LPC55Sxx Secure Boot#

This notebook describes how to set up a basic secure boot on LPC55Sxx devices using the SPSDK command line utilities, it is based on the application note https://www.nxp.com/docs/en/application-note/AN12283.pdf.

Image preparation#

First step is to prepare a binary file in BIN or SREC format. Usually the output from the IDE is in ELF (AXF) format. ELF file cannot be used directly, it needs to be converted to plain (BIN) binary. To get the raw binary file you can for example use the arm-none-eabi-objcopy which is part of the armgcc toolchain. In MCUXpresso You can configure it as a post build step, this is better described here: https://mcuoneclipse.com/2017/03/29/mcuxpresso-ide-s-record-intel-hex-and-binary-files/

Another option is to use the SPSDK nxpimage tool that can convert ELF file to BIN.

%run ../init_notebook.ipynb

import os
import pprint

pp = pprint.PrettyPrinter(indent=4)

WORKSPACE = "workspace/"  # change this to path to your workspace
KEYS = "../_data/keys/rsa2048/"  # change this to path to your keys
VERBOSITY = (
    "-v"  # verbosity of commands, might be -v or -vv for debug or blank for no additional info
)

ELF_PATH = "lpcxpresso55s69_led_blinky.axf"
BINARY_FILE = WORKSPACE + "lpcxpresso55s69_led_blinky.bin"

# convert the elf file to bin using nxpimage
%! nxpimage $VERBOSITY utils binary-image convert -i $ELF_PATH -f BIN -o $BINARY_FILE

assert os.path.exists(BINARY_FILE)
env: JUPYTER_SPSDK=1
Created `%!` as an alias for `%execute`.
nxpimage -v utils binary-image convert -i lpcxpresso55s69_led_blinky.axf -f BIN -o workspace/lpcxpresso55s69_led_blinky.bin 
INFO:spsdk.apps.nxpimage:
+==0x0000_0000= lpcxpresso55s69_led_blinky.axf ==+
|             Size: 8.6 kiB; 8,820 B             |
|             The image loaded from:             |
|        lpcxpresso55s69_led_blinky.axf .        |
|+==0x0000_0000= Segment 0 =====================+|
||            Size: 8.6 kiB; 8,820 B            ||
|+==0x0000_2273=================================+|
+==0x0000_2273===================================+

Success. (Converted file: workspace\lpcxpresso55s69_led_blinky.bin created.)

MBI preparation#

We used the nxpimage tool for image conversion. Plain binary file can be used directly for the unsecure boot. To setup a secure boot we need to generate Master Boot Image (MBI). MBI can also be used directly or as an output to Secure Binary container in addition to raw binary it might contain CRC checksum, certificates and ARM TrustZone configuration.

There are three types of MBI for LP55sxx based on the authentication type: Plain, CRC and Signed and two variants of CRC and Signed images based on the execution target, either XIP (Executed in place) or in RAM.

Plain Image

CRC Unsigned Image

These images contain a CRC32 field computed on the entire image (excluding the CRC32 field).

Signed Image

LPC55Sxx devices support booting of RSA2048 signed images using RSASSA-PKCS1-v1_5 signature verification. LPC55Sxx devices support 2048-bit or 4096-bit RSA keys and X.509 V3 certificates. Image validation is a two-step process. The first step is the validation of the X.509 certificate inserted in the image. This contains the image public key used in the second step to validate the entire image (including the certificate) to allow customers to add additional PKI structure. The signed image boot supports up to 4 Root of Trust (RoT) keys and up to 16 Image key certificates with image revocation feature.

Generation of MBI is done with the nxpimage tool. First, we need to get the configuration template that will be used as a starting point

# generate template for mbi
TEMPLATES_PATH = WORKSPACE + "templates"
# choose family for the MCU
FAMILY = "lpc55s6x"

%! nxpimage $VERBOSITY mbi get-templates -f $FAMILY -o $TEMPLATES_PATH --force
# just for verification that the template was generated
assert os.path.exists(os.path.join(TEMPLATES_PATH, "lpc55s6x_xip_signed.yaml"))
nxpimage -v mbi get-templates -f lpc55s6x -o workspace/templates --force 
Creating workspace\templates\lpc55s6x_xip_plain.yaml template file.
Creating workspace\templates\lpc55s6x_xip_crc.yaml template file.
Creating workspace\templates\lpc55s6x_xip_signed.yaml template file.
Creating workspace\templates\lpc55s6x_load_to_ram_crc.yaml template file.
Creating workspace\templates\lpc55s6x_load_to_ram_signed.yaml template file.

Now open the lpc55s6x_xip_signed.yml with your favorite text editor. You should see a similar file to this:

# ==================  Master Boot Image Configuration template for lpc55s6x, Plain Signed XIP Image.  ==================

# ======================================================================================================================
#                                                  == Basic Settings ==                                                 
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
# Possible options: <lpc55s2x, lpc55s6x, nhs52sxx>
family: lpc55s6x
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram>
outputImageExecutionTarget: xip
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp>
outputImageAuthenticationType: signed
# ------------------------------------===== Master Boot Image name [Required] =====-------------------------------------
# Description: The file for Master Boot Image result file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ======================================================================================================================
#                                               == Trust Zone Settings ==                                               
# ======================================================================================================================
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ======================================================================================================================
#                                               == Certificate Block V1 ==                                              
# ======================================================================================================================
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.bin
# ======================================================================================================================
#                                              == Image Signing Settings ==                                             
# ======================================================================================================================
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>".
signProvider: type=file;file_path=my_prv_key.pem

Required fields are marked with [Required] in the comment. We have to change path to masterBootOutputFile that will contain our resulting MBI and inputImageFile which is source image. In this example we won’t enable TrustZone.

SPSDK 2.0 brought a new way of configuration of certificate block. Configuration is now supplied as a separate configuration file. We will handle it later in this notebook.

Keys preparation#

First we need to generate private key that will be used to sign certificates. In this example, we will use nxpcrypto app to generate 2048-bit RSA keys (see How-to-get-keys-using-nxpcrypto).

# load generated key pair for ISK
PRIVATE_KEY_PATH = KEYS + "imgkey_rsa2048.pem"
PUBLIC_KEY_PATH = KEYS + "imgkey_rsa2048.pub"
# verify that keys were loaded
assert os.path.exists(PRIVATE_KEY_PATH)
assert os.path.exists(PUBLIC_KEY_PATH)

Certificates preparation#

Then we need to create certificates. As we already mentioned we will create one root certificate and one chain certificate. We will again use nxpcrypto app. First we need to get template.

# obtain a template for root cert
ROOT_CERT_CONFIG_PATH = WORKSPACE + "root_cert_template.yml"
%! nxpcrypto $VERBOSITY cert get-template -o $ROOT_CERT_CONFIG_PATH --force

# obtain a template for root cert
CHAIN_CERT_CONFIG_PATH = WORKSPACE + "chain_cert_template.yml"
%! nxpcrypto $VERBOSITY cert get-template -o $CHAIN_CERT_CONFIG_PATH --force
nxpcrypto -v cert get-template -o workspace/root_cert_template.yml --force 
INFO:spsdk.apps.nxpcertgen:Creating Certificate template...
The Certificate template has been saved into workspace\root_cert_template.yml YAML file
nxpcrypto -v cert get-template -o workspace/chain_cert_template.yml --force 
INFO:spsdk.apps.nxpcertgen:Creating Certificate template...
The Certificate template has been saved into workspace\chain_cert_template.yml YAML file

Configuration template for certificates should look like this:

# This is template for configuration file used for generating certificates

# ==============================================
# Issuer identification fields
# ==============================================
# All available option can be found within class NameOID in
# cryptography/src/cryptography/x509/oid.py at https://github.com/pyca/cryptography

issuer:
  COMMON_NAME: NXP
  COUNTRY_NAME: CZ
  LOCALITY_NAME: Roznov pod Radhostem
  STATE_OR_PROVINCE_NAME: Morava
  STREET_ADDRESS: 1.maje 1009
  ORGANIZATION_NAME: SPSDK Team

# ==============================================
# Subject identification fields
# ==============================================
# All available option can be found within class NameOID in
# cryptography/src/cryptography/x509/oid.py at https://github.com/pyca/cryptography
subject:
  COMMON_NAME: NXP - SPSDK
  COUNTRY_NAME: CZ
  LOCALITY_NAME: Roznov pod Radhostem
  STATE_OR_PROVINCE_NAME: Morava
  STREET_ADDRESS: 1.maje 1009
  ORGANIZATION_NAME: SPSDK Team
  POSTAL_CODE: 756 61

# ==============================================
# The certificate settings
# ==============================================

# Path, where issuer private key is stored
issuer_private_key: issuer_key.pem
# Path, where subject public key is stored
subject_public_key: subject_key.pub
# Serial number of certificate
serial_number: 12346578
# Validity duration in days
duration: 3650

# ==============================================
# Certificate basic extensions
# ==============================================
extensions:
  BASIC_CONSTRAINTS:
    # Delegate certificate as a signing authority to create an intermediate certificates.
    ca: false  # Valid values true|false
    # Integer length of the path of certificate signature from a given certificate, back to the root certificate
    path_length: 0

Certificates are in x.509 format and should be DER encoded. Root certificates must have ca (Certificate authority) set to true and must be self-signed. That means that issuer must be same as a subject.

ROOT_0_CERT_PATH = WORKSPACE + "ROT1_sha256_2048_65537_v3_ca_crt.der"
CHAIN_CERT_0 = WORKSPACE + "IMG1_1_sha256_2048_65537_v3_usr_key.pem"

import yaml

assert os.path.exists(ROOT_CERT_CONFIG_PATH)
assert os.path.exists(CHAIN_CERT_CONFIG_PATH)

# Create configuration for root certificate
with open(ROOT_CERT_CONFIG_PATH) as cert_config:
    # load yaml configuration to dictionary
    cert = yaml.safe_load(cert_config)
    # make certificate self-signed
    cert["subject"] = cert["issuer"]
    # change certificate authority to True
    cert["extensions"]["BASIC_CONSTRAINTS"]["ca"] = True
    # change path to private and public keys
    cert["issuer_private_key"] = PRIVATE_KEY_PATH
    cert["subject_public_key"] = PUBLIC_KEY_PATH

with open(ROOT_CERT_CONFIG_PATH, "w+") as cert_config:
    print("Root Certificate config:")
    pp.pprint(cert)
    # dump the dictionary back to YAML
    yaml.dump(cert, cert_config)

# Create configuration for chain certificate
with open(CHAIN_CERT_CONFIG_PATH) as cert_config:
    # load yaml configuration to dictionary
    cert = yaml.safe_load(cert_config)
    # change certificate authority to False
    cert["extensions"]["BASIC_CONSTRAINTS"]["ca"] = False
    # change path to private and public keys
    cert["issuer_private_key"] = PRIVATE_KEY_PATH
    cert["subject_public_key"] = PUBLIC_KEY_PATH

with open(CHAIN_CERT_CONFIG_PATH, "w+") as cert_config:
    print("Chain certificate config:")
    pp.pprint(cert)
    # dump the dictionary back to YAML
    yaml.dump(cert, cert_config)

