Image Module API

Module implementing functionality of srktool, dcdgen, mkimage and other similar tools.

Image Segments

This module contains generic implementation of image segment.

class spsdk.image.segments_base.SegmentBase(family)

Bases: FeatureBaseClass

Base class for image segment.

Segment base Constructor.

Parameters:

family (FamilyRevision) – Chip family.

Raises:

SPSDKValueError – Unsupported family.

FEATURE: str = 'unknown'

export()

Export block binary.

Return type:

bytes

Returns:

Binary representation of segment.

classmethod get_memory_types_config(family)

Get memory types data from database.

Parameters:

family (FamilyRevision) – Chip family.

Return type:

dict[str, dict]

classmethod get_supported_memory_types(family=None)

Get list of supported memory types data from database.

Parameters:

family (Optional[FamilyRevision]) – Chip family.

Return type:

list[MemoryType]

abstract property registers: Registers

Registers of segment.

TrustZone

Module provides support for TrustZone configuration data.

class spsdk.image.trustzone.TrustZone(family)

Bases: FeatureBaseClass

Provide creation of binary data to set up the TrustZone engine in CM-33.

Initialize the trustzone.

FEATURE: str = 'tz'

export()

Return the TrustZone data as bytes.

Return type:

bytes

get_config(data_path='./')

Create configuration of the TrustZOne.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_preset_data_size(family)

Get size of preset data in binary form.

Parameters:

family (FamilyRevision) – Family description.

Raises:

SPSDKValueError – Family or revision is not supported.

Return type:

int

Returns:

Size of TZ data.

classmethod get_validation_schemas(family)

Create the validation schema.

Parameters:

family (FamilyRevision) – Family description.

Raises:

SPSDKError – Family or revision is not supported.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

property is_customized: bool

The trustzone has customized values.

Returns:

True if the TrustZone is customized, False otherwise.

classmethod load_from_config(config)

Alternate constructor using configuration data.

Raises:

SPSDKError – Invalid configuration file.

Return type:

Self

Returns:

TrustZone class instance.

classmethod parse(data, family=None)

Parse object from bytes array.

Parameters:

• data (bytes) – Bytes array containing TrustZone configuration

• family (Optional[FamilyRevision]) – Optional family revision for parsing

Raises:

SPSDKValueError – If family is not provided

Return type:

Self

Returns:

Parsed TrustZone instance

class spsdk.image.trustzone.TrustZoneType(tag, label, description=None)

Bases: SpsdkEnum

Enum defining various types of TrustZone types.

CUSTOM = (1, 'CUSTOM', 'TrustZone enabled with custom settings')

DISABLED = (2, 'DISABLED', 'Disabled')

ENABLED = (0, 'ENABLED', 'TrustZone enabled with default settings')

Support for BEE encryption for RT10xx devices

Contains support for BEE encryption.

class spsdk.image.bee.Bee(family, headers, input_images)

Bases: FeatureBaseClass

Bee class.

Constructor.

Parameters:

• family (FamilyRevision) – The CPU family

• headers (list[Optional[BeeRegionHeader]]) – list of BEE Region Headers

• input_images (list[tuple[bytes, int]]) – List of (image_data, base_address) tuples

FEATURE: str = 'bee'

static check_image_overlaps(images)

Check for overlaps in input images.

Parameters:

images (list[tuple[bytes, int]]) – List of tuples (image_data, base_address)

Raises:

SPSDKOverlapError – if any two images overlap

Return type:

None

static check_overlaps(bee_headers, start_addr)

Check for overlaps in regions.

Parameters:

• bee_headers (list[Optional[BeeRegionHeader]]) – List of BeeRegionHeader

• start_addr (int) – start address of a region to be checked

Raises:

SPSDKOverlapError – if the address is inside any region

Return type:

None

export()

Export encrypted binary image.

Return type:

bytes

Returns:

encrypted image

export_headers()

Export BEE headers.

Return type:

list[Optional[bytes]]

Returns:

BEE region headers

get_config(data_path='./')

Create configuration of the Feature.

Return type:

Config

classmethod get_validation_schemas(family)

Get list of validation schemas.

Parameters:

family (FamilyRevision) – The CPU family

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

classmethod load_from_config(config)

Converts the configuration into an BEE image object.

Parameters:

config (Config) – Configuration dictionary.

Return type:

Self

Returns:

Initialized Bee object.

classmethod parse(data)

Parse object from bytes array.

Parameters:

data (bytes) – Input binary data

Return type:

Self

class spsdk.image.bee.BeeBaseClass

Bases: object

BEE base class.

classmethod check_data_to_parse(data)

Deserialization.

Parameters:

data (bytes) – binary data to be parsed

Raises:

SPSDKError – If size of the data is not sufficient

Return type:

None

export()

Return type:

bytes

Returns:

binary representation of the region (serialization).

classmethod get_size()

Return type:

int

Returns:

size of the exported binary data in bytes.

property size: int

Returns:

size of the exported binary data in bytes.

update()

Updates internal fields of the instance.

Return type:

None

validate()

Validates the configuration of the instance.

It is recommended to call the method before export and after parsing.

Return type:

None

class spsdk.image.bee.BeeFacRegion(start=0, length=0, protected_level=0)

Bases: BeeBaseClass

BEE Factory Access Control (FAC) region.

Constructor.

Parameters:

• start (int) – Start address of one FAC region, align at 1KB boundary; 32-bit number

• length (int) – Length of one FAC region, align at 1KB boundary; 32-bit number

• protected_level (int) – Protected level: 0/1/2/3; 32-bit number

property end_addr: int

Returns:

end address of the region (which is last address of the region + 1).

export()

Exports the binary representation.

Return type:

bytes

classmethod parse(data)

Deserialization.

Parameters:

data (bytes) – binary data to be parsed

Return type:

Self

Returns:

instance created from binary data

Raises:

SPSDKError – If reserved area is non-zero

validate()

Validates the configuration of the instance.

Return type:

None

class spsdk.image.bee.BeeKIB(kib_key=None, kib_iv=None)

Bases: BeeBaseClass

BEE Key block.

Contains keys used to encrypt PRDB content.

Constructor.

Parameters:

• kib_key (Optional[bytes]) – AES key

• kib_iv (Optional[bytes]) – AES initialization vector

export()

Exports binary representation of the region (serialization).

Return type:

bytes

classmethod parse(data)

Deserialization.

Parameters:

data (bytes) – binary data to be parsed

Return type:

Self

Returns:

instance created from binary data

validate()

Validates settings of the instance.

Raises:

• SPSDKError – If invalid length of kib key

• SPSDKError – If invalid length of kib iv

Return type:

None

class spsdk.image.bee.BeeProtectRegionBlock(encr_mode=BeeProtectRegionBlockAesMode(tag=1, label='CTR', description=None), lock_options=0, counter=None)

Bases: BeeBaseClass

BEE protect region block (PRDB).

Constructor.

Parameters:

• encr_mode (BeeProtectRegionBlockAesMode) – AES encryption mode

• lock_options (int) – Lock options; 32-bit number

• counter (Optional[bytes]) – Counter for AES-CTR mode; 16 bytes; by default, random value is used

FAC_REGIONS = 4

SIZE = 256

TAGH = 1380206661

TAGL = 1598505300

VERSION = 1442906112

add_fac(fac)

Append FAC region.

Parameters:

fac (BeeFacRegion) – Factory Access Control to be added

Return type:

None

encrypt_block(key, start_addr, data)

Encrypt block located in any FAC region.

Parameters:

• key (bytes) – user for encryption

• start_addr (int) – start address of the data

• data (bytes) – binary block to be encrypted; the block size must be BEE_ENCR_BLOCK_SIZE

Return type:

bytes

Returns:

encrypted block if it is inside any FAC region; untouched block if it is not in any FAC region

Raises:

• SPSDKError – When incorrect length of binary block

• SPSDKError – When encryption mode different from AES/CTR provided

• SPSDKError – When invalid length of key

• SPSDKError – When invalid range of region

export()

Return type:

bytes

Returns:

binary representation of the region (serialization).

property fac_count: int

Returns:

number of Factory Access Control regions.

classmethod get_size()

Return type:

int

Returns:

size of the exported binary data in bytes.

is_inside_region(start_addr)

Returns true if the start address lies within any FAC region.

Parameters:

start_addr (int) – start address of the data

Return type:

bool

classmethod parse(data)

Deserialization.

Parameters:

data (bytes) – binary data to be parsed

Return type:

Self

Returns:

instance created from binary data

Raises:

SPSDKError – If format does not match

update()

Updates start and end address of the encryption region.

Return type:

None

validate()

Validates settings of the instance.

Return type:

None

class spsdk.image.bee.BeeProtectRegionBlockAesMode(tag, label, description=None)

Bases: SpsdkEnum

AES mode selection for BEE PRDB encryption.

CTR = (1, 'CTR')

ECB = (0, 'ECB')

class spsdk.image.bee.BeeRegionHeader(prdb=None, sw_key=None, kib=None)

Bases: BeeBaseClass

BEE keys and regions header.

Constructor.

Parameters:

• prdb (Optional[BeeProtectRegionBlock]) – protect region block; None to use default

• sw_key (Optional[bytes]) – key used to encrypt KIB content

• kib (Optional[BeeKIB]) – keys block; None to use default

PRDB_OFFSET = 128

SIZE = 512

add_fac(fac)

Append FAC region.

Parameters:

fac (BeeFacRegion) – to be added

Return type:

None

encrypt_block(start_addr, data)

Encrypt block located in any FAC region.

Parameters:

• start_addr (int) – start address of the data

• data (bytes) – binary block to be encrypted; the block size must be BEE_ENCR_BLOCK_SIZE

Return type:

bytes

Returns:

encrypted block if it is inside any FAC region; untouched block if it is not in any FAC region

export()

Serialization to binary representation.

Return type:

bytes

Returns:

binary representation of the region (serialization).

property fac_regions: Sequence[BeeFacRegion]

Returns:

lift of Factory Access Control regions.

classmethod get_size()

Return type:

int

Returns:

size of the exported binary data in bytes.

is_inside_region(start_addr)

Returns true if the start address lies within any FAC region.

Parameters:

start_addr (int) – start address of the data

Return type:

bool

classmethod parse(data, sw_key=b'')

Deserialization.

Parameters:

• data (bytes) – binary data to be parsed

• sw_key (bytes) – SW key used to decrypt the EKIB data

Return type:

Self

Returns:

instance created from binary data

Raises:

SPSDKError – If invalid sw key

sw_key_fuses()

Return type:

Sequence[int]

Returns:

sequence of fuse values for SW key to be burned into processor.

The result is ordered, first value should be burned to the lowest address.

update()

Updates internal fields of the instance.

Return type:

None

validate()

Validates settings of the instance.

Raises:

SPSDKError – If settings invalid

Return type:

None

Support for KeyStore used in MasterBootImage

Module provides support for KeyStore used in MasterBootImage.

class spsdk.image.keystore.KeySourceType(tag, label, description=None)

Bases: SpsdkEnum

Device key source.

