS_ATTR_OTP_DATA_DEVICE_LCS_FAIL: Invalid OTP Configuration Data Secure Object’s device lifecycle value

2768942349

STATUS_ATTR_OTP_DATA_DEVICE_WRAPP_KEY_ID_FAIL

STATUS_ATTR_OTP_DATA_DEVICE_WRAPP_KEY_ID_FAIL: Invalid OTP Configuration Data Secure Object’s wrapping key ID value

2768942350

STATUS_ATTR_OTP_DATA_DEVICE_WRAPP_ALG_FAIL

STATUS_ATTR_OTP_DATA_DEVICE_WRAPP_ALG_FAIL: Invalid OTP Configuration Data Secure Object’s wrapping algorithm value.

2768942351

STATUS_ATTR_OTP_DATA_DEVICE_SING_KEY_ID_FAIL

STATUS_ATTR_OTP_DATA_DEVICE_SING_KEY_ID_FAIL: Invalid OTP Configuration Data Secure Object’s signing key ID value

2768942352

STATUS_ATTR_OTP_DATA_KEY_SIGN_ALG_FAIL

STATUS_ATTR_OTP_DATA_KEY_SIGN_ALG_FAIL: Invalid OTP Configuration Data Secure Object’s signing algorithm value

2768942353

STATUS_LESS_BLOBS_STORED

STATUS_LESS_BLOBS_STORED: Three main Secure Object are not present in Flash memory

2768942354

STATUS_VALID_MEMORY_USE_OVERFLOW

STATUS_VALID_MEMORY_USE_OVERFLOW: Memory overflow

2768942355

STATUS_DECRYPT_OTP_DATA_FAIL

STATUS_DECRYPT_OTP_DATA_FAIL: Failure in decrypting OTP Configuration Data’s key payload

1963635988

STATUS_LOCK_CUST_MK_SK_FAIL

STATUS_LOCK_CUST_MK_SK_FAIL: Failure in locking OEM FW Decryption key OTP fuses

2768942357

STATUS_VALID_LCS_KEY_DERIV_FAIL

STATUS_VALID_LCS_KEY_DERIV_FAIL Invalid device lifecycle

1963635990

STATUS_NULL_POINTER_FAIL

STATUS_NULL_POINTER_FAIL: Null pointer error

2768942359

STATUS_INVALID_RKTH_SIZE_FAIL

STATUS_INVALID_RKTH_SIZE_FAIL: Invalid OEM FW Authentication Key Hash size

2768942360

STATUS_NO_BLOB_IN_ADDRESS

STATUS_NO_BLOB_IN_ADDRESS: No Secure Object present in given Flash memory address

1963635991

STATUS_SECURE_BOOT_NOT_EN

STATUS_SECURE_BOOT_NOT_EN: Device Secure Boot not enabled

1963635992

STATUS_ATTACK_DRY_RUN_EN

STATUS_ATTACK_DRY_RUN_EN

1963635993

STATUS_BUFFER_OVERFLOW_OTP_CONF

STATUS_BUFFER_OVERFLOW_OTP_CONF: Buffer overflow error

1963635994

STATUS_DEVICE_NOT_IN_FLEXSPI_BOOT_MODE

STATUS_DEVICE_NOT_IN_FLEXSPI_BOOT_MODE: Device is booted not in FlexSPI Boot mode