# Generate root certificate
%! nxpcrypto $VERBOSITY cert generate -c $ROOT_CERT_CONFIG_PATH -e DER -o $ROOT_0_CERT_PATH --force
# Generate chain certificate
%! nxpcrypto $VERBOSITY cert generate -c $CHAIN_CERT_CONFIG_PATH -e DER -o $CHAIN_CERT_0 --force

# verify that certificates were generated
assert os.path.exists(ROOT_0_CERT_PATH)
assert os.path.exists(CHAIN_CERT_0)
Root Certificate config:
{   'duration': 3650,
    'extensions': {'BASIC_CONSTRAINTS': {'ca': True, 'path_length': None}},
    'issuer': {   'COMMON_NAME': 'NXP',
                  'COUNTRY_NAME': 'CZ',
                  'LOCALITY_NAME': 'Roznov pod Radhostem',
                  'ORGANIZATION_NAME': 'SPSDK Team',
                  'STATE_OR_PROVINCE_NAME': 'Morava',
                  'STREET_ADDRESS': '1.maje 1009'},
    'issuer_private_key': '../_data/keys/rsa2048/imgkey_rsa2048.pem',
    'pss_padding': False,
    'serial_number': 12346578,
    'subject': {   'COMMON_NAME': 'NXP',
                   'COUNTRY_NAME': 'CZ',
                   'LOCALITY_NAME': 'Roznov pod Radhostem',
                   'ORGANIZATION_NAME': 'SPSDK Team',
                   'STATE_OR_PROVINCE_NAME': 'Morava',
                   'STREET_ADDRESS': '1.maje 1009'},
    'subject_public_key': '../_data/keys/rsa2048/imgkey_rsa2048.pub'}
Chain certificate config:
{   'duration': 3650,
    'extensions': {'BASIC_CONSTRAINTS': {'ca': False, 'path_length': None}},
    'issuer': {   'COMMON_NAME': 'NXP',
                  'COUNTRY_NAME': 'CZ',
                  'LOCALITY_NAME': 'Roznov pod Radhostem',
                  'ORGANIZATION_NAME': 'SPSDK Team',
                  'STATE_OR_PROVINCE_NAME': 'Morava',
                  'STREET_ADDRESS': '1.maje 1009'},
    'issuer_private_key': '../_data/keys/rsa2048/imgkey_rsa2048.pem',
    'pss_padding': False,
    'serial_number': 12346578,
    'subject': {   'COMMON_NAME': 'NXP - SPSDK',
                   'COUNTRY_NAME': 'CZ',
                   'LOCALITY_NAME': 'Roznov pod Radhostem',
                   'ORGANIZATION_NAME': 'SPSDK Team',
                   'POSTAL_CODE': '756 61',
                   'STATE_OR_PROVINCE_NAME': 'Morava',
                   'STREET_ADDRESS': '1.maje 1009'},
    'subject_public_key': '../_data/keys/rsa2048/imgkey_rsa2048.pub'}
nxpcrypto -v cert generate -c workspace/root_cert_template.yml -e DER -o workspace/ROT1_sha256_2048_65537_v3_ca_crt.der --force 
INFO:spsdk.apps.nxpcertgen:Generating Certificate...
INFO:spsdk.apps.nxpcertgen:Loading configuration from yml file...
INFO:spsdk.apps.nxpcertgen:Saving the generated certificate to the specified path...
INFO:spsdk.apps.nxpcertgen:Certificate generated successfully...
The certificate file has been created: workspace\ROT1_sha256_2048_65537_v3_ca_crt.der
nxpcrypto -v cert generate -c workspace/chain_cert_template.yml -e DER -o workspace/IMG1_1_sha256_2048_65537_v3_usr_key.pem --force 
INFO:spsdk.apps.nxpcertgen:Generating Certificate...
INFO:spsdk.apps.nxpcertgen:Loading configuration from yml file...
INFO:spsdk.apps.nxpcertgen:Saving the generated certificate to the specified path...
INFO:spsdk.apps.nxpcertgen:Certificate generated successfully...
The certificate file has been created: workspace\IMG1_1_sha256_2048_65537_v3_usr_key.pem

Certificate Block preparation#

SPSDK 2.0 made a change in the way how the configuration for certificate block is prepared. Configuration is now separated from the MBI configuration file into separate configuration file. In this way it could be shared between SB 2.1 and MBI.

Configuration template for certificates should look like this:

# =========================================  Certification Block V1 template  ==========================================

# ======================================================================================================================
#                                             == Certificate V1 Settings ==                                             
# ======================================================================================================================
# --------------------------------------===== Image Build Number [Optional] =====---------------------------------------
# Description: If it's omitted, it will be used 0 as default value.
imageBuildNumber: 0
# --------------------------------===== Chain certificate 0 for root 0 [Optional] =====---------------------------------
# Description: Chain certificate 0 for root certificate 0
chainCertificate0File0: chain_certificate0_depth0.pem
# --------------------------------===== Chain certificate 1 for root 0 [Optional] =====---------------------------------
# Description: Chain certificate 1 for root certificate 0
chainCertificate0File1: chain_certificate0_depth1.pem
# --------------------------------===== Chain certificate 2 for root 0 [Optional] =====---------------------------------
# Description: Chain certificate 2 for root certificate 0
chainCertificate0File2: chain_certificate0_depth2.pem
# --------------------------------===== Chain certificate 3 for root 0 [Optional] =====---------------------------------
# Description: Chain certificate 3 for root certificate 0
chainCertificate0File3: chain_certificate0_depth3.pem
# --------------------------------===== Chain certificate 0 for root 1 [Optional] =====---------------------------------
# Description: Chain certificate 0 for root certificate 1
chainCertificate1File0: chain_certificate1_depth0.pem
# --------------------------------===== Chain certificate 1 for root 1 [Optional] =====---------------------------------
# Description: Chain certificate 1 for root certificate 1
chainCertificate1File1: chain_certificate1_depth1.pem
# --------------------------------===== Chain certificate 2 for root 1 [Optional] =====---------------------------------
# Description: Chain certificate 2 for root certificate 1
chainCertificate1File2: chain_certificate1_depth2.pem
# --------------------------------===== Chain certificate 3 for root 1 [Optional] =====---------------------------------
# Description: Chain certificate 3 for root certificate 1
chainCertificate1File3: chain_certificate1_depth3.pem
# --------------------------------===== Chain certificate 0 for root 2 [Optional] =====---------------------------------
# Description: Chain certificate 0 for root certificate 2
chainCertificate2File0: chain_certificate2_depth0.pem
# --------------------------------===== Chain certificate 1 for root 2 [Optional] =====---------------------------------
# Description: Chain certificate 1 for root certificate 2
chainCertificate2File1: chain_certificate2_depth1.pem
# --------------------------------===== Chain certificate 2 for root 2 [Optional] =====---------------------------------
# Description: Chain certificate 2 for root certificate 2
chainCertificate2File2: chain_certificate2_depth2.pem
# --------------------------------===== Chain certificate 3 for root 2 [Optional] =====---------------------------------
# Description: Chain certificate 3 for root certificate 2
chainCertificate2File3: chain_certificate2_depth3.pem
# --------------------------------===== Chain certificate 0 for root 3 [Optional] =====---------------------------------
# Description: Chain certificate 0 for root certificate 3
chainCertificate3File0: chain_certificate3_depth0.pem
# --------------------------------===== Chain certificate 1 for root 3 [Optional] =====---------------------------------
# Description: Chain certificate 1 for root certificate 3
chainCertificate3File1: chain_certificate3_depth1.pem
# --------------------------------===== Chain certificate 2 for root 3 [Optional] =====---------------------------------
# Description: Chain certificate 2 for root certificate 3
chainCertificate3File2: chain_certificate3_depth2.pem
# --------------------------------===== Chain certificate 3 for root 3 [Optional] =====---------------------------------
# Description: Chain certificate 3 for root certificate 3
chainCertificate3File3: chain_certificate3_depth3.pem
# ======================================================================================================================
#                                                == Root Keys Settings ==                                               
# ======================================================================================================================
# -----------------------------===== Root Certificate File 0 [Conditionally required] =====-----------------------------
# Description: Root certificate file index 0.
rootCertificate0File: my_certificate0.pub
# ------------------------------------===== Root Certificate File 1 [Optional] =====------------------------------------
# Description: Root certificate file index 1.
rootCertificate1File: my_certificate1.pub
# ------------------------------------===== Root Certificate File 2 [Optional] =====------------------------------------
# Description: Root certificate file index 2.
rootCertificate2File: my_certificate2.pub
# ------------------------------------===== Root Certificate File 3 [Optional] =====------------------------------------
# Description: Root certificate file index 3.
rootCertificate3File: my_certificate3.pub
# -----------------------------===== Main Certificate Index [Conditionally required] =====------------------------------
# Description: Index of certificate that is used as a main. If not defined, the certificate matching private key will be
# selected.
mainRootCertId: 0
# ======================================================================================================================
#                                                  == Basic Settings ==                                                 
# ======================================================================================================================
# --------------------------------------===== cert block filename [Required] =====--------------------------------------
# Description: Generated cert block filename.
containerOutputFile: cert_block.bin
CERT_BLOCK_TEMPLATE = WORKSPACE + "cert_block_template.yaml"
CERT_BLOCK_CONFIG_PATH = WORKSPACE + "cert_block_lpc55s6x.yml"
CERT_BLOCK_BIN_NAME = "cert_block.bin"

# Prepare a template first
%! nxpimage $VERBOSITY cert-block get-template -f lpc55s6x -o $CERT_BLOCK_TEMPLATE --force
assert os.path.exists(CERT_BLOCK_TEMPLATE)

cert_block_config = f"""# =========================================  Certification Block V1 template  ==========================================

# ======================================================================================================================
#                                             == Certificate V1 Settings ==                                             
# ======================================================================================================================
# --------------------------------------===== Image Build Number [Optional] =====---------------------------------------
# Description: If it's omitted, it will be used 0 as default value.
imageBuildNumber: 0
# --------------------------------===== Chain certificate 0 for root 0 [Optional] =====---------------------------------
# Description: Chain certificate 0 for root certificate 0
chainCertificate0File0: {CHAIN_CERT_0}
# ======================================================================================================================
#                                                == Root Keys Settings ==                                               
# ======================================================================================================================
# -----------------------------===== Root Certificate File 0 [Conditionally required] =====-----------------------------
# Description: Root certificate file index 0.
rootCertificate0File: {ROOT_0_CERT_PATH}
# -----------------------------===== Main Certificate Index [Conditionally required] =====------------------------------
# Description: Index of certificate that is used as a main. If not defined, the certificate matching private key will be
# selected.
mainRootCertId: 0
# ======================================================================================================================
#                                                  == Basic Settings ==                                                 
# ======================================================================================================================
# --------------------------------------===== cert block filename [Required] =====--------------------------------------
# Description: Generated cert block filename.
containerOutputFile: {CERT_BLOCK_BIN_NAME}
"""

# write configuration as file
with open(CERT_BLOCK_CONFIG_PATH, "w+") as cert_file:
    cert_file.write(cert_block_config)

assert os.path.exists(CERT_BLOCK_CONFIG_PATH)

# export Master Boot Image
%! nxpimage $VERBOSITY cert-block export -c $CERT_BLOCK_CONFIG_PATH -f lpc55s6x


BIN_OUTPUT_PATH = WORKSPACE + CERT_BLOCK_BIN_NAME
assert os.path.exists(BIN_OUTPUT_PATH)
nxpimage -v cert-block get-template -f lpc55s6x -o workspace/cert_block_template.yaml --force 
Creating workspace\cert_block_template.yaml template file.
nxpimage -v cert-block export -c workspace/cert_block_lpc55s6x.yml -f lpc55s6x 
RKTH: 84fcef143f830d384e24acbe6f376548dbcf4da48deff31165293798aea9ed74
Success. (Certificate Block: workspace\cert_block.bin created.)