KEYSTORE = (1, 'KEYSTORE', 'Device keys stored in KeyStore')

OTP = (0, 'OTP', 'Device keys stored in OTP')

class spsdk.image.keystore.KeyStore(key_source, key_store=None)

Bases: object

Provide info about KeyStore for MaterBootImage.

Initialize Keystore.

Parameters:

• key_source (KeySourceType) – device key source

• key_store (Optional[bytes]) – initial content of the key store in the bootable image; None if empty

Raises:

• SPSDKError – If invalid key-store size

• SPSDKError – KeyStore can be initialized only if key_source == KEYSTORE

KEY_STORE_SIZE = 1424

OTFAD_KEY_SIZE = 16

OTP_MASTER_KEY_SIZE = 32

SBKEK_SIZE = 32

static derive_enc_image_key(master_key)

Derive “enc_image_key” from master key.

Parameters:

master_key (bytes) – stored in OTP

Return type:

bytes

Returns:

key used to decrypt encrypted images during boot

Raises:

SPSDKError – If invalid length of master key

static derive_hmac_key(hmac_key)

Derive HMAC from master or user key.

Parameters:

hmac_key (bytes) – either master-key (for key_source == OTP) or user key (for key_source == KEYSTORE)

Return type:

bytes

Returns:

key used for image header authentication in LoadToRam images

Raises:

SPSDKError – If invalid length of hmac key

static derive_otfad_kek_key(master_key, otfad_input)

Derive OTFAD KEK key from master key and OTFAD input.

Parameters:

• master_key (bytes) – 32 bytes key, stored in OTP

• otfad_input (bytes) – 16 bytes input, stored in OTP

Return type:

bytes

Returns:

OTFAD encryption key for FLASH encryption/decryption

Raises:

• SPSDKError – If invalid length of master key

• SPSDKError – If invalid length of input

static derive_sb_kek_key(master_key)

Derive SBKEK key from master key.

Parameters:

master_key (bytes) – 32 bytes key, stored in OTP

Return type:

bytes

Returns:

encryption key to handle SB2 file (update capsule)

Raises:

SPSDKError – If invalid length of master key

export()

Binary key store content; empty bytes for empty key-store.

Return type:

bytes

property key_source: KeySourceType

Device key source.

Master Boot Image

Master Boot Image.

class spsdk.image.mbi.mbi.MasterBootImage(family, **kwargs)

Bases: FeatureBaseClass

Master Boot Image Interface.

Initialization of MBI.

Parameters:

kwargs (Any) – Various input parameters based on used dynamic class.

FEATURE: str = 'mbi'

IMAGE_AUTHENTICATIONS = 'plain'

IMAGE_TARGET = 'load_to_ram'

IMAGE_TYPE = (0, 'PLAIN_IMAGE', 'Plain Image (either XIP or Load-to-RAM)')

app: Optional[bytes]

property app_len: int

Compute application data length.

Returns:

Final image data length.

app_table: Optional[MultipleImageTable]

cert_block: Union[CertBlockV1, CertBlockV21, CertBlockVx, None]

collect_data: Callable[[], BinaryImage]

classmethod create_mbi_class(name, family)

Create Master Boot image class.

Parameters:

• name (str) – Name of Class

• family (FamilyRevision) – Name of chip family

Return type:

Type[Self]

Returns:

Master Boot Image class

disassemble_image: Callable[[bytes], None]

encrypt: Callable[[BinaryImage, bool], BinaryImage]

export()

Export final bootable image.

Return type:

bytes

Returns:

Bootable Image in bytes.

export_image()

Export final bootable image.

Return type:

BinaryImage

Returns:

Bootable Image in Binary Image format.

finalize: Callable[[BinaryImage, bool], BinaryImage]

get_config(data_path='./')

Create configuration file and its data files from the MBI class.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_image_type(family, data)

Get image type from MBI data and family.

Parameters:

• family (FamilyRevision) – device family to be fetched from DB

• data (bytes) – MBI raw data

Return type:

int

Returns:

Image type int representation

classmethod get_mbi_class(config)

Get Master Boot Image class.

Raises:

SPSDKUnsupportedImageType – The invalid configuration.

Return type:

Type[Self]

Returns:

MBI Class.

classmethod get_mbi_classes(family)

Get all Master Boot Image supported classes for chip family.

Parameters:

family (FamilyRevision) – Chip family.

Raises:

SPSDKValueError – The invalid family.

Return type:

dict[str, tuple[Type[Self], str, str]]

Returns:

Dictionary with key like image name and values are Tuple with it’s MBI Class and target and authentication type.

classmethod get_validation_schemas(family)

Create the validation schema for current image type.

Parameters:

family (FamilyRevision) – Family description.

Return type:

list[dict[str, Any]]

Returns:

Validation schema.

classmethod get_validation_schemas_basic()

Create the validation family schema for current image type.

Return type:

list[dict[str, Any]]

Returns:

Validation schema.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

classmethod hash()

Unique identifier for MasterBootImage class based on mixins.

Return type:

str

Returns:

Acronym for each MBI base class separated by “-”

classmethod load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

Self

classmethod parse(data, family=Unknown, Revision: latest, dek=None)

Parse the final image to individual fields.

Parameters:

• data (bytes) – Final Image in bytes

• family (FamilyRevision) – Device family

• dek (Optional[str]) – The decryption key for encrypted images

Raises:

SPSDKParsingError – Cannot determinate the decoding class

Return type:

Self

Returns:

MBI parsed class

post_encrypt: Callable[[BinaryImage, bool], BinaryImage]

property rkth: bytes | None

Get Root Key Table Hash from certificate block if present.

Returns:

Root Key Table Hash as hex string.

sign: Callable[[BinaryImage, bool], BinaryImage]

property total_len: int

Compute Master Boot Image data length.

Returns:

Final image data length.

property total_length_for_cert_block: int

Compute Master Boot Image data length.

Returns:

Final image data length.

validate()

Validate the setting of image.

Return type:

None

spsdk.image.mbi.mbi.mbi_generate_config_templates(family)

Generate all possible configuration for selected family.

Parameters:

family (FamilyRevision) – Family description.

Return type:

dict[str, str]

Returns:

Dictionary of individual templates (key is name of template, value is template itself).

Master Boot Image - miscellaneous functions

Misc.

spsdk.image.misc.dict_diff(main, mod)

Return a difference between two dictionaries if key is not present in main, it’s skipped.

Return type:

dict

spsdk.image.misc.hexdump_fmt(data, tab=4, length=16, sep=':')

Dump some potentially larger data in hex.

Return type:

str

spsdk.image.misc.modulus_fmt(modulus, tab=4, length=15, sep=':')

Modulus format.

Return type:

str

spsdk.image.misc.read_raw_data(stream, length, index=None, no_seek=False)

Read raw data.

Return type:

bytes

Master Boot Image - mixin classes

Master Boot Image.

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixin

Bases: object

Base MBI Export Mixin class.

collect_data()

Collect basic data to create image.

Return type:

BinaryImage

Returns:

Collected raw image.

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

encrypt(image, revert=False)

Encrypt image if needed.

Parameters:

• image (BinaryImage) – Input raw image to encrypt.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Encrypted image.

family: FamilyRevision

finalize(image, revert=False)

Finalize the image for export.

This part could add HMAC/KeyStore etc.

Parameters:

• image (BinaryImage) – Input image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Finalized image suitable for export.

post_encrypt(image, revert=False)

Optionally do some post encrypt image updates.

Parameters:

• image (BinaryImage) – Encrypted image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Updated encrypted image.

sign(image, revert=False)

Sign image (by signature or CRC).

Parameters:

• image (BinaryImage) – Image to sign.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Optionally signed image.

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinApp

Bases: Mbi_ExportMixin

Export Mixin to handle simple application data.

BCA_OFFSET: int

FCF_OFFSET: int

app: Optional[bytes]

app_table: MultipleImageTable

bca: Optional[BCA]

clean_ivt: Callable[[bytes], bytes]

collect_data()

Collect application data including update of bca and fcf.

Return type:

BinaryImage

Returns:

Image with updated bca and fcf.

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

disassembly_app_data: Callable[[bytes], bytes]

fcf: Optional[FCF]

ivt_table: Mbi_MixinIvt

total_len: Any

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppBcaFcf

Bases: Mbi_ExportMixin

Export Mixin to handle application data with optional BCA and FCF.

IMG_BCA_OFFSET = 960

IMG_DATA_START = 3072

IMG_DIGEST_OFFSET = 864

IMG_DUK_BLOCK_OFFSET = 2048

IMG_FCF_OFFSET = 1024

IMG_ISK_HASH_OFFSET = 1184

IMG_ISK_OFFSET = 1040

IMG_SIGNATURE_OFFSET = 896

IMG_WPC_MFG_CA_CERT_OFFSET = 1536

IMG_WPC_ROOT_CA_CERT_HASH_OFFSET = 1504

app: bytes

bca: BCA

check_fcf()

Validate FCF configuration and verify only lifecycle value has been modified.

This method performs two validations: 1. Verifies the lifecycle value is supported by checking against the enum values defined in the FCF LIFECYCLE register 2. Ensures that no FCF registers other than LIFECYCLE have been modified from their reset values

The FCF (Flash Configuration Field) is a critical security component where typically only the lifecycle value should be changed.

Raises:

SPSDKError – If the lifecycle value is not supported or if any other FCF register has been modified from its reset value

Return type:

None

collect_data()

Collect application data and update BCA (if present) and FCF.

Return type:

BinaryImage

Returns:

Binary Image with updated BCA (if present) and FCF.

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

fcf: FCF

property image_size: int

Image size used in BCA.

just_header: bool

total_len: int

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppCertBlockManifest

Bases: Mbi_ExportMixin

Export Mixin to handle simple application data, Certification block and Manifest.

app: Optional[bytes]

app_len: int

cert_block: Union[CertBlockV1, CertBlockV21, None]

collect_data()

Collect application data, Certification Block and Manifest including update IVT.

Raises:

SPSDKError – When either application data or certification block or manifest is missing

Return type:

BinaryImage

Returns:

Image with updated IVT and added Certification Block with Manifest.

data_to_sign: Optional[bytes]

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

disassembly_app_data: Callable[[bytes], bytes]

finalize(image, revert=False)

Finalize the image for export by adding HMAC a optionally KeyStore.

Parameters:

• image (BinaryImage) – Input image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Finalized image suitable for export.

ivt_table: Mbi_MixinIvt

manifest: Optional[TypeVar(T_Manifest, MasterBootImageManifest, MasterBootImageManifestDigest, MasterBootImageManifestCrc)]

total_len: int

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppTrustZone

Bases: Mbi_ExportMixinApp

Export Mixin to handle simple application data and TrustZone.

collect_data()

Collect application data and TrustZone including update IVT.

Return type:

BinaryImage

Returns:

Image with updated IVT and added TrustZone.

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

family: FamilyRevision

trust_zone: Optional[TrustZone]

tz_type: TrustZoneType

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppTrustZoneCertBlock

Bases: Mbi_ExportMixin

Export Mixin to handle simple application data, TrustZone and Certification block.

app: Optional[bytes]

app_len: int

app_table: MultipleImageTable

cert_block: Union[CertBlockV1, CertBlockV21, None]

collect_data()

Collect application data and TrustZone including update IVT.

Return type:

BinaryImage

Returns:

Image with updated IVT and added TrustZone.

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

disassembly_app_data: Callable[[bytes], bytes]

family: FamilyRevision

ivt_table: Mbi_MixinIvt

total_len: int

total_length_for_cert_block: int

trust_zone: Optional[TrustZone]

tz_type: TrustZoneType

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppTrustZoneCertBlockEncrypt

Bases: Mbi_ExportMixin

Export Mixin to handle simple application data, TrustZone and Certification block.

HMAC_OFFSET: int

app: Optional[bytes]

app_len: int

app_table: MultipleImageTable

cert_block: Union[CertBlockV1, CertBlockV21, None]

collect_data()

Collect application data and TrustZone including update IVT.

Return type:

BinaryImage

Returns:

Image with updated IVT and added TrustZone.

ctr_init_vector: bytes

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

disassembly_app_data: Callable[[bytes], bytes]

encrypt(image, revert=False)

Encrypt image if needed.

Parameters:

• image (BinaryImage) – Input raw image to encrypt.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Encrypted image.

hmac_key: Optional[bytes]

property img_len: int

Image length of encrypted legacy image.

ivt_table: Mbi_MixinIvt

key_store: Optional[KeyStore]

post_encrypt(image, revert=False)

Optionally do some post encrypt image updates.

Parameters:

• image (BinaryImage) – Encrypted image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Updated encrypted image.

total_len: int

trust_zone: Optional[TrustZone]

tz_type: TrustZoneType

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinAppTrustZoneCertBlockV2

Bases: Mbi_ExportMixin

Export Mixin to handle simple application data, TrustZone and Certification block V21.

app: Optional[bytes]

app_len: int

cert_block: Union[CertBlockV1, CertBlockV21, None]

collect_data()

Collect application data, Certification Block and Manifest including update IVT.

Raises:

SPSDKError – When either application data or certification block or manifest is missing

Return type:

BinaryImage

Returns:

Image with updated IVT and added Certification Block with Manifest.

data_to_sign: Optional[bytes]

disassemble_image(image)

Disassemble image to individual parts from image.

Parameters:

image (bytes) – Image.

Return type:

None

disassembly_app_data: Callable[[bytes], bytes]

ivt_table: Mbi_MixinIvt

total_len: int

trust_zone: Optional[TrustZone]

tz_type: TrustZoneType

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinCrcSign

Bases: Mbi_ExportMixin

Export Mixin to handle sign by CRC.

IVT_CRC_CERTIFICATE_OFFSET: int

sign(image, revert=False)

Do simple calculation of CRC and return updated image with it.

Parameters:

• image (BinaryImage) – Input raw image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Image enriched by CRC in IVT table.

update_crc_val_cert_offset: Callable[[bytes, int], bytes]

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinCrcSignBca

Bases: Mbi_ExportMixin

Export Mixin to handle sign by CRC in BCA.

IMG_DATA_START: int

app: bytes

bca: BCA

image_size: int

sign(image, revert=False)

Do simple calculation of CRC and return updated image with it.

Parameters:

• image (BinaryImage) – Input raw image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Image enriched by CRC of application.

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinEccSign

Bases: Mbi_ExportMixin

Export Mixin to handle sign by ECC.

cert_block: Union[CertBlockV1, CertBlockV21, None]

data_to_sign: Optional[bytes]

sign(image, revert=False)

Do calculation of ECC signature and return updated image with it.

Parameters:

• image (BinaryImage) – Input raw image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Image enriched by ECC signature at end of image.

signature_provider: Optional[SignatureProvider]

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinEccSignVx

Bases: Mbi_ExportMixin

Export Mixin to handle sign by ECC.

IMG_BCA_OFFSET: int

IMG_DATA_START: int

IMG_DIGEST_OFFSET: int

IMG_FCF_OFFSET: int

add_hash: bool

app: Optional[bytes]

bca: BCA

cert_block: CertBlockVx

image_size: int

sign(image, revert=False)

Do calculation of ECC signature and digest and return updated image with it.

Parameters:

• image (BinaryImage) – Input raw image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Image enriched by ECC signature and SHA256 digest.

signature_provider: Optional[SignatureProvider]

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinHmacKeyStoreFinalize

Bases: Mbi_ExportMixin

Export Mixin to handle finalize by HMAC and optionally KeyStore.

HMAC_OFFSET: int

HMAC_SIZE: int

compute_hmac: Callable[[bytes], bytes]

finalize(image, revert=False)

Finalize the image for export by adding HMAC a optionally KeyStore.

Parameters:

• image (BinaryImage) – Input image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Finalized image suitable for export.

ivt_table: Mbi_MixinIvt

key_store: Optional[KeyStore]

class spsdk.image.mbi.mbi_mixin.Mbi_ExportMixinRsaSign

Bases: Mbi_ExportMixin

Export Mixin to handle sign by RSA.

cert_block: Union[CertBlockV1, CertBlockV21, None]

sign(image, revert=False)

Do calculation of RSA signature and return updated image with it.

Parameters:

• image (BinaryImage) – Input raw image.

• revert (bool) – Revert the operation if possible.

Return type:

BinaryImage

Returns:

Image enriched by RSA signature at end of image.

signature_provider: Optional[SignatureProvider]

class spsdk.image.mbi.mbi_mixin.Mbi_Mixin

Bases: object

Base class for Master BOtt Image Mixin classes.

COUNT_IN_LEGACY_CERT_BLOCK_LEN: bool = True

NEEDED_MEMBERS: dict[str, Any] = {}

PRE_PARSED: list[str] = []

VALIDATION_SCHEMAS: list[str] = []

family: FamilyRevision

mix_app_len()

Compute application data length of individual mixin.

Return type:

int

Returns:

Application data length of atomic Mixin.

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

classmethod mix_get_validation_schemas(family)

Get validation schemas from mixin.

Parameters:

family (FamilyRevision) – Family revision to get schemas

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

mix_init()

Initialize mixin.

Return type:

None

mix_len()

Compute length of individual mixin.

Return type:

int

Returns:

Length of atomic Mixin.

mix_load_from_config(config)

Load configuration of mixin from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinApp

Bases: Mbi_Mixin

Master Boot Image App class.

NEEDED_MEMBERS: dict[str, Any] = {'_app': b'', 'app_ext_memory_align': 4096}

VALIDATION_SCHEMAS: list[str] = ['app']

property app: bytes

Application data.

app_ext_memory_align: int

load_binary_image_file(path)

Load binary image from file (S19,HEX,BIN).

Parameters:

path (str) – File path

Raises:

SPSDKError – If invalid data file is detected.

Return type:

None

mix_app_len()

Compute application data length of individual mixin.

Return type:

int

Returns:

Application data length of atomic Mixin.

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get size of plain input application image.

Return type:

int

Returns:

Length of application.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_validate()

Validate the app.

Raises:

SPSDKError – The application format is invalid.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinBca

Bases: Mbi_Mixin

Master Boot Image BCA class.

BCA_OFFSET = 960

NEEDED_MEMBERS: dict[str, Any] = {'bca': None}

VALIDATION_SCHEMAS: list[str] = ['bca']

app: bytes

bca: Optional[BCA]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

classmethod mix_get_validation_schemas(family)

Get validation schemas from BCA mixin.

Parameters:

family (FamilyRevision) – Family revision to get schemas

Return type:

list[dict[str, Any]]

mix_len()

Get length of BCA.

Return type:

int

Returns:

Length of BCA.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – Configuration of BCA is invalid.

Return type:

None

total_len: Any

class spsdk.image.mbi.mbi_mixin.Mbi_MixinCertBlockV1

Bases: Mbi_Mixin

Master Boot Image certification block V1 class.

HMAC_SIZE: int

NEEDED_MEMBERS: dict[str, Any] = {'cert_block': None, 'signature_provider': None}

VALIDATION_SCHEMAS: list[str] = ['cert_block_v1', 'signer']

cert_block: Optional[CertBlockV1]

get_key_store_presented: Callable[[bytes], int]

ivt_table: Mbi_MixinIvt

key_store: Optional[KeyStore]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of Certificate Block V1.

Return type:

int

Returns:

Length of Certificate Block V1.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – Configuration of Certificate block v1 is invalid.

Return type:

None

signature_provider: Optional[SignatureProvider]

total_len: Any

class spsdk.image.mbi.mbi_mixin.Mbi_MixinCertBlockV21

Bases: Mbi_Mixin

Master Boot Image certification block V3.1 class.

NEEDED_MEMBERS: dict[str, Any] = {'cert_block': None, 'signature_provider': None}

VALIDATION_SCHEMAS: list[str] = ['cert_block_v21', 'signer']

cert_block: Optional[CertBlockV21]

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of Certificate Block V2.1.

Return type:

int

Returns:

Length of Certificate Block V2.1.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – The configuration of Certificate v3.1 is invalid.

Return type:

None

signature_provider: Optional[SignatureProvider]

class spsdk.image.mbi.mbi_mixin.Mbi_MixinCertBlockVx

Bases: Mbi_Mixin

Master Boot Image certification block for MC55xx class.

IMG_ISK_OFFSET: int

NEEDED_MEMBERS: dict[str, Any] = {'cert_block': None, 'signature_provider': None}

VALIDATION_SCHEMAS: list[str] = ['cert_block_vX', 'signer', 'just_header']

add_hash: bool

cert_block: CertBlockVx

just_header: bool

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – The configuration of certificate block is invalid.

Return type:

None

signature_provider: Optional[SignatureProvider]

class spsdk.image.mbi.mbi_mixin.Mbi_MixinCtrInitVector

Bases: Mbi_Mixin

Master Boot Image initial vector for encryption counter.

HMAC_SIZE: int

NEEDED_MEMBERS: dict[str, Any] = {'_ctr_init_vector': b'K\xfa\xd9\xae\xbb&~\xee8\x0b\x06\xeb)mv{'}

PRE_PARSED: list[str] = ['cert_block']

VALIDATION_SCHEMAS: list[str] = ['ctr_init_vector']

cert_block: Union[CertBlockV1, CertBlockV21, None]

property ctr_init_vector: bytes | None

Counter init vector.

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

raise SPSDKError: Invalid HW key enabled member type.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinFcf

Bases: Mbi_Mixin

Master Boot Image FCF class.

FCF_OFFSET = 1024

NEEDED_MEMBERS: dict[str, Any] = {'fcf': None}

VALIDATION_SCHEMAS: list[str] = ['fcf']

app: bytes

fcf: Optional[FCF]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

classmethod mix_get_validation_schemas(family)

Get validation schemas from FCF mixin.