MBI generation#

We have created certificates, keys and certificate block required for the creation of Master Boot Image. So now it’s time to create an MBI.

MBI_BIN_NAME = "lpc55s6x_mbi.bin"
MBI_CONFIG_PATH = WORKSPACE + "mbi_config_lpc55s6x.yml"


mbi_config = f"""
# ==================  Master Boot Image Configuration template for lpc55s6x, Plain Signed XIP Image.  ==================

# ======================================================================================================================
#                                                  == Basic Settings ==                                                 
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
# Possible options: <lpc55s2x, lpc55s6x, nhs52sxx>
family: lpc55s6x
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram>
outputImageExecutionTarget: xip
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp>
outputImageAuthenticationType: signed
# ------------------------------------===== Master Boot Image name [Required] =====-------------------------------------
# Description: The file for Master Boot Image result file.
masterBootOutputFile: {MBI_BIN_NAME}
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: {BINARY_FILE}
# ======================================================================================================================
#                                               == Trust Zone Settings ==                                               
# ======================================================================================================================
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
# trustZonePresetFile: my_tz_custom.yaml
# ======================================================================================================================
#                                               == Certificate Block V1 ==                                              
# ======================================================================================================================
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: {CERT_BLOCK_CONFIG_PATH}
# ======================================================================================================================
#                                              == Image Signing Settings ==                                             
# ======================================================================================================================
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: {PRIVATE_KEY_PATH}
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>".
# signProvider: type=file;file_path=my_prv_key.pem
"""

# write configuration as file
with open(MBI_CONFIG_PATH, "w+") as mbi_file:
    mbi_file.write(mbi_config)

assert os.path.exists(MBI_CONFIG_PATH)

# export Master Boot Image
%! nxpimage $VERBOSITY mbi export -c $MBI_CONFIG_PATH

BIN_OUTPUT_PATH = WORKSPACE + MBI_BIN_NAME
assert os.path.exists(BIN_OUTPUT_PATH)
nxpimage -v mbi export -c workspace/mbi_config_lpc55s6x.yml 
RKTH: 84fcef143f830d384e24acbe6f376548dbcf4da48deff31165293798aea9ed74
INFO:spsdk.apps.nxpimage:
+==0x0000_0000= Application Block ======+
|       Size: 10.8 kiB; 11,064 B        |
|+==0x0000_0000= Application ==========+|
||       Size: 8.6 kiB; 8,820 B        ||
|+==0x0000_2273========================+|
|+==0x0000_2274= Certification Block ==+|
||       Size: 1.9 kiB; 1,988 B        ||
|+==0x0000_2a37========================+|
|+==0x0000_2a38= RSA signature ========+|
||             Size: 256 B             ||
|+==0x0000_2b37========================+|
+==0x0000_2b37==========================+

Success. (Master Boot Image: workspace\lpc55s6x_mbi.bin created.)

Now we have a bootable MBI that we could test, but in order to do that we have to configure PFR.

PFR#

PFR - Protected Flash Region. LPC55Sxx contains configuration for the boot ROM in flash region which is protected. This protected region contains settings of boot configuration, security policy, PRINCE settings and so on.

Protected Flash Region with four regions:

  1. Customer in-field Programming Area (CFPA)

  • Image revoke

  • RoT key revoke

  1. Customer Manufacturing Programming Area (CMPA)

  • Boot configuration

  • RoT key table hash

  • Debug configuration

  • Prince configuration

  1. Key Storage for PUF

  2. NXP unique ID and manufacturing system

PFR

For PFR configuration there’s tool PFR. Let’s prepare PFR configuration for CFPA and CMPA pages.

CMPA_TEMPLATE_PATH = WORKSPACE + "cmpa_lpc55s6x.yml"
CFPA_TEMPLATE_PATH = WORKSPACE + "cfpa_lpc55s6x.yml"

# get CMPA template
%! pfr get-template -t cmpa -f $FAMILY -o $CMPA_TEMPLATE_PATH --force

# get CFPA template
%! pfr get-template -t cfpa -f $FAMILY -o $CFPA_TEMPLATE_PATH --force
pfr get-template -t cmpa -f lpc55s6x -o workspace/cmpa_lpc55s6x.yml --force 
The PFR cmpa template for lpc55s6x has been saved into workspace\cmpa_lpc55s6x.yml YAML file
Result has been stored in: workspace\cmpa_lpc55s6x.yml
pfr get-template -t cfpa -f lpc55s6x -o workspace/cfpa_lpc55s6x.yml --force 
The PFR cfpa template for lpc55s6x has been saved into workspace\cfpa_lpc55s6x.yml YAML file
Result has been stored in: workspace\cfpa_lpc55s6x.yml

CMPA page preparation#

ROTKH in CMPA must be set to get the secure boot working. There a three ways to accomplish that. You might set ROTKH in the PFR configuration directly or you might provide a path to the certificate block or master boot image configuration with (-e or –rot-config) option.

The last way is to use the –secret-file option, where you can specify paths to secret files (keys or certificates) that will be used for calculating the ROTKH value.

assert os.path.exists(CMPA_TEMPLATE_PATH)

CMPA_BIN = WORKSPACE + "cmpa.bin"

with open(CMPA_TEMPLATE_PATH) as cmpa_config:
    # load yaml configuration to dictionary
    cmpa = yaml.safe_load(cmpa_config)
    # Enable secure boot
    cmpa["settings"]["SECURE_BOOT_CFG"]["SEC_BOOT_EN"] = "SECURE_BOOT_CFG_SEC_BOOT_EN_ENABLE_0"
    # disable DICE
    cmpa["settings"]["SECURE_BOOT_CFG"]["SKIP_DICE"] = "SECURE_BOOT_CFG_SKIP_DICE_DISABLE_0"

with open(CMPA_TEMPLATE_PATH, "w+") as cmpa_config:
    print("CMPA config:")
    pp.pprint(cmpa)
    # dump the dictionary back to YAML
    yaml.dump(cmpa, cmpa_config)