Parameters:

family (FamilyRevision) – Family revision to get schemas

Return type:

list[dict[str, Any]]

mix_len()

Get length of FCF.

Return type:

int

Returns:

Length of FCF.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – Configuration of FCF is invalid.

Return type:

None

total_len: Any

class spsdk.image.mbi.mbi_mixin.Mbi_MixinFwVersion

Bases: Mbi_Mixin

Master Boot Image FirmWare Version class.

NEEDED_MEMBERS: dict[str, Any] = {'manifest': None}

VALIDATION_SCHEMAS: list[str] = ['firmware_version']

firmware_version: Optional[int]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinHmac

Bases: Mbi_Mixin

Master Boot Image HMAC class.

COUNT_IN_LEGACY_CERT_BLOCK_LEN: bool = False

HMAC_OFFSET = 64

HMAC_SIZE = 32

NEEDED_MEMBERS: dict[str, Any] = {'_hmac_key': None}

VALIDATION_SCHEMAS: list[str] = ['hmac']

compute_hmac(data)

Compute HMAC hash.

Parameters:

data (bytes) – Data to be hashed.

Return type:

bytes

Returns:

Result HMAC hash of input data.

dek: Optional[str]

property hmac_key: bytes | None

HMAC key in bytes.

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of HMAC block.

Return type:

int

Returns:

Length of HMAC block.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

raise SPSDKError: Invalid HW key enabled member type.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinHmacMandatory

Bases: Mbi_MixinHmac

Master Boot Image HMAC class (Mandatory use).

VALIDATION_SCHEMAS: list[str] = ['hmac_mandatory']

mix_validate()

Validate the setting of image.

raise SPSDKError: Invalid HW key enabled member type.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinHwKey

Bases: Mbi_Mixin

Master Boot Image HW key user modes enable class.

NEEDED_MEMBERS: dict[str, Any] = {'user_hw_key_enabled': False}

VALIDATION_SCHEMAS: list[str] = ['hw_key']

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

raise SPSDKError: Invalid HW key enabled member type.

Return type:

None

user_hw_key_enabled: Optional[bool]

class spsdk.image.mbi.mbi_mixin.Mbi_MixinImageSubType

Bases: Mbi_Mixin

Master Boot Image SubType class.

class Mbi_ImageSubTypeKw45xx(tag, label, description=None)

Bases: SpsdkEnum

Supported MAIN and NBU subtypes for KW45xx and K32W1xx.

MAIN = (0, 'MAIN', 'Default (main) application image')

NBU = (1, 'NBU', 'NBU (Narrowband Unit) image')

class Mbi_ImageSubTypeMcxn9xx(tag, label, description=None)

Bases: SpsdkEnum

Supported MAIN and NBU subtypes for MCXN9xx.

MAIN = (0, 'MAIN', 'Default (main) application image')

RECOVERY = (1, 'RECOVERY', 'Recovery image')

NEEDED_MEMBERS: dict[str, Any] = {'image_subtype': 0}

VALIDATION_SCHEMAS: list[str] = ['image_subtype']

image_subtype: Optional[int]

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.mb_xip_384_384_recovery_crctest

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

set_image_subtype(image_subtype)

Convert string value to int by enum table and store to class.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinImageVersion

Bases: Mbi_Mixin

Master Boot Image Image Version class.

NEEDED_MEMBERS: dict[str, Any] = {'image_version': 0}

VALIDATION_SCHEMAS: list[str] = ['image_version']

image_version: Optional[int]

image_version_to_image_type: bool = True

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinIvt

Bases: Mbi_Mixin

Master Boot Image Interrupt Vector table class.

IMAGE_TYPE: MbiImageTypeEnum

IVT_CRC_CERTIFICATE_OFFSET = 40

IVT_IMAGE_FLAGS_IMAGE_TYPE_MASK = 63

IVT_IMAGE_FLAGS_IMG_VER_MASK = 65535

IVT_IMAGE_FLAGS_IMG_VER_SHIFT = 16

IVT_IMAGE_FLAGS_OFFSET = 36

IVT_IMAGE_FLAGS_SUB_TYPE_MASK = 3

IVT_IMAGE_FLAGS_SUB_TYPE_SHIFT = 6

IVT_IMAGE_FLAGS_TZ_TYPE_MASK = 3

IVT_IMAGE_FLAGS_TZ_TYPE_SHIFT = 13

IVT_IMAGE_LENGTH_OFFSET = 32

IVT_LOAD_ADDR_OFFSET = 52

app_table: Optional[MultipleImageTable]

classmethod check_total_length(data)

Check total length field from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Raises:

SPSDKParsingError – Insufficient length of image has been detected.

Return type:

None

clean_ivt(app_data)

Clean IVT table from added information.

Parameters:

app_data (bytes) – Application data that should be cleaned.

Return type:

bytes

Returns:

Cleaned application image

create_flags()

Create flags of image.

Return type:

int

Returns:

Image type flags

classmethod get_app_table_presented(data)

Get the Multiple Application table present flag from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Multiple Application table is included or not.

classmethod get_cert_block_offset(data)

Get the certificate block offset from raw data.

During getting of cert block offset, the length is also validated.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Certificate block offset

classmethod get_cert_block_offset_from_data(data)

Get the certificate block offset from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Certificate block offset

classmethod get_flags(data)

Get the Image flags from raw data.

During getting of flags, the length is also validated.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Image Flags

classmethod get_flags_from_data(data)

Get the Image flags from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Image Flags

classmethod get_hw_key_enabled(data)

Get the HW key enabled setting from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

bool

Returns:

HW key enabled or not.

classmethod get_image_type(data)

Get the Image type from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Image type

classmethod get_image_version(data)

Get the Image firmware version from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Firmware version.

classmethod get_key_store_presented(data)

Get the KeyStore present flag from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

KeyStore is included or not.

classmethod get_load_address(data)

Get the load address from raw data.

During getting of flags, the length is also validated.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Load address

classmethod get_load_address_from_data(data)

Get the load address from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Load address

classmethod get_sub_type(data)

Get the Image sub type from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

Image sub type.

classmethod get_tz_type(data)

Get the Image TrustZone type settings from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Return type:

int

Returns:

TrustZone type.

image_subtype: Optional[int]

image_version: Optional[int]

image_version_to_image_type: bool

property ivt_table: Self

Get ivt table itself.

Returns:

Current mixin IVT object.

key_store: Optional[KeyStore]

load_address: Optional[int]

trust_zone: Optional[TrustZone]

tz_type: Optional[TrustZoneType]

update_crc_val_cert_offset(app_data, crc_val_cert_offset)

Update value just of CRC/Certificate offset field.

Parameters:

• app_data (bytes) – Input binary array.

• crc_val_cert_offset (int) – CRC/Certificate offset value.

Return type:

bytes

Returns:

Updated binary array.

update_ivt(app_data, total_len, crc_val_cert_offset=0)

Update IVT table in application image.

Parameters:

• app_data (bytes) – Application data that should be modified.

• total_len (int) – Total length of bootable image

• crc_val_cert_offset (int) – CRC value or Certification block offset

Return type:

bytes

Returns:

Updated whole application image

user_hw_key_enabled: Optional[bool]

class spsdk.image.mbi.mbi_mixin.Mbi_MixinIvtZeroTotalLength

Bases: Mbi_MixinIvt

Master Boot Image Interrupt Vector table class for XIP image.

classmethod check_total_length(data)

Check total length field from raw data.

Parameters:

data (bytes) – Raw MBI image data.

Raises:

SPSDKParsingError – Insufficient length of image has been detected.

Return type:

None

update_ivt(app_data, total_len, crc_val_cert_offset=0)

Update IVT table in application image.

Parameters:

• app_data (bytes) – Application data that should be modified.

• total_len (int) – Total length of bootable image

• crc_val_cert_offset (int) – CRC value or Certification block offset

Return type:

bytes

Returns:

Updated whole application image

class spsdk.image.mbi.mbi_mixin.Mbi_MixinKeyStore

Bases: Mbi_Mixin

Master Boot Image KeyStore class.

COUNT_IN_LEGACY_CERT_BLOCK_LEN: bool = False

HMAC_OFFSET: int

HMAC_SIZE: int

NEEDED_MEMBERS: dict[str, Any] = {'_hmac_key': None, 'key_store': None}

VALIDATION_SCHEMAS: list[str] = ['key_store']

hmac_key: Optional[bytes]

ivt_table: Mbi_MixinIvt

key_store: Optional[KeyStore]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of KeyStore block.

Return type:

int

Returns:

Length of KeyStore block.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

raise SPSDKError: Invalid HW key enabled member type.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinLoadAddress

Bases: Mbi_Mixin

Master Boot Image load address class.

NEEDED_MEMBERS: dict[str, Any] = {'load_address': 0}

VALIDATION_SCHEMAS: list[str] = ['load_addr']

ivt_table: Mbi_MixinIvt

load_address: Optional[int]

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinLoadAddressOptional

Bases: Mbi_MixinLoadAddress

Master Boot Image optional load address class.

VALIDATION_SCHEMAS: list[str] = ['load_addr_optional']

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinManifest

Bases: Mbi_MixinTrustZoneMandatory

Master Boot Image Manifest class.

NEEDED_MEMBERS: dict[str, Any] = {'cert_block': None, 'family': 'Unknown', 'manifest': None, 'revision': 'latest', 'trust_zone': None}

PRE_PARSED: list[str] = ['cert_block']

VALIDATION_SCHEMAS: list[str] = ['trust_zone_mandatory', 'firmware_version']

cert_block: Union[CertBlockV1, CertBlockV21, None]

firmware_version: Optional[int]

ivt_table: Mbi_MixinIvt

manifest: Optional[MasterBootImageManifest]

manifest_class

alias of MasterBootImageManifest

mix_len()

Get length of Manifest block.

Return type:

int

Returns:

Length of Manifest block.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – The manifest configuration is invalid.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinManifestCrc

Bases: Mbi_MixinManifest

Master Boot Image Manifest class with CRC.

manifest: Optional[MasterBootImageManifestCrc]

manifest_class

alias of MasterBootImageManifestCrc

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinManifestDigest

Bases: Mbi_MixinManifest

Master Boot Image Manifest class for devices supporting ImageDigest functionality.

VALIDATION_SCHEMAS: list[str] = ['trust_zone_mandatory', 'firmware_version']

manifest: Optional[MasterBootImageManifestDigest]

manifest_class

alias of MasterBootImageManifestDigest

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of Manifest block.

Return type:

int

Returns:

Length of Manifest block.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinRelocTable

Bases: Mbi_Mixin

Master Boot Image Relocation table class.

NEEDED_MEMBERS: dict[str, Any] = {'_app': None, 'app_table': None}

VALIDATION_SCHEMAS: list[str] = ['app_table']

app: Optional[bytes]

app_table: Optional[MultipleImageTable]

disassembly_app_data(data)

Disassembly Application data to application and optionally Multiple Application Table.

Return type:

bytes

Returns:

Application data without Multiple Application Table which will be stored in class.

mix_app_len()

Compute application data length of individual mixin.

Return type:

int

Returns:

Application data length of atomic Mixin.

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of additional binaries block.

Return type:

int

Returns:

Length of additional binaries block.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – Application table configuration is invalid.

Return type:

None

class spsdk.image.mbi.mbi_mixin.Mbi_MixinTrustZone

Bases: Mbi_Mixin

Master Boot Image Trust Zone class.

NEEDED_MEMBERS: dict[str, Any] = {'family': 'Unknown', 'revision': 'latest', 'trust_zone': None}

PRE_PARSED: list[str] = ['cert_block']

VALIDATION_SCHEMAS: list[str] = ['trust_zone']

cert_block: Union[CertBlockV1, CertBlockV21, None]

ivt_table: Mbi_MixinIvt

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_len()

Get length of TrustZone array.

Return type:

int

Returns:

Length of TrustZone.

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_parse(data)

Parse the binary to individual fields.

Parameters:

data (bytes) – Final Image in bytes.

Return type:

None

trust_zone: Optional[TrustZone]

property tz_type: TrustZoneType

Trustzone type.

class spsdk.image.mbi.mbi_mixin.Mbi_MixinTrustZoneMandatory

Bases: Mbi_MixinTrustZone

Master Boot Image Trust Zone class for devices where is Trustzone mandatory.

VALIDATION_SCHEMAS: list[str] = ['trust_zone_mandatory']

family: FamilyRevision

mix_get_config(output_folder)

Get the configuration of the mixin.

Parameters:

output_folder (str) – Output folder to store files.

Return type:

dict[str, Any]

mix_init()

Initialize mixin.

Return type:

None

mix_load_from_config(config)

Load configuration from dictionary.

Parameters:

config (Config) – Dictionary with configuration fields.

Return type:

None

mix_validate()

Validate the setting of image.

Raises:

SPSDKError – The TrustZone configuration is invalid.

Return type:

None

trust_zone: Optional[TrustZone]

Image Exceptions

Module provides exceptions for PFR module.

exception spsdk.image.exceptions.SPSDKNotEnoughBytesException(desc=None)

Bases: SPSDKRawDataException

Read_raw_data could not read enough data.

Initialize the base SPSDK Exception.

exception spsdk.image.exceptions.SPSDKRawDataException(desc=None)

Bases: SPSDKError

Raw data read failed.

Initialize the base SPSDK Exception.

exception spsdk.image.exceptions.SPSDKSegmentNotPresent(desc=None)

Bases: SPSDKError

The segment is missing in the image.

Initialize the base SPSDK Exception.

exception spsdk.image.exceptions.SPSDKStreamReadFailed(desc=None)

Bases: SPSDKRawDataException

Read_raw_data could not read stream.

Initialize the base SPSDK Exception.

exception spsdk.image.exceptions.SPSDKUnsupportedImageType(desc=None)

Bases: SPSDKError

The specified Image type is not supported.

Initialize the base SPSDK Exception.

AHAB Container

Implementation of raw AHAB container support.

This module represents a generic AHAB container implementation for NXP’s Advanced High-Assurance Boot architecture. It provides classes to create, parse, and manipulate AHAB containers with customizable parameters.

The implementation supports various container versions and configurations, including: - Basic AHAB containers with signature verification - Encrypted firmware images - Multiple image entries within a container - SRK (Super Root Key) management for secure boot chain

Consult with your device reference manual for allowed values and specific requirements for your target hardware.

class spsdk.image.ahab.ahab_container.AHABContainerBase(chip_config, flags=0, fuse_version=0, sw_version=0, signature_block=None)

Bases: HeaderContainer

Base class representing AHAB container (common for Signed messages and AHAB Image).

Container header structure:

+---------------+----------------+----------------+----------------+
|    Byte 3     |     Byte 2     |      Byte 1    |     Byte 0     |
+---------------+----------------+----------------+----------------+
|      Tag      |              Length             |    Version     |
+---------------+---------------------------------+----------------+
|                              Flags                               |
+---------------+----------------+---------------------------------+
|  # of images  |  Fuse version  |             SW version          |
+---------------+----------------+---------------------------------+
|              Reserved          |       Signature Block Offset    |
+--------------------------------+---------------------------------+
|             Payload (Signed Message or Image Array)              |
+------------------------------------------------------------------+
|                      Signature block                             |
+------------------------------------------------------------------+

This class provides the foundation for all AHAB container implementations, handling the common header format, signature verification, and configuration.

Class object initializer.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

SIGNATURE_BLOCK

alias of SignatureBlock

TAG: Union[int, list[int]] = 0

VERSION: Union[int, list[int]] = 0

NAME = 'Container'

CONTAINER_SIZE = 1024

FLAGS_SRK_SET_OFFSET = 0

FLAGS_SRK_SET_SIZE = 2

FLAGS_USED_SRK_ID_OFFSET = 4

FLAGS_USED_SRK_ID_SIZE = 2

FLAGS_SRK_REVOKE_MASK_OFFSET = 8

FLAGS_SRK_REVOKE_MASK_SIZE = 4

set_flags(srk_set='none', used_srk_id=0, srk_revoke_mask=0)

Set the flags value.

Parameters:

• srk_set (str) – Super Root Key (SRK) set, defaults to “none”

• used_srk_id (int) – Which key from SRK set is being used, defaults to 0

• srk_revoke_mask (int) – SRK revoke mask, defaults to 0

Return type:

None

property flag_srk_set: FlagsSrkSet

SRK set flag in string representation.

Returns:

Name of SRK Set flag.

property flag_used_srk_id: int

Used SRK ID flag.

Returns:

Index of Used SRK ID.

property flag_srk_revoke_keys: int

SRK Revoke mask flag.

Returns:

SRK revoke mask.

property flag_srk_revoke_mask: str

SRK Revoke mask flag.

Returns:

SRK revoke mask in HEX.

property srk_count: int

Get count of used signatures in container.

get_srk_hash(srk_id=0)

Get SRK hash.

Parameters:

srk_id (int) – ID of SRK table in case of using multiple Signatures, default is 0.

Return type:

bytes

Returns:

SHA256 hash of SRK table.

property image_array_len: int

Get image array length if available.

Returns:

Length of image array.

header_length()

Length of AHAB Container header.

Return type:

int

Returns:

Length in bytes of AHAB Container header.

classmethod format()

Format of binary representation.

Return type:

str

update_fields()

Updates all volatile information in whole container structure.

Raises:

SPSDKError – When inconsistent image array length is detected.

Return type:

None

get_signature_data()

Returns binary data to be signed.

The container must be properly initialized, so the data are valid for signing, i.e. the offsets, lengths etc. must be set prior invoking this method, otherwise improper data will be signed.

The whole container gets serialized first. Afterwards the binary data is sliced so only data for signing get’s returned. The signature data length is evaluated based on offsets, namely the signature block offset, the container signature offset and the container signature fixed data length.

Signature data structure:

+---------------------------------------------------+----------------+
|                  Container header                 |                |
+---+---+-----------+---------+--------+------------+     Data       |
| S |   |    tag    | length  | length | version    |                |
| i |   +-----------+---------+--------+------------+                |
| g |   |                  flags                    |      to        |
| n |   +---------------------+---------------------+                |
| a |   |  srk table offset   | certificate offset  |                |
| t |   +---------------------+---------------------+     Sign       |
| u |   |     blob offset     | signature offset    |                |
| r |   +---------------------+---------------------+                |
| e |   |       SRK Table / SRK Table Array         |                |
|   +---+-----------+---------+--------+------------+----------------+
| B | S |   tag     | length  | length | version    | Signature data |
| l | i +-----------+---------+--------+------------+ fixed length   |
| o | g |               Reserved                    |                |
| c | n +-------------------------------------------+----------------+
| k | a |               Signature data              |
|   | t |                                           |
|   | u |                                           |
|   | r |                                           |
|   | e |                                           |
+---+---+-------------------------------------------+

Return type:

bytes

Returns:

bytes representing data to be signed.

sign_itself()

Sign itself if needed.

Return type:

None

classmethod pre_parse_verify(data)

Pre-Parse verify of AHAB container.

Parameters:

data (bytes) – Binary data with Container block to pre-parse.

Return type:

Verifier

Returns:

Verifier of pre-parsed binary data.

load_from_config_generic(config)

Converts the configuration option into an AHAB image object.

“config” content of container configurations.

Parameters:

config (Config) – array of AHAB containers configuration dictionaries.

Return type:

None

post_export(data_path, cnt_ix=None)

Post export actions for AHAB container.

Parameters:

• data_path (str) – Path to store exported data files.

• cnt_ix (Optional[int]) – Container index.

Return type:

list[str]

class spsdk.image.ahab.ahab_container.AHABContainer(chip_config, flags=0, fuse_version=0, sw_version=0, image_array=None, signature_block=None, container_offset=0)

Bases: AHABContainerBase

Class representing AHAB container.

Container header:

+---------------+----------------+----------------+----------------+
|    Byte 3     |     Byte 2     |      Byte 1    |     Byte 0     |
+---------------+----------------+----------------+----------------+
|      Tag      |              Length             |    Version     |
+---------------+---------------------------------+----------------+
|                              Flags                               |
+---------------+----------------+---------------------------------+
|  # of images  |  Fuse version  |             SW version          |
+---------------+----------------+---------------------------------+
|              Reserved          |       Signature Block Offset    |
+----+---------------------------+---------------------------------+
| I  |image0: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+ m  |-------------------------------------------------------------+
| g  |image1: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+ .  |-------------------------------------------------------------+
| A  |...                                                          |
| r  |...                                                          |
| r  |                                                             |
+ a  |-------------------------------------------------------------+
| y  |imageN: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+----+-------------------------------------------------------------+
|                      Signature block                             |
+------------------------------------------------------------------+
|                                                                  |
|                                                                  |
|                                                                  |
+------------------------------------------------------------------+
|                      Data block_0                                |
+------------------------------------------------------------------+
|                                                                  |
|                                                                  |
+------------------------------------------------------------------+
|                      Data block_n                                |
+------------------------------------------------------------------+

Class object initializer.

Chip_config:

Chip configuration for AHAB.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• image_array (Union[list[ImageArrayEntry], list[ImageArrayEntryV2], None]) – array of image entries, must be number of images long.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

TAG: Union[int, list[int]] = 135

IAE_TYPE

alias of ImageArrayEntry

SIGNATURE_BLOCK

alias of SignatureBlock

START_IMAGE_ADDRESS = 8192

START_IMAGE_ADDRESS_NAND = 7168

FLAGS_GDET_ENABLE_OFFSET = 20

FLAGS_GDET_ENABLE_SIZE = 2

class FlagsGdetBehavior(tag, label, description=None)

Bases: SpsdkEnum

Flags Glitch Detector runtime behavior flags.

Disabled = (0, 'disabled', 'Glitch Detector is disabled after the first OEM container has been authenticated (default behavior)')

EnabledEleApi = (1, 'enabled_eleapi', 'Automatically enable Glitch Detector during all ELE API calls')

Enabled = (2, 'enabled', 'Leave Glitch Detector enabled')

property image_array_len: int

Get image array length if available.