# Generate CMPA binary
%! pfr $VERBOSITY generate-binary -c $CMPA_TEMPLATE_PATH -o $CMPA_BIN -e $MBI_CONFIG_PATH

assert os.path.exists(CMPA_BIN)
CMPA config:
{   'family': 'lpc55s6x',
    'revision': 'latest',
    'settings': {   'BOOT_CFG': {   'BOOT_FAILURE_PIN': 0,
                                    'BOOT_SPEED': 'SYSTEM_SPEED_CODE',
                                    'DEFAULT_ISP_MODE': 'AUTO_ISP',
                                    'USB_SPEED': 'USB_SPEED_0'},
                    'CUSTOMER_DEFINED0': '0x00000000',
                    'CUSTOMER_DEFINED1': '0x00000000',
                    'CUSTOMER_DEFINED10': '0x00000000',
                    'CUSTOMER_DEFINED11': '0x00000000',
                    'CUSTOMER_DEFINED12': '0x00000000',
                    'CUSTOMER_DEFINED13': '0x00000000',
                    'CUSTOMER_DEFINED14': '0x00000000',
                    'CUSTOMER_DEFINED15': '0x00000000',
                    'CUSTOMER_DEFINED16': '0x00000000',
                    'CUSTOMER_DEFINED17': '0x00000000',
                    'CUSTOMER_DEFINED18': '0x00000000',
                    'CUSTOMER_DEFINED19': '0x00000000',
                    'CUSTOMER_DEFINED2': '0x00000000',
                    'CUSTOMER_DEFINED20': '0x00000000',
                    'CUSTOMER_DEFINED21': '0x00000000',
                    'CUSTOMER_DEFINED22': '0x00000000',
                    'CUSTOMER_DEFINED23': '0x00000000',
                    'CUSTOMER_DEFINED24': '0x00000000',
                    'CUSTOMER_DEFINED25': '0x00000000',
                    'CUSTOMER_DEFINED26': '0x00000000',
                    'CUSTOMER_DEFINED27': '0x00000000',
                    'CUSTOMER_DEFINED28': '0x00000000',
                    'CUSTOMER_DEFINED29': '0x00000000',
                    'CUSTOMER_DEFINED3': '0x00000000',
                    'CUSTOMER_DEFINED30': '0x00000000',
                    'CUSTOMER_DEFINED31': '0x00000000',
                    'CUSTOMER_DEFINED32': '0x00000000',
                    'CUSTOMER_DEFINED33': '0x00000000',
                    'CUSTOMER_DEFINED34': '0x00000000',
                    'CUSTOMER_DEFINED35': '0x00000000',
                    'CUSTOMER_DEFINED36': '0x00000000',
                    'CUSTOMER_DEFINED37': '0x00000000',
                    'CUSTOMER_DEFINED38': '0x00000000',
                    'CUSTOMER_DEFINED39': '0x00000000',
                    'CUSTOMER_DEFINED4': '0x00000000',
                    'CUSTOMER_DEFINED40': '0x00000000',
                    'CUSTOMER_DEFINED41': '0x00000000',
                    'CUSTOMER_DEFINED42': '0x00000000',
                    'CUSTOMER_DEFINED43': '0x00000000',
                    'CUSTOMER_DEFINED44': '0x00000000',
                    'CUSTOMER_DEFINED45': '0x00000000',
                    'CUSTOMER_DEFINED46': '0x00000000',
                    'CUSTOMER_DEFINED47': '0x00000000',
                    'CUSTOMER_DEFINED48': '0x00000000',
                    'CUSTOMER_DEFINED49': '0x00000000',
                    'CUSTOMER_DEFINED5': '0x00000000',
                    'CUSTOMER_DEFINED50': '0x00000000',
                    'CUSTOMER_DEFINED51': '0x00000000',
                    'CUSTOMER_DEFINED52': '0x00000000',
                    'CUSTOMER_DEFINED53': '0x00000000',
                    'CUSTOMER_DEFINED54': '0x00000000',
                    'CUSTOMER_DEFINED55': '0x00000000',
                    'CUSTOMER_DEFINED6': '0x00000000',
                    'CUSTOMER_DEFINED7': '0x00000000',
                    'CUSTOMER_DEFINED8': '0x00000000',
                    'CUSTOMER_DEFINED9': '0x00000000',
                    'DCFG_CC_SOCU_DFLT': {   'CPU1_DBGEN': 'DISABLED',
                                             'CPU1_NIDEN': 'DISABLED',
                                             'DBGEN': 'DISABLED',
                                             'FA_ME_CMD_EN': 'DISABLED',
                                             'ISP_CMD_EN': 'DISABLED',
                                             'NIDEN': 'DISABLED',
                                             'SPIDEN': 'DISABLED',
                                             'SPNIDEN': 'DISABLED',
                                             'TAPEN': 'DISABLED'},
                    'DCFG_CC_SOCU_PIN': {   'CPU1_DBGEN': 'USE_DAP',
                                            'CPU1_NIDEN': 'USE_DAP',
                                            'DBGEN': 'USE_DAP',
                                            'FA_ME_CMD_EN': 'USE_DAP',
                                            'ISP_CMD_EN': 'USE_DAP',
                                            'NIDEN': 'USE_DAP',
                                            'SPIDEN': 'USE_DAP',
                                            'SPNIDEN': 'USE_DAP',
                                            'TAPEN': 'USE_DAP',
                                            'UUID_CHECK': 'DISABLED'},
                    'PRINCE_BASE_ADDR': {   'ADDR0_PRG': 0,
                                            'ADDR1_PRG': 0,
                                            'ADDR2_PRG': 0,
                                            'LOCK_REG0': 'UNLOCK',
                                            'LOCK_REG1': 'UNLOCK',
                                            'REG0_ERASE_CHECK_EN': 'DISABLE',
                                            'REG1_ERASE_CHECK_EN': 'DISABLE',
                                            'REG2_ERASE_CHECK_EN': 'DISABLE'},
                    'PRINCE_SR_0': '0x00000000',
                    'PRINCE_SR_1': '0x00000000',
                    'PRINCE_SR_2': '0x00000000',
                    'ROTKH': '0000000000000000000000000000000000000000000000000000000000000000',
                    'SDIO_CFG': '0x00000000',
                    'SECURE_BOOT_CFG': {   'BLOCK_ENROLL': 'ALLOW',
                                           'BLOCK_SET_KEY': 'ALLOW',
                                           'DICE_CUST_CFG': 'NOT_INCLUDE',
                                           'DICE_INC_NXP_CFG': 'NOT_INCLUDE',
                                           'DICE_INC_SEC_EPOCH': 0,
                                           'RSA4K': 'RSA2048',
                                           'SEC_BOOT_EN': 'SECURE_BOOT_CFG_SEC_BOOT_EN_ENABLE_0',
                                           'SKIP_DICE': 'SECURE_BOOT_CFG_SKIP_DICE_DISABLE_0',
                                           'TZM_IMAGE_TYPE': 'HEADER'},
                    'SHA256_DIGEST0': '0x00000000',
                    'SHA256_DIGEST1': '0x00000000',
                    'SHA256_DIGEST2': '0x00000000',
                    'SHA256_DIGEST3': '0x00000000',
                    'SHA256_DIGEST4': '0x00000000',
                    'SHA256_DIGEST5': '0x00000000',
                    'SHA256_DIGEST6': '0x00000000',
                    'SHA256_DIGEST7': '0x00000000',
                    'SPI_FLASH_CFG': {'SPI_RECOVERY_BOOT_EN': 0},
                    'USB_ID': {'USB_PRODUCT_ID': 0, 'USB_VENDOR_ID': 0},
                    'VENDOR_USAGE': {'VENDOR_USAGE': 0},
                    'XTAL_16MHZ_CAPABANK_TRIM': {   'PCB_XIN_PARA_CAP_PF_X100': 0,
                                                    'PCB_XOUT_PARA_CAP_PF_X100': 0,
                                                    'TRIM_VALID': 'NOT_TRIM',
                                                    'XTAL_LOAD_CAP_IEC_PF_X100': 0},
                    'XTAL_32KHZ_CAPABANK_TRIM': {   'PCB_XIN_PARA_CAP_PF_X100': 0,
                                                    'PCB_XOUT_PARA_CAP_PF_X100': 0,
                                                    'TRIM_VALID': 'NOT_TRIM',
                                                    'XTAL_LOAD_CAP_IEC_PF_X100': 0}},
    'type': 'CMPA'}
pfr -v generate-binary -c workspace/cmpa_lpc55s6x.yml -o workspace/cmpa.bin -e workspace/mbi_config_lpc55s6x.yml 
WARNING:spsdk.utils.registers:Bitfield SECURE_BOOT_CFG_SEC_BOOT_EN_ENABLE_0 not found, trying backward compatibility mode with ENABLE_0 (3575ms since start, registers.py:1478)
WARNING:spsdk.utils.registers:Bitfield SECURE_BOOT_CFG_SEC_BOOT_EN_ENABLE_0 not found, trying backward compatibility mode with ENABLE_0 (3575ms since start, registers.py:1478)
WARNING:spsdk.utils.registers:Bitfield SECURE_BOOT_CFG_SKIP_DICE_DISABLE_0 not found, trying backward compatibility mode with DISABLE_0 (3575ms since start, registers.py:1478)
WARNING:spsdk.utils.registers:Bitfield SECURE_BOOT_CFG_SKIP_DICE_DISABLE_0 not found, trying backward compatibility mode with DISABLE_0 (3575ms since start, registers.py:1478)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3576ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3576ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3577ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3577ms since start, pfr.py:199)
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.utils.crypto.cert_blocks:Loading configuration from cert block/MBI file...
INFO:spsdk.pfr.pfr:
+==0x0000_0000= lpc55s6x ====================+
|                Size: 512 B                 |
|                Pattern: 0x0                |
|+==0x0000_0000= BOOT_CFG ==================+|
||                Size: 4 B                 ||
||            Boot Configuration            ||
|+==0x0000_0003=============================+|
|+==0x0000_0004= SPI_FLASH_CFG =============+|
||                Size: 4 B                 ||
||         SPI Flash Configuration          ||
|+==0x0000_0007=============================+|
|+==0x0000_0008= USB_ID ====================+|
||                Size: 4 B                 ||
||             USB Identifiers              ||
|+==0x0000_000b=============================+|
|+==0x0000_000c= SDIO_CFG ==================+|
||                Size: 4 B                 ||
||            SDIO Configuration            ||
|+==0x0000_000f=============================+|
|+==0x0000_0010= DCFG_CC_SOCU_PIN ==========+|
||                Size: 4 B                 ||
||     Device Configuration Credential      ||
|| Constraints for SoC specific Use Pinned. ||
||  Combinations of PIN and DFLT bits and   ||
||     resulting restriction level:  -      ||
||PIN=1,DFLT=1: Restriction level 0. Access ||
||to the sub-domain is always enabled.  This||
|| setting is provided for module use case  ||
|| scenario where DCFG_CC_SOCU_NS would be  ||
||used to define further access restrictions||
||before final deployment of the product.  -||
||PIN=0,DFLT=0: Restriction level 1. Access ||
||to the sub-domain is disabled at startup. ||
||  But the access can be enabled through   ||
||debug authentication process by providing ||
||    appropriate Debug Credential (DC)     ||
||  certificate.  - PIN=0,DFLT=1: Illegal   ||
||setting.  Part may lock-up if this setting||
||is selected.  - PIN=1,DFLT=0: Restriction ||
||   level 3. Access to the sub-domain is   ||
||    permanently disabled and can't be     ||
||reversed.  This setting offers the highest||
||          level of restriction.           ||
|+==0x0000_0013=============================+|
|+==0x0000_0014= DCFG_CC_SOCU_DFLT =========+|
||                Size: 4 B                 ||
||     Device Configuration Credential      ||
||  Constraints for SoC specific Use Debug  ||
||Filter.  Combinations of PIN and DFLT bits||
||   and resulting restriction level:  -    ||
||PIN=1,DFLT=1: Restriction level 0. Access ||
||to the sub-domain is always enabled.  This||
|| setting is provided for module use case  ||
|| scenario where DCFG_CC_SOCU_NS would be  ||
||used to define further access restrictions||
||before final deployment of the product.  -||
||PIN=0,DFLT=0: Restriction level 1. Access ||
||to the sub-domain is disabled at startup. ||
||  But the access can be enabled through   ||
||debug authentication process by providing ||
||    appropriate Debug Credential (DC)     ||
||  certificate.  - PIN=0,DFLT=1: Illegal   ||
||setting.  Part may lock-up if this setting||
||is selected.  - PIN=1,DFLT=0: Restriction ||
||   level 3. Access to the sub-domain is   ||
||    permanently disabled and can't be     ||
||reversed.  This setting offers the highest||
||          level of restriction.           ||
|+==0x0000_0017=============================+|
|+==0x0000_0018= VENDOR_USAGE ==============+|
||                Size: 4 B                 ||
||               Vendor Usage               ||
|+==0x0000_001b=============================+|
|+==0x0000_001c= SECURE_BOOT_CFG ===========+|
||                Size: 4 B                 ||
||        Secure boot configuration         ||
|+==0x0000_001f=============================+|
|+==0x0000_0020= PRINCE_BASE_ADDR ==========+|
||                Size: 4 B                 ||
||           Prince Base Address            ||
|+==0x0000_0023=============================+|
|+==0x0000_0024= PRINCE_SR_0 ===============+|
||                Size: 4 B                 ||
||       Region 0, sub-region enable        ||
|+==0x0000_0027=============================+|
|+==0x0000_0028= PRINCE_SR_1 ===============+|
||                Size: 4 B                 ||
||       Region 1, sub-region enable        ||
|+==0x0000_002b=============================+|
|+==0x0000_002c= PRINCE_SR_2 ===============+|
||                Size: 4 B                 ||
||       Region 2, sub-region enable        ||
|+==0x0000_002f=============================+|
|+==0x0000_0030= XTAL_32KHZ_CAPABANK_TRIM ==+|
||                Size: 4 B                 ||
||      Xtal 32kHz capabank trimming.       ||
|+==0x0000_0033=============================+|
|+==0x0000_0034= XTAL_16MHZ_CAPABANK_TRIM ==+|
||                Size: 4 B                 ||
||      Xtal 16MHz capabank trimming.       ||
|+==0x0000_0037=============================+|
|+==0x0000_0038= Reserved 0x00038 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_003b=============================+|
|+==0x0000_003c= Reserved 0x0003C ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_003f=============================+|
|+==0x0000_0040= Reserved 0x00040 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0043=============================+|
|+==0x0000_0044= Reserved 0x00044 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0047=============================+|
|+==0x0000_0048= Reserved 0x00048 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_004b=============================+|
|+==0x0000_004c= Reserved 0x0004C ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_004f=============================+|
|+==0x0000_0050= ROTKH =====================+|
||                Size: 32 B                ||
||  ROTKH field is compounded by 8 32-bit   ||
|| fields and contains Root key table hash  ||
|+==0x0000_006f=============================+|
|+==0x0000_0070= Reserved 0x00070 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0073=============================+|
|+==0x0000_0074= Reserved 0x00074 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0077=============================+|
|+==0x0000_0078= Reserved 0x00078 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_007b=============================+|
|+==0x0000_007c= Reserved 0x0007C ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_007f=============================+|
|+==0x0000_0080= Reserved 0x00080 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0083=============================+|
|+==0x0000_0084= Reserved 0x00084 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0087=============================+|
|+==0x0000_0088= Reserved 0x00088 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_008b=============================+|
|+==0x0000_008c= Reserved 0x0008C ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_008f=============================+|
|+==0x0000_0090= Reserved 0x00090 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0093=============================+|
|+==0x0000_0094= Reserved 0x00094 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0097=============================+|
|+==0x0000_0098= Reserved 0x00098 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_009b=============================+|
|+==0x0000_009c= Reserved 0x0009C ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_009f=============================+|
|+==0x0000_00a0= Reserved 0x000A0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00a3=============================+|
|+==0x0000_00a4= Reserved 0x000A4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00a7=============================+|
|+==0x0000_00a8= Reserved 0x000A8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00ab=============================+|
|+==0x0000_00ac= Reserved 0x000AC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00af=============================+|
|+==0x0000_00b0= Reserved 0x000B0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00b3=============================+|
|+==0x0000_00b4= Reserved 0x000B4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00b7=============================+|
|+==0x0000_00b8= Reserved 0x000B8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00bb=============================+|
|+==0x0000_00bc= Reserved 0x000BC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00bf=============================+|
|+==0x0000_00c0= Reserved 0x000C0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00c3=============================+|
|+==0x0000_00c4= Reserved 0x000C4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00c7=============================+|
|+==0x0000_00c8= Reserved 0x000C8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00cb=============================+|
|+==0x0000_00cc= Reserved 0x000CC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00cf=============================+|
|+==0x0000_00d0= Reserved 0x000D0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00d3=============================+|
|+==0x0000_00d4= Reserved 0x000D4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00d7=============================+|
|+==0x0000_00d8= Reserved 0x000D8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00db=============================+|
|+==0x0000_00dc= Reserved 0x000DC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00df=============================+|
|+==0x0000_00e0= Reserved 0x000E0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00e3=============================+|
|+==0x0000_00e4= Reserved 0x000E4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00e7=============================+|
|+==0x0000_00e8= Reserved 0x000E8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00eb=============================+|
|+==0x0000_00ec= Reserved 0x000EC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00ef=============================+|
|+==0x0000_00f0= Reserved 0x000F0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00f3=============================+|
|+==0x0000_00f4= Reserved 0x000F4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00f7=============================+|
|+==0x0000_00f8= Reserved 0x000F8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00fb=============================+|
|+==0x0000_00fc= Reserved 0x000FC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00ff=============================+|
|+==0x0000_0100= CUSTOMER_DEFINED0 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0103=============================+|
|+==0x0000_0104= CUSTOMER_DEFINED1 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0107=============================+|
|+==0x0000_0108= CUSTOMER_DEFINED2 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_010b=============================+|
|+==0x0000_010c= CUSTOMER_DEFINED3 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_010f=============================+|
|+==0x0000_0110= CUSTOMER_DEFINED4 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0113=============================+|
|+==0x0000_0114= CUSTOMER_DEFINED5 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0117=============================+|
|+==0x0000_0118= CUSTOMER_DEFINED6 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_011b=============================+|
|+==0x0000_011c= CUSTOMER_DEFINED7 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_011f=============================+|
|+==0x0000_0120= CUSTOMER_DEFINED8 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0123=============================+|
|+==0x0000_0124= CUSTOMER_DEFINED9 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0127=============================+|
|+==0x0000_0128= CUSTOMER_DEFINED10 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_012b=============================+|
|+==0x0000_012c= CUSTOMER_DEFINED11 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_012f=============================+|
|+==0x0000_0130= CUSTOMER_DEFINED12 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0133=============================+|
|+==0x0000_0134= CUSTOMER_DEFINED13 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0137=============================+|
|+==0x0000_0138= CUSTOMER_DEFINED14 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_013b=============================+|
|+==0x0000_013c= CUSTOMER_DEFINED15 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_013f=============================+|
|+==0x0000_0140= CUSTOMER_DEFINED16 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0143=============================+|
|+==0x0000_0144= CUSTOMER_DEFINED17 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0147=============================+|
|+==0x0000_0148= CUSTOMER_DEFINED18 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_014b=============================+|
|+==0x0000_014c= CUSTOMER_DEFINED19 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_014f=============================+|
|+==0x0000_0150= CUSTOMER_DEFINED20 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0153=============================+|
|+==0x0000_0154= CUSTOMER_DEFINED21 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0157=============================+|
|+==0x0000_0158= CUSTOMER_DEFINED22 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_015b=============================+|
|+==0x0000_015c= CUSTOMER_DEFINED23 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_015f=============================+|
|+==0x0000_0160= CUSTOMER_DEFINED24 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0163=============================+|
|+==0x0000_0164= CUSTOMER_DEFINED25 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0167=============================+|
|+==0x0000_0168= CUSTOMER_DEFINED26 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_016b=============================+|
|+==0x0000_016c= CUSTOMER_DEFINED27 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_016f=============================+|
|+==0x0000_0170= CUSTOMER_DEFINED28 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0173=============================+|
|+==0x0000_0174= CUSTOMER_DEFINED29 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0177=============================+|
|+==0x0000_0178= CUSTOMER_DEFINED30 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_017b=============================+|
|+==0x0000_017c= CUSTOMER_DEFINED31 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_017f=============================+|
|+==0x0000_0180= CUSTOMER_DEFINED32 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0183=============================+|
|+==0x0000_0184= CUSTOMER_DEFINED33 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0187=============================+|
|+==0x0000_0188= CUSTOMER_DEFINED34 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_018b=============================+|
|+==0x0000_018c= CUSTOMER_DEFINED35 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_018f=============================+|
|+==0x0000_0190= CUSTOMER_DEFINED36 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0193=============================+|
|+==0x0000_0194= CUSTOMER_DEFINED37 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0197=============================+|
|+==0x0000_0198= CUSTOMER_DEFINED38 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_019b=============================+|
|+==0x0000_019c= CUSTOMER_DEFINED39 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_019f=============================+|
|+==0x0000_01a0= CUSTOMER_DEFINED40 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01a3=============================+|
|+==0x0000_01a4= CUSTOMER_DEFINED41 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01a7=============================+|
|+==0x0000_01a8= CUSTOMER_DEFINED42 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01ab=============================+|
|+==0x0000_01ac= CUSTOMER_DEFINED43 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01af=============================+|
|+==0x0000_01b0= CUSTOMER_DEFINED44 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01b3=============================+|
|+==0x0000_01b4= CUSTOMER_DEFINED45 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01b7=============================+|
|+==0x0000_01b8= CUSTOMER_DEFINED46 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01bb=============================+|
|+==0x0000_01bc= CUSTOMER_DEFINED47 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01bf=============================+|
|+==0x0000_01c0= CUSTOMER_DEFINED48 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01c3=============================+|
|+==0x0000_01c4= CUSTOMER_DEFINED49 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01c7=============================+|
|+==0x0000_01c8= CUSTOMER_DEFINED50 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01cb=============================+|
|+==0x0000_01cc= CUSTOMER_DEFINED51 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01cf=============================+|
|+==0x0000_01d0= CUSTOMER_DEFINED52 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01d3=============================+|
|+==0x0000_01d4= CUSTOMER_DEFINED53 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01d7=============================+|
|+==0x0000_01d8= CUSTOMER_DEFINED54 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01db=============================+|
|+==0x0000_01dc= CUSTOMER_DEFINED55 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01df=============================+|
|+==0x0000_01e0= SHA256_DIGEST0 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST0 for DIGEST[31:0]      ||
|+==0x0000_01e3=============================+|
|+==0x0000_01e4= SHA256_DIGEST1 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST1 for DIGEST[63:32]     ||
|+==0x0000_01e7=============================+|
|+==0x0000_01e8= SHA256_DIGEST2 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST2 for DIGEST[95:64]     ||
|+==0x0000_01eb=============================+|
|+==0x0000_01ec= SHA256_DIGEST3 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST3 for DIGEST[127:96]     ||
|+==0x0000_01ef=============================+|
|+==0x0000_01f0= SHA256_DIGEST4 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST4 for DIGEST[159:128]    ||
|+==0x0000_01f3=============================+|
|+==0x0000_01f4= SHA256_DIGEST5 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST5 for DIGEST[191:160]    ||
|+==0x0000_01f7=============================+|
|+==0x0000_01f8= SHA256_DIGEST6 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST6 for DIGEST[223:192]    ||
|+==0x0000_01fb=============================+|
|+==0x0000_01fc= SHA256_DIGEST7 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST7 for DIGEST[255:224]    ||
|+==0x0000_01ff=============================+|
+==0x0000_01ff===============================+