Returns:

Length of image array.

property srk_hash: bytes

SRK hash if available.

Returns:

SHA256 hash of SRK table.

header_length()

Length of AHAB Container header.

Return type:

int

Returns:

Length in bytes of AHAB Container header.

update_fields()

Updates all volatile information in whole container structure.

Raises:

SPSDKError – When inconsistent image array length is detected.

Return type:

None

decrypt_data()

Decrypt all images if possible.

Return type:

None

export()

Export container header into bytes.

Return type:

bytes

Returns:

bytes representing container header content including the signature block.

post_export(output_path, cnt_ix=None)

Post-export processing and optional file writing.

Parameters:

• output_path (str) – Base path for output files

• cnt_ix (Optional[int]) – Container index

Return type:

list[str]

Returns:

List of generated file paths

verify()

Verify container data.

Return type:

Verifier

classmethod parse(data, chip_config, offset)

Parse input binary chunk to the container object.

Parameters:

• data (bytes) – Binary data with Container block to parse.

• chip_config (AhabChipConfig) – Ahab image chip configuration.

• offset (int) – AHAB container offset.

Return type:

Self

Returns:

Object recreated from the binary data.

property flag_gdet_runtime_behavior: FlagsGdetBehavior

Glitch detector flag as enumeration.

get_config(data_path='./', index=0)

Create configuration of the AHAB Image.

Parameters:

• index (int) – Container index.

• data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod load_from_config(chip_config, config, container_ix)

Converts the configuration option into an AHAB image object.

“config” content of container configurations.

Parameters:

• chip_config (AhabChipConfig) – Ahab chip configuration.

• config (Config) – array of AHAB containers configuration dictionaries.

• container_ix (int) – Container index that is loaded.

Return type:

Self

Returns:

AHAB Container object.

image_info()

Get Image info object.

Return type:

BinaryImage

Returns:

AHAB Container Info object.

create_srk_hash_fuses_script()

Create fuses script of SRK hash.

Return type:

str

Returns:

Text description of SRK hash.

classmethod get_container_offset(ix)

Get container offset by index.

Parameters:

ix (int) – Container index

Return type:

int

Returns:

Container offset

property start_of_images: int

Get real start of container images.

class spsdk.image.ahab.ahab_container.AHABContainerV1forV2(chip_config, flags=0, fuse_version=0, sw_version=0, image_array=None, signature_block=None, container_offset=0)

Bases: AHABContainer

Class representing AHAB container version 1 which is used in AHAB image with V2 containers.

Class object initializer.

Chip_config:

Chip configuration for AHAB.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• image_array (Union[list[ImageArrayEntry], list[ImageArrayEntryV2], None]) – array of image entries, must be number of images long.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

CONTAINER_SIZE = 16384

TAG: Union[int, list[int]] = 130

class spsdk.image.ahab.ahab_container.AHABContainerV2(chip_config, flags=0, fuse_version=0, sw_version=0, image_array=None, signature_block=None, container_offset=0)

Bases: AHABContainer

Class representing AHAB container.

Container header:

+---------------+----------------+----------------+----------------+
|    Byte 3     |     Byte 2     |      Byte 1    |     Byte 0     |
+---------------+----------------+----------------+----------------+
|      Tag      |              Length             |    Version     |
+---------------+---------------------------------+----------------+
|                              Flags                               |
+---------------+----------------+---------------------------------+
|  # of images  |  Fuse version  |             SW version          |
+---------------+----------------+---------------------------------+
|              Reserved          |       Signature Block Offset    |
+----+---------------------------+---------------------------------+
| I  |image0: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+ m  |-------------------------------------------------------------+
| g  |image1: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+ .  |-------------------------------------------------------------+
| A  |...                                                          |
| r  |...                                                          |
| r  |                                                             |
+ a  |-------------------------------------------------------------+
| y  |imageN: Offset, Size, LoadAddr, EntryPoint, Flags, Hash, IV  |
+----+-------------------------------------------------------------+
|                      Signature block                             |
+------------------------------------------------------------------+
|                                                                  |
|                                                                  |
|                                                                  |
+------------------------------------------------------------------+
|                      Data block_0                                |
+------------------------------------------------------------------+
|                                                                  |
|                                                                  |
+------------------------------------------------------------------+
|                      Data block_n                                |
+------------------------------------------------------------------+

Class object initializer.

Chip_config:

Chip configuration for AHAB.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• image_array (Union[list[ImageArrayEntry], list[ImageArrayEntryV2], None]) – array of image entries, must be number of images long.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

IAE_TYPE

alias of ImageArrayEntryV2

SIGNATURE_BLOCK

alias of SignatureBlockV2

CONTAINER_SIZE = 16384

VERSION: Union[int, list[int]] = 2

START_IMAGE_ADDRESS = 49152

START_IMAGE_ADDRESS_NAND = 48128

FLAGS_CHECK_ALL_SIGNATURES_OFFSET = 15

FLAGS_CHECK_ALL_SIGNATURES_SIZE = 1

class FlagsCheckAllSignatures(tag, label, description=None)

Bases: SpsdkEnum

Flags Check all signatures.

Default = (0, 'default', 'Apply default fuse policy')

CheckAllSignatures = (1, 'check_all_signatures', 'Force verification of all present signatures')

property flag_check_all_signatures: FlagsCheckAllSignatures

Check all signatures flag as enumeration.

create_srk_hash_fuses_script()

Create fuses script of SRK hash.

Return type:

str

Returns:

Text description of SRK hash.

post_export(output_path, cnt_ix=None)

Post-export processing and optional file writing.

Parameters:

• output_path (str) – Base path for output files

• cnt_ix (Optional[int]) – Container index

Return type:

list[str]

Returns:

List of generated file paths

property srk_hash0: bytes

SRK hash if available.

Returns:

SHA256 hash of SRK table.

property srk_hash1: bytes

SRK hash if available.

Returns:

SHA256 hash of SRK table.

AHAB Utilities

AHAB utils module.

spsdk.image.ahab.utils.ahab_update_keyblob(family, binary, keyblob, container_id, mem_type)

Update keyblob in AHAB image.

Parameters:

• family (FamilyRevision) – MCU family

• binary (str) – Path to AHAB image binary

• keyblob (str) – Path to keyblob

• container_id (int) – Index of the container to be updated

• mem_type (Optional[str]) – Memory type used for bootable image

Raises:

• SPSDKError – In case the container id not present

• SPSDKError – In case the AHAB image does not contain blob

• SPSDKError – In case the length of keyblobs don’t match

Return type:

None

spsdk.image.ahab.utils.ahab_re_sign(family, binary, container_id, sign_provider_0, sign_provider_1=None, mem_type=None)

Re-sign the AHAB container in AHAB image.

Parameters:

• family (FamilyRevision) – MCU family

• binary (str) – Path to AHAB image binary

• container_id (int) – Index of the container to be updated

• sign_provider_0 (SignatureProvider) – Signature provider object for main signature

• sign_provider_1 (Optional[SignatureProvider]) – Signature provider object for additional signature

• mem_type (Optional[str]) – Memory type used for bootable image

Raises:

SPSDKError – In case the container id not present

Return type:

None

spsdk.image.ahab.utils.ahab_sign_image(image_path, config, mem_type)

Sign AHAB container set.

Parse segments in Bootable image and sign non NXP AHAB containers.

Return type:

bytes

AHAB Container Interface

AHAB abstract classes.

This module provides abstract base classes for AHAB (Advanced High-Assurance Boot) containers used in secure boot implementations. It defines the common interfaces for serialization, parsing, and validation of container structures.

class spsdk.image.ahab.ahab_abstract_interfaces.Container

Bases: BaseClass

Base class for any container.

Provides common interface for container operations including parsing, exporting and length calculations.

classmethod fixed_length()

Returns the length of a container which is fixed.

Fixed length refers to the part of a container that holds fixed values, whereas some entries may have variable length.

Return type:

int

Returns:

Fixed length in bytes

export()

Export the container to bytes.

Return type:

bytes

Returns:

Bytes representation of the container

Raises:

NotImplementedError – If export is not implemented in derived class

classmethod parse(data)

Parse binary data into a container object.

Parameters:

data (bytes) – Binary input data to parse

Return type:

Self

Returns:

Parsed container object

Raises:

SPSDKParsingError – If parsing fails

classmethod format()

Returns the container data format as defined by struct package.

The base returns only endianness (LITTLE_ENDIAN).

Return type:

str

Returns:

Format string for struct operations

class spsdk.image.ahab.ahab_abstract_interfaces.HeaderContainerData(tag, length, version)

Bases: object

Holder for Container header data.

Contains the basic attributes found in container headers.

tag: int

length: int

version: int

classmethod parse(binary, inverted=False)

Parse binary header.

Parameters:

• binary (bytes) – Binary data to parse

• inverted (bool) – Whether the header fields are in inverted order

Return type:

Self

Returns:

Parsed header container data

Raises:

SPSDKParsingError – If header length is insufficient

class spsdk.image.ahab.ahab_abstract_interfaces.HeaderContainer(tag, length, version)

Bases: Container

A container with first byte defined as header - tag, length and version.

Every “container” in AHAB consists of a header - tag, length and version. The only exception is the ‘image array’ or ‘image array entry’ respectively which has no header at all and SRK record, which has ‘signing algorithm’ instead of version. But this can be considered as a sort of SRK record ‘version’.

Initialize container with header values.

Parameters:

• tag (int) – Container tag

• length (int) – Container length

• version (int) – Container version

TAG: Union[int, list[int]] = 0

VERSION: Union[int, list[int]] = 0

classmethod format()

Format of binary representation.

Return type:

str

Returns:

Format string for struct operations

verify_header()

Verifies the header of container properties.

Validates tag, length and version against constraints.

Return type:

Verifier

Returns:

Verifier object with validation results

Raises:

SPSDKValueError – If any mandatory field has invalid value

verify_parsed_header()

Verifies the parsed header of container properties.

Validates parsed tag, length and version against constraints.

Return type:

Verifier

Returns:

Verifier object with validation results

Raises:

SPSDKValueError – If any mandatory field has invalid value

classmethod parse_head(binary)

Parse binary data to get head members.

Parameters:

binary (bytes) – Binary data

Return type:

tuple[int, int, int]

Returns:

Tuple with TAG, LENGTH, VERSION

Raises:

SPSDKLengthError – If binary data length is not enough

classmethod check_container_head(binary)

Validate container header and ensure sufficient data length.

Performs multiple validation steps on the container header: 1. Checks if input data has sufficient length for the fixed header 2. Parses header fields (tag, length, version) 3. Verifies header field values against expected constraints 4. Ensures input data is long enough to contain the entire container

Parameters:

binary (bytes) – Input data containing the container header

Return type:

Verifier

Returns:

Verification results for all container header checks

class spsdk.image.ahab.ahab_abstract_interfaces.HeaderContainerInverted(tag, length, version)

Bases: HeaderContainer

A container with inverted header field order.