Success. (PFR binary has been generated)
Result has been stored in: workspace\cmpa.bin

Device preparation#

Now it’s time to prepare the device (enroll keys, load pfr…). In this example we will use LPCXpresso55S69 Evaluation kit.

First step is to enter ISP mode, this could be achieved by either shorting J10 or by simultaneously pressing ISP button and reset button.

LPCXpresso55S69 supports UART and USB-HID interface for the ISP programming. In the picture below we used UART, if you want to use USB, connect the cable to high speed USB port.

lpc55s69

We could use app nxpdevscan to check if the device is connected to the PC in ISP mode.

# check if the device is connected and detected by PC
%! nxpdevscan
nxpdevscan 
-------- Connected NXP USB Devices --------

LPC-LINK2 CMSIS-DAP V5.224 - NXP Semiconductors
Vendor ID: 0x1fc9
Product ID: 0x0090
Path: HID\VID_1FC9&PID_0090&MI_00\7&28B2E8EA&0&0000
Path Hash: 23e5c9f0
Name: 
Serial number: FTA2BQCQ

LPC-LINK2 DATA PORT - NXP Semiconductors
Vendor ID: 0x1fc9
Product ID: 0x0090
Path: HID\VID_1FC9&PID_0090&MI_04\7&178D41F9&0&0000
Path Hash: 5adc20a8
Name: 
Serial number: FTA2BQCQ

LPCSIO - NXP Semiconductors
Vendor ID: 0x1fc9
Product ID: 0x0090
Path: HID\VID_1FC9&PID_0090&MI_03\7&2ABD5E37&0&0000
Path Hash: 8610ba60
Name: 
Serial number: FTA2BQCQ

-------- Connected NXP UART Devices --------

-------- Connected NXP SIO Devices --------

LIBUSBSIO - NXP Semiconductors, LPCSIO
Vendor ID: 0x1fc9
Product ID: 0x0090
Path: HID\VID_1FC9&PID_0090&MI_03\7&2ABD5E37&0&0000
Path Hash: 8610ba60
Serial number: FTA2BQCQ
Interface number: 3
Release number: 256
USB_CONNECTION = "-u lpc55"
# choose com port or /dev
UART_CONNECTION = "-p com21"

# comment if you want to use UART
# CONNECTION = USB_CONNECTION
CONNECTION = UART_CONNECTION

%! blhost $CONNECTION get-property current-version
blhost -p com21 get-property current-version 
Response status = 0 (0x0) Success.
Response word 1 = 1258487808 (0x4b030000)
Current Version = K3.0.0

Key store erase#

You might erase key store by writing a file containing zero bytes with size 3*512 = 1536 B.

# first you need to set property 29 - PFR key store update option
%! blhost $CONNECTION set-property 29 1

# now write the file containing zero bytes to the location of key store
%! blhost $CONNECTION write-memory 0x9E600 zero_1536.bin

# set the property 29 back to 0
%! blhost $CONNECTION set-property 29 0
blhost -p com21 set-property 29 1 
Response status = 0 (0x0) Success.
blhost -p com21 write-memory 0x9E600 zero_1536.bin 
Writing memory
Response status = 0 (0x0) Success.
Response word 1 = 1536 (0x600)
blhost -p com21 set-property 29 0 
Response status = 0 (0x0) Success.

CFPA page preparation#

By default, the CFPA (Customer field programmable area) page is cleared. There are registers related to secure boot. ROTKH_REVOKE field at CFPA page has to be set up to accept signed images with created certificates.

So we have to enable root key 0 (RoTK0_EN). Another important register is VERSION, it’s monotonic counter which needs to be incremented after every CFPA page update.

In this example we will create unsealed versions of CMPA and CFPA, it means that they could be updated. Sealed (locked) version of CFPA and CMPA might be generated using the -a or –add-seal option.

CFPA_BIN = WORKSPACE + "cfpa.bin"
CFPA_PARSED = WORKSPACE + "cfpa_parsed.yaml"

# First, read the current CFPA page on the processor and parse it to YAML
%! pfr read -f $FAMILY $CONNECTION -t cfpa -o $CFPA_BIN -y $CFPA_PARSED --show-diff

assert os.path.exists(CFPA_TEMPLATE_PATH)
assert os.path.exists(CFPA_PARSED)

with open(CFPA_PARSED) as cfpa_parsed:
    # load yaml configuration to dictionary
    cfpa = yaml.safe_load(cfpa_parsed)
    print("Parsed CFPA from the processor")
    pp.pprint(cfpa)
    # parse actual value of the VERSION monotonic counter
    CFPA_VERSION = int(cfpa["settings"]["VERSION"], 16)
with open(CFPA_TEMPLATE_PATH) as cfpa_config:
    # load yaml configuration to dictionary
    cfpa = yaml.safe_load(cfpa_config)
    # Enable root certificate 0
    cfpa["settings"]["ROTKH_REVOKE"]["RoTK0_EN"] = "ROTKH_REVOKE_RoTK0_EN_ENABLED"
    # VERSION monotonic counter has to be increased after every CFPA page update
    CFPA_VERSION += 1
    cfpa["settings"]["VERSION"] = hex(CFPA_VERSION)

with open(CFPA_TEMPLATE_PATH, "w+") as cfpa_config:
    print("CFPA config:")
    pp.pprint(cfpa)
    # dump the dictionary back to YAML
    yaml.dump(cfpa, cfpa_config)