Same as “HeaderContainer” only the tag/length/version are in reverse order in binary form.

Initialize container with header values.

Parameters:

• tag (int) – Container tag

• length (int) – Container length

• version (int) – Container version

classmethod parse_head(binary)

Parse binary data to get head members from inverted header.

Parameters:

binary (bytes) – Binary data

Return type:

tuple[int, int, int]

Returns:

Tuple with TAG, LENGTH, VERSION

Raises:

SPSDKLengthError – If binary data length is not enough

Signed Messages

AHAB signed message implementation.

This module provides classes and functions to create, parse, and manipulate AHAB (Advanced High Assurance Boot) signed messages. The implementation supports various message types such as key provisioning, lifecycle management, secure fuse operations, and debug authentication.

Signed messages are used for secure communication with NXP devices that support EdgeLock security features. The module allows customization of container values according to device-specific requirements - consult your device reference manual for allowed values and message formats.

class spsdk.image.ahab.signed_msg.Message(cert_ver=0, permissions=0, issue_date=None, cmd=0, unique_id=None, unique_id_len=8)

Bases: Container

Class representing the Signed message.

Message::

Off	Byte 3	Byte 2	Byte 1	Byte 0
0x00	Message header
0x10	Message payload

Message header::

Off	Byte 3	Byte 2	Byte 1	Byte 0
0x00	Cert version	Permission	Issue date
0x04	Reserved	Command	Reserved
0x08 0x..	Unique ID (64 or 128 bits)

The message header is common for all signed messages.

Message used to sign and send to device with EdgeLock.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• cmd (int) – Message command ID, defaults to 0

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

PAYLOAD_LENGTH = 0

TAG = 0

UNIQUE_ID_LEN = 8

static convert_uuid(uuid)

Convert UUID to binary form of message.

Parameters:

uuid (bytes) – Input format of UUID.

Return type:

bytes

Returns:

Converted UUID.

export()

Exports message into to bytes array.

Return type:

bytes

Returns:

Bytes representation of message object.

abstract export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

classmethod format()

Format of binary representation.

Return type:

str

abstract get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_message_class(cmd)

Get the dedicated message class for command.

Return type:

Type[Self]

classmethod load_from_config(config)

Converts the configuration option into an message object.

“config” content of container configurations.

Parameters:

config (Config) – Message configuration dictionaries.

Return type:

Self

Returns:

Message object.

classmethod load_from_config_generic(config)

Converts the general configuration option into an message object.

“config” content of container configurations.

Parameters:

config (Config) – Message configuration dictionaries.

Return type:

tuple[int, int, Optional[int], bytes]

Returns:

Message object.

classmethod parse(data)

Parse input binary to the signed message object.

Parameters:

data (bytes) – Binary data with Container block to parse.

Return type:

Self

Returns:

Object recreated from the binary data.

abstract parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

property payload_len: int

Message payload length in bytes.

verify()

Verify general message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.MessageCommands(tag, label, description=None)

Bases: SpsdkEnum

Signed messages commands.

DAT_AUTHENTICATION_REQ = (200, 'DAT_AUTHENTICATION_REQ', 'Debug authentication request, internally used for DAT procedure.')

KEYSTORE_REPROVISIONING_ENABLE_REQ = (63, 'KEYSTORE_REPROVISIONING_ENABLE_REQ', 'Key store reprovisioning enable')

KEY_EXCHANGE_REQ = (71, 'KEY_EXCHANGE_REQ', 'Key exchange signed message content')

KEY_IMPORT_REQ = (79, 'KEY_IMPORT_REQ', 'Key import signed message content')

RETURN_LIFECYCLE_UPDATE_REQ = (160, 'RETURN_LIFECYCLE_UPDATE_REQ', 'Return lifecycle update request.')

WRITE_SEC_FUSE_REQ = (145, 'WRITE_SEC_FUSE_REQ', 'Write secure fuse request.')

class spsdk.image.ahab.signed_msg.MessageDat(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, challenge_vector=b'\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00', authentication_beacon=0)

Bases: Message

Debug authentication request message class representation.

Message used to sign and send to device with EdgeLock.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• challenge_vector (bytes) – 32 bytes of challenge request got’s from device by DAC.

• authentication_beacon (int) – Authentication beacon in range 0-65535. At the moment is the reserved field and must be 0.

CHALLENGE_VECTOR_LEN = 32

PAYLOAD_LENGTH = 34

TAG = 200

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.MessageKeyExchange(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, key_store_id=0, key_exchange_algorithm=KeyAlgorithm(tag=151126281, label='HKDF SHA256', description=None), salt_flags=0, derived_key_grp=0, derived_key_size_bits=0, derived_key_type=KeyType(tag=9216, label='AES SHA256', description='Possible bit widths: 128/192/256'), derived_key_lifetime=LifeTime(tag=1, label='PERSISTENT', description='Standard persistent key'), derived_key_usage=None, derived_key_permitted_algorithm=KeyDerivationAlgorithm(tag=134217993, label='HKDF SHA256', description='HKDF SHA256 (HMAC two-step)'), derived_key_lifecycle=LifeCycle(tag=1, label='OPEN', description=None), derived_key_id=0, private_key_id=0, input_peer_public_key_digest=b'', input_user_fixed_info_digest=b'')

Bases: Message

Key exchange request message class representation.

Key exchange signed message class init.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• key_store_id (int) – Key store ID where to store the derived key. It must be the key store ID related to the key management handle set in the command API, defaults to 0

• key_exchange_algorithm (KeyAlgorithm) –

  Algorithm used by the key exchange process:

  HKDF SHA256 0x09020109

  HKDF SHA384 0x0902010A

  , defaults to HKDF_SHA256

• salt_flags (int) –

  Bit field indicating the requested operations:

  Bit 0: Salt in step #1 (HKDF-extract) of HMAC based two-step key derivation process:

  - 0: Use zeros salt;

  - 1:Use peer public key hash as salt;

  Bit 1: In case of ELE import, salt used to derive OEM_IMPORT_WRAP_SK and OEM_IMPORT_CMAC_SK:

  - 0: Zeros string;

  - 1: Device SRKH.

  Bit 2 to 15: Reserved, defaults to 0

• derived_key_grp (int) – Derived key group. 100 groups are available per key store. It must be a value in the range [0; 99]. Keys belonging to the same group can be managed through the Manage key group command, defaults to 0

• derived_key_size_bits (int) – Derived key size bits attribute, defaults to 0

• derived_key_type (KeyType) –

  Key type	Value	Key size in bits
  AES	0x2400	128/192/256
  HMAC	0x1100	224/256/384/512
  OEM_IMPORT_MK_SK*	0x9200	128/192/256

  , defaults to AES

• derived_key_lifetime (LifeTime) –

  Derived key lifetime attribute

  VOLATILE 0x00 Standard volatile key.

  PERSISTENT 0x01 Standard persistent key.

  PERMANENT 0xFF Standard permanent key., defaults to PERSISTENT

• derived_key_usage (Optional[list[KeyUsage]]) –

  Derived key usage attribute.

  Cache 0x00000004 Permission to cache the key in the ELE internal secure memory.

  This usage is set by default by ELE FW for all keys generated or imported.

  Encrypt 0x00000100 Permission to encrypt a message with the key. It could be cipher

  encryption, AEAD encryption or asymmetric encryption operation.

  Decrypt 0x00000200 Permission to decrypt a message with the key. It could be

  cipher decryption, AEAD decryption or asymmetric decryption operation.

  Sign message 0x00000400 Permission to sign a message with the key. It could be

  a MAC generation or an asymmetric message signature operation.

  Verify message 0x00000800 Permission to verify a message signature with the key.

  It could be a MAC verification or an asymmetric message signature

  verification operation.

  Sign hash 0x00001000 Permission to sign a hashed message with the key

  with an asymmetric signature operation. Setting this permission automatically

  sets the Sign Message usage.

  Verify hash 0x00002000 Permission to verify a hashed message signature with

  the key with an asymmetric signature verification operation.

  Setting this permission automatically sets the Verify Message usage.

  Derive 0x00004000 Permission to derive other keys from this key.

  , defaults to 0

• derived_key_permitted_algorithm (KeyDerivationAlgorithm) –

  Derived key permitted algorithm attribute

  HKDF SHA256 (HMAC two-step) 0x08000109

  HKDF SHA384 (HMAC two-step) 0x0800010A, defaults to HKDF_SHA256

• derived_key_lifecycle (LifeCycle) –

  Derived key lifecycle attribute

  CURRENT 0x00 Key is usable in current lifecycle.

  OPEN 0x01 Key is usable in open lifecycle.

  CLOSED 0x02 Key is usable in closed lifecycle.

  CLOSED and LOCKED 0x04 Key is usable in closed and locked lifecycle.

  , defaults to OPEN

• derived_key_id (int) –

  Derived key ID attribute. It could be:

  • Wanted key identifier of the generated key: only supported by persistent

    and permanent keys;

  • 0x00000000 to let the FW chose the key identifier: supported by all

    keys (all persistence levels). , defaults to 0

• private_key_id (int) – Identifier in the ELE key storage of the private key to use with the peer public key during the key agreement process, defaults to 0

• input_peer_public_key_digest (bytes) – Input peer public key digest buffer. The algorithm used to generate the digest must be SHA256, defaults to list(8)

• input_user_fixed_info_digest (bytes) – Input user fixed info digest buffer. The algorithm used to generate the digest must be SHA256, defaults to list(8)

PAYLOAD_FORMAT = '<BBHLLHHHHLLLLLL32s32s'

PAYLOAD_LENGTH = 108

PAYLOAD_VERSION = 7

TAG = 71

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.MessageKeyImport(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, key_id=0, key_import_algorithm=KeyAlgorithm(tag=33554441, label='SHA256', description=None), key_usage=None, key_type=KeyType(tag=9216, label='AES SHA256', description='Possible bit widths: 128/192/256'), key_size_bits=0, key_lifetime=LifeTime(tag=3221356799, label='ELE_KEY_IMPORT_PERMANENT', description='EdgeLock® secure enclave Key import permanent key'), key_lifecycle=LifeCycle(tag=1, label='OPEN', description=None), oem_import_mk_sk_key_id=0, wrapping_algorithm=WrappingAlgorithm(tag=1, label='RFC3394', description='RFC 3394 wrapping'), iv=None, signing_algorithm=KeyImportSigningAlgorithm(tag=1, label='CMAC', description=None), wrapped_private_key=b'', signature=b'')

Bases: Message

Key import request message class representation.

Key exchange signed message class init.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• key_id (int) – Key ID where to store the derived key. It must be the key store ID related to the key management handle set in the command API, defaults to 0

• key_import_algorithm (KeyAlgorithm) –

  Algorithm used by the key import process:

  MD5 = 0x0200000

  SHA1 = 0x02000005

  SHA224 = 0x02000008

  SHA256 = 0x02000009

  SHA384 = 0x0200000A

  SHA512 = 0x0200000B

  , defaults to HKDF_SHA256

• key_usage (Optional[list[KeyUsage]]) –

  Imported key usage attribute.