# Generate CFPA binary
%! pfr $VERBOSITY generate-binary -c $CFPA_TEMPLATE_PATH -o $CFPA_BIN

assert os.path.exists(CFPA_BIN)
pfr read -f lpc55s6x -p com21 -t cfpa -o workspace/cfpa.bin -y workspace/cfpa_parsed.yaml --show-diff 
CFPA page address on lpc55s6x is 0x9de00
CFPA data stored to workspace\cfpa.bin
Parsed config stored to workspace\cfpa_parsed.yaml
Parsed CFPA from the processor
{   'family': 'lpc55s6x',
    'revision': 'a1',
    'settings': {   'CMPA_PROG_IN_PROGRESS': '0x5CC55AA5',
                    'DCFG_CC_SOCU_NS_DFLT': {'INVERSE_VALUE': '0xFFFF'},
                    'DCFG_CC_SOCU_NS_PIN': {'INVERSE_VALUE': '0xFFFF'},
                    'ROTKH_REVOKE': {'RoTK0_EN': 'ENABLED'},
                    'SHA256_DIGEST0': '0x0458EA8F',
                    'SHA256_DIGEST1': '0x61988F85',
                    'SHA256_DIGEST2': '0x2E96F970',
                    'SHA256_DIGEST3': '0xEF5D3159',
                    'SHA256_DIGEST4': '0xB3A6C040',
                    'SHA256_DIGEST5': '0x854BE1E5',
                    'SHA256_DIGEST6': '0x69CB29C5',
                    'SHA256_DIGEST7': '0x2AD170B3',
                    'VENDOR_USAGE': {'INVERSE_VALUE': '0xFFFF'},
                    'VERSION': '0x00000005'},
    'type': 'CFPA'}
CFPA config:
{   'family': 'lpc55s6x',
    'revision': 'latest',
    'settings': {   'CMPA_PROG_IN_PROGRESS': '0x00000000',
                    'CUSTOMER_DEFINED0': '0x00000000',
                    'CUSTOMER_DEFINED1': '0x00000000',
                    'CUSTOMER_DEFINED10': '0x00000000',
                    'CUSTOMER_DEFINED11': '0x00000000',
                    'CUSTOMER_DEFINED12': '0x00000000',
                    'CUSTOMER_DEFINED13': '0x00000000',
                    'CUSTOMER_DEFINED14': '0x00000000',
                    'CUSTOMER_DEFINED15': '0x00000000',
                    'CUSTOMER_DEFINED16': '0x00000000',
                    'CUSTOMER_DEFINED17': '0x00000000',
                    'CUSTOMER_DEFINED18': '0x00000000',
                    'CUSTOMER_DEFINED19': '0x00000000',
                    'CUSTOMER_DEFINED2': '0x00000000',
                    'CUSTOMER_DEFINED20': '0x00000000',
                    'CUSTOMER_DEFINED21': '0x00000000',
                    'CUSTOMER_DEFINED22': '0x00000000',
                    'CUSTOMER_DEFINED23': '0x00000000',
                    'CUSTOMER_DEFINED24': '0x00000000',
                    'CUSTOMER_DEFINED25': '0x00000000',
                    'CUSTOMER_DEFINED26': '0x00000000',
                    'CUSTOMER_DEFINED27': '0x00000000',
                    'CUSTOMER_DEFINED28': '0x00000000',
                    'CUSTOMER_DEFINED29': '0x00000000',
                    'CUSTOMER_DEFINED3': '0x00000000',
                    'CUSTOMER_DEFINED30': '0x00000000',
                    'CUSTOMER_DEFINED31': '0x00000000',
                    'CUSTOMER_DEFINED32': '0x00000000',
                    'CUSTOMER_DEFINED33': '0x00000000',
                    'CUSTOMER_DEFINED34': '0x00000000',
                    'CUSTOMER_DEFINED35': '0x00000000',
                    'CUSTOMER_DEFINED36': '0x00000000',
                    'CUSTOMER_DEFINED37': '0x00000000',
                    'CUSTOMER_DEFINED38': '0x00000000',
                    'CUSTOMER_DEFINED39': '0x00000000',
                    'CUSTOMER_DEFINED4': '0x00000000',
                    'CUSTOMER_DEFINED40': '0x00000000',
                    'CUSTOMER_DEFINED41': '0x00000000',
                    'CUSTOMER_DEFINED42': '0x00000000',
                    'CUSTOMER_DEFINED43': '0x00000000',
                    'CUSTOMER_DEFINED44': '0x00000000',
                    'CUSTOMER_DEFINED45': '0x00000000',
                    'CUSTOMER_DEFINED46': '0x00000000',
                    'CUSTOMER_DEFINED47': '0x00000000',
                    'CUSTOMER_DEFINED48': '0x00000000',
                    'CUSTOMER_DEFINED49': '0x00000000',
                    'CUSTOMER_DEFINED5': '0x00000000',
                    'CUSTOMER_DEFINED50': '0x00000000',
                    'CUSTOMER_DEFINED51': '0x00000000',
                    'CUSTOMER_DEFINED52': '0x00000000',
                    'CUSTOMER_DEFINED53': '0x00000000',
                    'CUSTOMER_DEFINED54': '0x00000000',
                    'CUSTOMER_DEFINED55': '0x00000000',
                    'CUSTOMER_DEFINED6': '0x00000000',
                    'CUSTOMER_DEFINED7': '0x00000000',
                    'CUSTOMER_DEFINED8': '0x00000000',
                    'CUSTOMER_DEFINED9': '0x00000000',
                    'DCFG_CC_SOCU_NS_DFLT': {   'CPU1_DBGEN': 'DISABLED',
                                                'CPU1_NIDEN': 'DISABLED',
                                                'DBGEN': 'DISABLED',
                                                'FA_ME_CMD_EN': 'DISABLED',
                                                'ISP_CMD_EN': 'DISABLED',
                                                'NIDEN': 'DISABLED',
                                                'SPIDEN': 'DISABLED',
                                                'SPNIDEN': 'DISABLED',
                                                'TAPEN': 'DISABLED'},
                    'DCFG_CC_SOCU_NS_PIN': {   'CPU1_DBGEN': 'USE_DAP',
                                               'CPU1_NIDEN': 'USE_DAP',
                                               'DBGEN': 'USE_DAP',
                                               'FA_ME_CMD_EN': 'USE_DAP',
                                               'ISP_CMD_EN': 'USE_DAP',
                                               'NIDEN': 'USE_DAP',
                                               'SPIDEN': 'USE_DAP',
                                               'SPNIDEN': 'USE_DAP',
                                               'TAPEN': 'USE_DAP',
                                               'UUID_CHECK': 'DISABLED'},
                    'ENABLE_FA_MODE': '0x00000000',
                    'HEADER': '0x00000000',
                    'IMAGE_KEY_REVOKE': '0x00000000',
                    'NS_FW_Version': '0x00000000',
                    'PRINCE_REGION0_IV_BODY0': '0x00000000',
                    'PRINCE_REGION0_IV_BODY1': '0x00000000',
                    'PRINCE_REGION0_IV_BODY10': '0x00000000',
                    'PRINCE_REGION0_IV_BODY11': '0x00000000',
                    'PRINCE_REGION0_IV_BODY2': '0x00000000',
                    'PRINCE_REGION0_IV_BODY3': '0x00000000',
                    'PRINCE_REGION0_IV_BODY4': '0x00000000',
                    'PRINCE_REGION0_IV_BODY5': '0x00000000',
                    'PRINCE_REGION0_IV_BODY6': '0x00000000',
                    'PRINCE_REGION0_IV_BODY7': '0x00000000',
                    'PRINCE_REGION0_IV_BODY8': '0x00000000',
                    'PRINCE_REGION0_IV_BODY9': '0x00000000',
                    'PRINCE_REGION0_IV_CODE0': '0x00000000',
                    'PRINCE_REGION0_IV_CODE1': {   'INDEX': 0,
                                                   'SIZE': 0,
                                                   'TYPE': 0},
                    'PRINCE_REGION1_IV_BODY0': '0x00000000',
                    'PRINCE_REGION1_IV_BODY1': '0x00000000',
                    'PRINCE_REGION1_IV_BODY10': '0x00000000',
                    'PRINCE_REGION1_IV_BODY11': '0x00000000',
                    'PRINCE_REGION1_IV_BODY2': '0x00000000',
                    'PRINCE_REGION1_IV_BODY3': '0x00000000',
                    'PRINCE_REGION1_IV_BODY4': '0x00000000',
                    'PRINCE_REGION1_IV_BODY5': '0x00000000',
                    'PRINCE_REGION1_IV_BODY6': '0x00000000',
                    'PRINCE_REGION1_IV_BODY7': '0x00000000',
                    'PRINCE_REGION1_IV_BODY8': '0x00000000',
                    'PRINCE_REGION1_IV_BODY9': '0x00000000',
                    'PRINCE_REGION1_IV_CODE0': '0x00000000',
                    'PRINCE_REGION1_IV_CODE1': {   'INDEX': 0,
                                                   'SIZE': 0,
                                                   'TYPE': 0},
                    'PRINCE_REGION2_IV_BODY0': '0x00000000',
                    'PRINCE_REGION2_IV_BODY1': '0x00000000',
                    'PRINCE_REGION2_IV_BODY10': '0x00000000',
                    'PRINCE_REGION2_IV_BODY11': '0x00000000',
                    'PRINCE_REGION2_IV_BODY2': '0x00000000',
                    'PRINCE_REGION2_IV_BODY3': '0x00000000',
                    'PRINCE_REGION2_IV_BODY4': '0x00000000',
                    'PRINCE_REGION2_IV_BODY5': '0x00000000',
                    'PRINCE_REGION2_IV_BODY6': '0x00000000',
                    'PRINCE_REGION2_IV_BODY7': '0x00000000',
                    'PRINCE_REGION2_IV_BODY8': '0x00000000',
                    'PRINCE_REGION2_IV_BODY9': '0x00000000',
                    'PRINCE_REGION2_IV_CODE0': '0x00000000',
                    'PRINCE_REGION2_IV_CODE1': {   'INDEX': 0,
                                                   'SIZE': 0,
                                                   'TYPE': 0},
                    'ROTKH_REVOKE': {   'RoTK0_EN': 'ROTKH_REVOKE_RoTK0_EN_ENABLED',
                                        'RoTK1_EN': 'INVALID',
                                        'RoTK2_EN': 'INVALID',
                                        'RoTK3_EN': 'INVALID'},
                    'SHA256_DIGEST0': '0x00000000',
                    'SHA256_DIGEST1': '0x00000000',
                    'SHA256_DIGEST2': '0x00000000',
                    'SHA256_DIGEST3': '0x00000000',
                    'SHA256_DIGEST4': '0x00000000',
                    'SHA256_DIGEST5': '0x00000000',
                    'SHA256_DIGEST6': '0x00000000',
                    'SHA256_DIGEST7': '0x00000000',
                    'S_FW_Version': '0x00000000',
                    'VENDOR_USAGE': {'DBG_VENDOR_USAGE': 0},
                    'VERSION': '0x6'},
    'type': 'CFPA'}
pfr -v generate-binary -c workspace/cfpa_lpc55s6x.yml -o workspace/cfpa.bin 
WARNING:spsdk.utils.registers:Bitfield ROTKH_REVOKE_RoTK0_EN_ENABLED not found, trying backward compatibility mode with ENABLED (3390ms since start, registers.py:1478)
WARNING:spsdk.utils.registers:Bitfield ROTKH_REVOKE_RoTK0_EN_ENABLED not found, trying backward compatibility mode with ENABLED (3390ms since start, registers.py:1478)
WARNING:spsdk.pfr.pfr:The VENDOR_USAGE register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The VENDOR_USAGE register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_PIN register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
WARNING:spsdk.pfr.pfr:The DCFG_CC_SOCU_NS_DFLT register has been recomputed, because it has been used in configuration and the bitfield INVERSE_VALUE has not been specified (3391ms since start, pfr.py:199)
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfrc:OK: Brick condition not fulfilled
INFO:spsdk.pfr.pfr:
+==0x0000_0000= lpc55s6x ====================+
|                Size: 512 B                 |
|                Pattern: 0x0                |
|+==0x0000_0000= HEADER ====================+|
||                Size: 4 B                 ||
||                  Header                  ||
|+==0x0000_0003=============================+|
|+==0x0000_0004= VERSION ===================+|
||                Size: 4 B                 ||
||                 Version                  ||
|+==0x0000_0007=============================+|
|+==0x0000_0008= S_FW_Version ==============+|
||                Size: 4 B                 ||
||    Secure firmware version (Monotonic    ||
||                 counter)                 ||
|+==0x0000_000b=============================+|
|+==0x0000_000c= NS_FW_Version =============+|
||                Size: 4 B                 ||
||  Non-Secure firmware version (Monotonic  ||
||                 counter)                 ||
|+==0x0000_000f=============================+|
|+==0x0000_0010= IMAGE_KEY_REVOKE ==========+|
||                Size: 4 B                 ||
||    Image key revocation ID (Monotonic    ||
||                 counter)                 ||
|+==0x0000_0013=============================+|
|+==0x0000_0014= Reserved 0x00014 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_0017=============================+|
|+==0x0000_0018= ROTKH_REVOKE ==============+|
||                Size: 4 B                 ||
||      Root of Trust Key Hash Revoke       ||
|+==0x0000_001b=============================+|
|+==0x0000_001c= VENDOR_USAGE ==============+|
||                Size: 4 B                 ||
||               Vendor Usage               ||
|+==0x0000_001f=============================+|
|+==0x0000_0020= DCFG_CC_SOCU_NS_PIN =======+|
||                Size: 4 B                 ||
||     Device Configuration Credential      ||
|| Constraints for SoC specific Use Pinned. ||
||  Combinations of PIN and DFLT bits and   ||
||     resulting restriction level:  -      ||
||PIN=1,DFLT=1: Restriction level 0. Access ||
||to the sub-domain is always enabled.  This||
|| setting is provided for module use case  ||
|| scenario where DCFG_CC_SOCU_NS would be  ||
||used to define further access restrictions||
||before final deployment of the product.  -||
||PIN=0,DFLT=0: Restriction level 1. Access ||
||to the sub-domain is disabled at startup. ||
||  But the access can be enabled through   ||
||debug authentication process by providing ||
||    appropriate Debug Credential (DC)     ||
||  certificate.  - PIN=0,DFLT=1: Illegal   ||
||setting.  Part may lock-up if this setting||
||is selected.  - PIN=1,DFLT=0: Restriction ||
||   level 3. Access to the sub-domain is   ||
||    permanently disabled and can't be     ||
||reversed.  This setting offers the highest||
||          level of restriction.           ||
|+==0x0000_0023=============================+|
|+==0x0000_0024= DCFG_CC_SOCU_NS_DFLT ======+|
||                Size: 4 B                 ||
||     Device Configuration Credential      ||
||  Constraints for SoC specific Use Debug  ||
||Filter.  Combinations of PIN and DFLT bits||
||   and resulting restriction level:  -    ||
||PIN=1,DFLT=1: Restriction level 0. Access ||
||to the sub-domain is always enabled.  This||
|| setting is provided for module use case  ||
|| scenario where DCFG_CC_SOCU_NS would be  ||
||used to define further access restrictions||
||before final deployment of the product.  -||
||PIN=0,DFLT=0: Restriction level 1. Access ||
||to the sub-domain is disabled at startup. ||
||  But the access can be enabled through   ||
||debug authentication process by providing ||
||    appropriate Debug Credential (DC)     ||
||  certificate.  - PIN=0,DFLT=1: Illegal   ||
||setting.  Part may lock-up if this setting||
||is selected.  - PIN=1,DFLT=0: Restriction ||
||   level 3. Access to the sub-domain is   ||
||    permanently disabled and can't be     ||
||reversed.  This setting offers the highest||
||          level of restriction.           ||
|+==0x0000_0027=============================+|
|+==0x0000_0028= ENABLE_FA_MODE ============+|
||                Size: 4 B                 ||
||   Enable FA mode.  SET_FA_MODE Command   ||
|| should write 0xC33CA55A to this word to  ||
||   indicate boot ROM to enter FA mode.    ||
|+==0x0000_002b=============================+|
|+==0x0000_002c= CMPA_PROG_IN_PROGRESS =====+|
||                Size: 4 B                 ||
||  CMPA Page programming on going.  This   ||
|| field shall be set to 0x5CC55AA5 in the  ||
||   active CFPA page each time CMPA page   ||
||programming is going on.  It shall always ||
|| be set to 0x00000000 in the CFPA scratch ||
||                  area.                   ||
|+==0x0000_002f=============================+|
|+==0x0000_0030= PRINCE_REGION0_IV_CODE0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0033=============================+|
|+==0x0000_0034= PRINCE_REGION0_IV_CODE1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0037=============================+|
|+==0x0000_0038= PRINCE_REGION0_IV_BODY0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_003b=============================+|
|+==0x0000_003c= PRINCE_REGION0_IV_BODY1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_003f=============================+|
|+==0x0000_0040= PRINCE_REGION0_IV_BODY2 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0043=============================+|
|+==0x0000_0044= PRINCE_REGION0_IV_BODY3 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0047=============================+|
|+==0x0000_0048= PRINCE_REGION0_IV_BODY4 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_004b=============================+|
|+==0x0000_004c= PRINCE_REGION0_IV_BODY5 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_004f=============================+|
|+==0x0000_0050= PRINCE_REGION0_IV_BODY6 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0053=============================+|
|+==0x0000_0054= PRINCE_REGION0_IV_BODY7 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0057=============================+|
|+==0x0000_0058= PRINCE_REGION0_IV_BODY8 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_005b=============================+|
|+==0x0000_005c= PRINCE_REGION0_IV_BODY9 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_005f=============================+|
|+==0x0000_0060= PRINCE_REGION0_IV_BODY10 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0063=============================+|
|+==0x0000_0064= PRINCE_REGION0_IV_BODY11 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0067=============================+|
|+==0x0000_0068= PRINCE_REGION1_IV_CODE0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_006b=============================+|
|+==0x0000_006c= PRINCE_REGION1_IV_CODE1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_006f=============================+|
|+==0x0000_0070= PRINCE_REGION1_IV_BODY0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0073=============================+|
|+==0x0000_0074= PRINCE_REGION1_IV_BODY1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0077=============================+|
|+==0x0000_0078= PRINCE_REGION1_IV_BODY2 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_007b=============================+|
|+==0x0000_007c= PRINCE_REGION1_IV_BODY3 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_007f=============================+|
|+==0x0000_0080= PRINCE_REGION1_IV_BODY4 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0083=============================+|
|+==0x0000_0084= PRINCE_REGION1_IV_BODY5 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0087=============================+|
|+==0x0000_0088= PRINCE_REGION1_IV_BODY6 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_008b=============================+|
|+==0x0000_008c= PRINCE_REGION1_IV_BODY7 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_008f=============================+|
|+==0x0000_0090= PRINCE_REGION1_IV_BODY8 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0093=============================+|
|+==0x0000_0094= PRINCE_REGION1_IV_BODY9 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_0097=============================+|
|+==0x0000_0098= PRINCE_REGION1_IV_BODY10 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_009b=============================+|
|+==0x0000_009c= PRINCE_REGION1_IV_BODY11 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_009f=============================+|
|+==0x0000_00a0= PRINCE_REGION2_IV_CODE0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00a3=============================+|
|+==0x0000_00a4= PRINCE_REGION2_IV_CODE1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00a7=============================+|
|+==0x0000_00a8= PRINCE_REGION2_IV_BODY0 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00ab=============================+|
|+==0x0000_00ac= PRINCE_REGION2_IV_BODY1 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00af=============================+|
|+==0x0000_00b0= PRINCE_REGION2_IV_BODY2 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00b3=============================+|
|+==0x0000_00b4= PRINCE_REGION2_IV_BODY3 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00b7=============================+|
|+==0x0000_00b8= PRINCE_REGION2_IV_BODY4 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00bb=============================+|
|+==0x0000_00bc= PRINCE_REGION2_IV_BODY5 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00bf=============================+|
|+==0x0000_00c0= PRINCE_REGION2_IV_BODY6 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00c3=============================+|
|+==0x0000_00c4= PRINCE_REGION2_IV_BODY7 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00c7=============================+|
|+==0x0000_00c8= PRINCE_REGION2_IV_BODY8 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00cb=============================+|
|+==0x0000_00cc= PRINCE_REGION2_IV_BODY9 ===+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00cf=============================+|
|+==0x0000_00d0= PRINCE_REGION2_IV_BODY10 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00d3=============================+|
|+==0x0000_00d4= PRINCE_REGION2_IV_BODY11 ==+|
||                Size: 4 B                 ||
||                  Field.                  ||
|+==0x0000_00d7=============================+|
|+==0x0000_00d8= Reserved 0x000D8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00db=============================+|
|+==0x0000_00dc= Reserved 0x000DC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00df=============================+|
|+==0x0000_00e0= Reserved 0x000E0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00e3=============================+|
|+==0x0000_00e4= Reserved 0x000E4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00e7=============================+|
|+==0x0000_00e8= Reserved 0x000E8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00eb=============================+|
|+==0x0000_00ec= Reserved 0x000EC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00ef=============================+|
|+==0x0000_00f0= Reserved 0x000F0 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00f3=============================+|
|+==0x0000_00f4= Reserved 0x000F4 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00f7=============================+|
|+==0x0000_00f8= Reserved 0x000F8 ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00fb=============================+|
|+==0x0000_00fc= Reserved 0x000FC ==========+|
||                Size: 4 B                 ||
|| This field is reserved for internal use  ||
|+==0x0000_00ff=============================+|
|+==0x0000_0100= CUSTOMER_DEFINED0 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0103=============================+|
|+==0x0000_0104= CUSTOMER_DEFINED1 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0107=============================+|
|+==0x0000_0108= CUSTOMER_DEFINED2 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_010b=============================+|
|+==0x0000_010c= CUSTOMER_DEFINED3 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_010f=============================+|
|+==0x0000_0110= CUSTOMER_DEFINED4 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0113=============================+|
|+==0x0000_0114= CUSTOMER_DEFINED5 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0117=============================+|
|+==0x0000_0118= CUSTOMER_DEFINED6 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_011b=============================+|
|+==0x0000_011c= CUSTOMER_DEFINED7 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_011f=============================+|
|+==0x0000_0120= CUSTOMER_DEFINED8 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0123=============================+|
|+==0x0000_0124= CUSTOMER_DEFINED9 =========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0127=============================+|
|+==0x0000_0128= CUSTOMER_DEFINED10 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_012b=============================+|
|+==0x0000_012c= CUSTOMER_DEFINED11 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_012f=============================+|
|+==0x0000_0130= CUSTOMER_DEFINED12 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0133=============================+|
|+==0x0000_0134= CUSTOMER_DEFINED13 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0137=============================+|
|+==0x0000_0138= CUSTOMER_DEFINED14 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_013b=============================+|
|+==0x0000_013c= CUSTOMER_DEFINED15 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_013f=============================+|
|+==0x0000_0140= CUSTOMER_DEFINED16 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0143=============================+|
|+==0x0000_0144= CUSTOMER_DEFINED17 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0147=============================+|
|+==0x0000_0148= CUSTOMER_DEFINED18 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_014b=============================+|
|+==0x0000_014c= CUSTOMER_DEFINED19 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_014f=============================+|
|+==0x0000_0150= CUSTOMER_DEFINED20 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0153=============================+|
|+==0x0000_0154= CUSTOMER_DEFINED21 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0157=============================+|
|+==0x0000_0158= CUSTOMER_DEFINED22 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_015b=============================+|
|+==0x0000_015c= CUSTOMER_DEFINED23 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_015f=============================+|
|+==0x0000_0160= CUSTOMER_DEFINED24 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0163=============================+|
|+==0x0000_0164= CUSTOMER_DEFINED25 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0167=============================+|
|+==0x0000_0168= CUSTOMER_DEFINED26 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_016b=============================+|
|+==0x0000_016c= CUSTOMER_DEFINED27 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_016f=============================+|
|+==0x0000_0170= CUSTOMER_DEFINED28 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0173=============================+|
|+==0x0000_0174= CUSTOMER_DEFINED29 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0177=============================+|
|+==0x0000_0178= CUSTOMER_DEFINED30 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_017b=============================+|
|+==0x0000_017c= CUSTOMER_DEFINED31 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_017f=============================+|
|+==0x0000_0180= CUSTOMER_DEFINED32 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0183=============================+|
|+==0x0000_0184= CUSTOMER_DEFINED33 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0187=============================+|
|+==0x0000_0188= CUSTOMER_DEFINED34 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_018b=============================+|
|+==0x0000_018c= CUSTOMER_DEFINED35 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_018f=============================+|
|+==0x0000_0190= CUSTOMER_DEFINED36 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0193=============================+|
|+==0x0000_0194= CUSTOMER_DEFINED37 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_0197=============================+|
|+==0x0000_0198= CUSTOMER_DEFINED38 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_019b=============================+|
|+==0x0000_019c= CUSTOMER_DEFINED39 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_019f=============================+|
|+==0x0000_01a0= CUSTOMER_DEFINED40 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01a3=============================+|
|+==0x0000_01a4= CUSTOMER_DEFINED41 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01a7=============================+|
|+==0x0000_01a8= CUSTOMER_DEFINED42 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01ab=============================+|
|+==0x0000_01ac= CUSTOMER_DEFINED43 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01af=============================+|
|+==0x0000_01b0= CUSTOMER_DEFINED44 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01b3=============================+|
|+==0x0000_01b4= CUSTOMER_DEFINED45 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01b7=============================+|
|+==0x0000_01b8= CUSTOMER_DEFINED46 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01bb=============================+|
|+==0x0000_01bc= CUSTOMER_DEFINED47 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01bf=============================+|
|+==0x0000_01c0= CUSTOMER_DEFINED48 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01c3=============================+|
|+==0x0000_01c4= CUSTOMER_DEFINED49 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01c7=============================+|
|+==0x0000_01c8= CUSTOMER_DEFINED50 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01cb=============================+|
|+==0x0000_01cc= CUSTOMER_DEFINED51 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01cf=============================+|
|+==0x0000_01d0= CUSTOMER_DEFINED52 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01d3=============================+|
|+==0x0000_01d4= CUSTOMER_DEFINED53 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01d7=============================+|
|+==0x0000_01d8= CUSTOMER_DEFINED54 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01db=============================+|
|+==0x0000_01dc= CUSTOMER_DEFINED55 ========+|
||                Size: 4 B                 ||
||Customer Defined (Programmable through ROM||
||                   API)                   ||
|+==0x0000_01df=============================+|
|+==0x0000_01e0= SHA256_DIGEST0 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST0 for DIGEST[31:0]      ||
|+==0x0000_01e3=============================+|
|+==0x0000_01e4= SHA256_DIGEST1 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST1 for DIGEST[63:32]     ||
|+==0x0000_01e7=============================+|
|+==0x0000_01e8= SHA256_DIGEST2 ============+|
||                Size: 4 B                 ||
||     SHA256_DIGEST2 for DIGEST[95:64]     ||
|+==0x0000_01eb=============================+|
|+==0x0000_01ec= SHA256_DIGEST3 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST3 for DIGEST[127:96]     ||
|+==0x0000_01ef=============================+|
|+==0x0000_01f0= SHA256_DIGEST4 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST4 for DIGEST[159:128]    ||
|+==0x0000_01f3=============================+|
|+==0x0000_01f4= SHA256_DIGEST5 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST5 for DIGEST[191:160]    ||
|+==0x0000_01f7=============================+|
|+==0x0000_01f8= SHA256_DIGEST6 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST6 for DIGEST[223:192]    ||
|+==0x0000_01fb=============================+|
|+==0x0000_01fc= SHA256_DIGEST7 ============+|
||                Size: 4 B                 ||
||    SHA256_DIGEST7 for DIGEST[255:224]    ||
|+==0x0000_01ff=============================+|
+==0x0000_01ff===============================+

Success. (PFR binary has been generated)
Result has been stored in: workspace\cfpa.bin

PFR write#

Now that we have enrolled key store, it’s time to write CFPA and CMPA pages. We could use pfr tool or blhost.

# write CFPA
%! pfr write $CONNECTION -t cfpa -f $FAMILY -b $CFPA_BIN
# this is the same as
# %! blhost $CONNECTION write-memory 0x0009DE00 $CFPA_BIN

# write CMPA
%! pfr write $CONNECTION -t cmpa -f $FAMILY -b $CMPA_BIN
pfr write -p com21 -t cfpa -f lpc55s6x -b workspace/cfpa.bin 
CFPA page address on lpc55s6x is 0x9de00
CFPA data written to device.
pfr write -p com21 -t cmpa -f lpc55s6x -b workspace/cmpa.bin 
CMPA page address on lpc55s6x is 0x9e400
CMPA data written to device.

Write MBI#

Last step is to write master boot image to device.

# Erase flash first
%! blhost $CONNECTION flash-erase-region 0 0x10000

# write MBI
%! blhost $CONNECTION write-memory 0 $BIN_OUTPUT_PATH
blhost -p com21 flash-erase-region 0 0x10000 
Response status = 0 (0x0) Success.
blhost -p com21 write-memory 0 workspace/lpc55s6x_mbi.bin 
Writing memory
Response status = 0 (0x0) Success.
Response word 1 = 11064 (0x2b38)