  Cache 0x00000004 Permission to cache the key in the ELE internal secure memory.

  This usage is set by default by ELE FW for all keys generated or imported.

  Encrypt 0x00000100 Permission to encrypt a message with the key. It could be cipher

  encryption, AEAD encryption or asymmetric encryption operation.

  Decrypt 0x00000200 Permission to decrypt a message with the key. It could be

  cipher decryption, AEAD decryption or asymmetric decryption operation.

  Sign message 0x00000400 Permission to sign a message with the key. It could be

  a MAC generation or an asymmetric message signature operation.

  Verify message 0x00000800 Permission to verify a message signature with the key.

  It could be a MAC verification or an asymmetric message signature

  verification operation.

  Sign hash 0x00001000 Permission to sign a hashed message with the key

  with an asymmetric signature operation. Setting this permission automatically

  sets the Sign Message usage.

  Verify hash 0x00002000 Permission to verify a hashed message signature with

  the key with an asymmetric signature verification operation.

  Setting this permission automatically sets the Verify Message usage.

  Derive 0x00004000 Permission to derive other keys from this key.

  , defaults to 0

• key_type (KeyType) –

  Key type	Value	Key size in bits
  AES	0x2400	128/192/256
  HMAC	0x1100	224/256/384/512
  OEM_IMPORT_MK_SK*	0x9200	128/192/256

  , defaults to AES

• key_size_bits (int) – Derived key size bits attribute, defaults to 0

• key_lifetime (LifeTime) –

  Imported key lifetime attribute

  ELE_KEY_IMPORT_VOLATILE 0xC0020000 Standard volatile key.

  ELE_KEY_IMPORT_PERSISTENT 0xC0020001 Standard persistent key.

  ELE_KEY_IMPORT_PERMANENT 0xC00200FF Standard permanent key., defaults to PERSISTENT

• key_lifecycle (LifeCycle) –

  Imported key lifecycle attribute

  CURRENT 0x00 Key is usable in current lifecycle.

  OPEN 0x01 Key is usable in open lifecycle.

  CLOSED 0x02 Key is usable in closed lifecycle.

  CLOSED and LOCKED 0x04 Key is usable in closed and locked lifecycle.

  , defaults to OPEN

• oem_import_mk_sk_key_id (int) – Identifier in the ELE key storage of the OEM_IMPORT_MK_SK key to use to encrypt and sign the imported key, defaults to 0

• wrapping_algorithm (WrappingAlgorithm) –

  Wrapping algorithm of the key blob. This field is required to distinguish between different flavors of wrapping algorithms.

  Possible values are: - 0x01: RFC3394 wrapping - 0x02: AES CBC wrapping

• iv (Optional[bytes]) – IV to use for CBC wrapping. Not used if ‘wrapping algorithm’ not equal 0x02.

• signing_algorithm (KeyImportSigningAlgorithm) – Algorithm used to sign the blob itself. Field “Signature” of this blob. It must be: 0x01 (CMAC).

• wrapped_private_key (bytes) – Private key data in encrypted format as defined by the ‘Wrapping Algorithm’. Key used to do the encryption must be OEM_IMPORT_WRAP_SK derived from OEM_IMPORT_MK_SK.

• signature (bytes) – Signature of all previous fields of this blob including the signature tag (0x5E) and signature length fields. Key used to do the signature must be OEM_IMPORT_CMAC_SK derived from OEM_IMPORT_MK_SK.

HEADER_MAGIC = 'edgelockenclaveimport'

class Ki(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: X690Type[bytes]

Key Import base field type.

NATURE = [TypeNature.PRIMITIVE]

The x690 “private/constructed” information

TAG: int = 0

The x690 identifier for the type

TYPECLASS: TypeClass = 'application'

The x690 type-class (universal, application or context)

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiEncryptedPrk(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key wrapped data.

TAG: int = 21

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiImportMkSkKeyId(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Import MK SK KEY id.

TAG: int = 16

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiIv(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Optional Initial vector.

TAG: int = 18

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyAlgorithm(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key algorithm.

TAG: int = 2

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyBitsSize(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key size.

TAG: int = 5

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyId(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key ID.

TAG: int = 1

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyLifeCycle(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key life cycle.

TAG: int = 7

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyLifeTime(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key life time.

TAG: int = 6

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyType(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key type.

TAG: int = 4

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiKeyUsage(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key usage.

TAG: int = 3

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiMagic(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Magic header.

TAG: int = 0

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiSignature(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Signature.

TAG: int = 30

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiSigningAlgorithm(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key signing algorithm.

TAG: int = 20

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

class KiWrappingAlgorithm(value=<x690.types._SENTINEL_UNINITIALISED object>)

Bases: Ki

TLV record - Key wrapping algorithm.

TAG: int = 17

The x690 identifier for the type

pyvalue: Union[TWrappedPyType, _SENTINEL_UNINITIALISED]

The decoded (or to-be encoded) Python value

PAYLOAD_VERSION = 7

TAG = 79

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

property payload_len: int

Message payload length in bytes.

verify()

Verify message properties.

Return type:

Verifier

wrap_and_sign(private_key, oem_import_mk_sk_key, srkh=None)

Get wrapped key and sign whole Import Key message.

Parameters:

• private_key (bytes) – Unwrapped private key

• oem_import_mk_sk_key (bytes) – OEM_IMPORT_MK_SK_KEY

• srkh (Optional[bytes]) – Optionally SRKH if Salt flags requires it in Key Exchange commands, defaults to None

Return type:

None

class spsdk.image.ahab.signed_msg.MessageKeyStoreReprovisioningEnable(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, monotonic_counter=0, user_sab_id=0)

Bases: Message

Key store reprovisioning enable request message class representation.

Key store reprovisioning enable signed message class init.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• monotonic_counter (int) – Monotonic counter value, defaults to 0

• user_sab_id (int) – User SAB id, defaults to 0

FLAGS = 0

PAYLOAD_FORMAT = '<BBHLL'

PAYLOAD_LENGTH = 12

TAG = 63

TARGET = 0

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.MessageReturnLifeCycle(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, life_cycle=0)

Bases: Message

Return life cycle request message class representation.

Message used to sign and send to device with EdgeLock.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• life_cycle (int) – Requested life cycle, defaults to 0

PAYLOAD_LENGTH = 4

TAG = 160

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.MessageV2(cert_ver=0, permissions=0, issue_date=None, cmd=0, unique_id=None, unique_id_len=8)

Bases: Message

Class representing the Signed message version 2.

Message used to sign and send to device with EdgeLock.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• cmd (int) – Message command ID, defaults to 0

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

UNIQUE_ID_LEN = 16

class spsdk.image.ahab.signed_msg.MessageWriteSecureFuse(cert_ver=0, permissions=0, issue_date=None, unique_id=None, unique_id_len=8, fuse_id=0, length=0, flags=0, data=None)

Bases: Message

Write secure fuse request message class representation.

Message used to sign and send to device with EdgeLock.

Parameters:

• cert_ver (int) – Certificate version, defaults to 0

• permissions (int) – Certificate permission, to be used in future The stated permission must allow the operation requested by the signed message , defaults to 0

• issue_date (Optional[int]) – Issue date, defaults to None (Current date will be applied)

• unique_id (Optional[bytes]) – UUID of device, defaults to None

• unique_id_len (int) – UUID length - 64 or 128 bits, defaults to 64 bits (8 bytes)

• fuse_id (int) – Fuse ID, defaults to 0

• length (int) – Fuse length, defaults to 0

• flags (int) – Fuse flags, defaults to 0

• data (Optional[list[int]]) – List of fuse values

PAYLOAD_FORMAT = '<HBB'

TAG = 145

export_payload()

Exports message payload to bytes array.

Return type:

bytes

Returns:

Bytes representation of message payload.

get_config()

Create configuration of the Signed Message.

Return type:

Config

Returns:

Configuration dictionary.

parse_payload(data)

Parse payload.

Parameters:

data (bytes) – Binary data with Payload to parse.

Return type:

None

property payload_len: int

Message payload length in bytes.

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.SignedMessage(family, signed_msg_container=None)

Bases: FeatureBaseClass

Signed message class.

AHAB Image constructor.

Parameters:

• family (FamilyRevision) – Name of device family.

• ahab_containers – _description_, defaults to None

Raises:

SPSDKValueError – Invalid input configuration.

FEATURE: str = 'ahab'

property container_type: Type[SignedMessageContainer] | Type[SignedMessageContainerV2]

Get container class type.

export()

Export Signed message image.

Return type:

bytes

Returns:

Signed message image.

property family: FamilyRevision

Just public family member.

get_config(data_path='./')

Create configuration of the Signed Message.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_config_template(family, message=None)

Get AHAB configuration template.

Parameters:

• family (FamilyRevision) – Family for which the template should be generated.

• message (Optional[MessageCommands]) – Generate the template just for one message type, if not used , its generated for all messages

Return type:

str

Returns:

Dictionary of individual templates (key is name of template, value is template itself).

get_srk_hash(srk_id=0)

Get SRK hash.

Parameters:

srk_id (int) – ID of SRK table in case of using multiple Signatures, default is 0.

Return type:

bytes

Returns:

SHA256 hash of SRK table.

classmethod get_validation_schemas(family)

Get list of validation schemas.

Parameters:

family (FamilyRevision) – Family for which the validation schema should be generated.

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

image_info()

Get Image info object.

Return type:

BinaryImage

classmethod load_from_config(config)

Converts the configuration option into an Signed message object.

“config” content of container configurations.

Parameters:

config (Config) – Signed Message configuration dictionaries.

Return type:

Self

Returns:

Signed message object.

classmethod parse(data, family=None)

Parse input binary chunk to the container object.

Parameters:

• data (bytes) – Input binary data to parse

• family (Optional[FamilyRevision]) – The MCU family

Raises:

SPSDKError – No AHAB container found in binary data.

Return type:

Self

classmethod pre_parse_verify(data)

Pre-Parse verify of AHAB container.

Parameters:

data (bytes) – Binary data with Container block to pre-parse.

Return type:

Verifier

Returns:

Verifier of pre-parsed binary data.

property srk_count: int

Get count of used SRKs.

update_fields()

Automatically updates all volatile fields in every Signed message container.

Return type:

None

verify()

Verifier object data.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.SignedMessageContainer(chip_config, flags=0, fuse_version=0, sw_version=0, message=None, signature_block=None, encrypt_iv=None)

Bases: AHABContainerBase

Class representing the Signed message container.

DAT Container:

+-----+--------------+--------------+----------------+----------------+
|Off  |    Byte 3    |    Byte 2    |      Byte 1    |     Byte 0     |
+-----+--------------+--------------+----------------+----------------+
|0x00 |    Tag       | Length (MSB) | Length (LSB)   |     Version    |
+-----+--------------+--------------+----------------+----------------+
|0x04 |                          Flags                                |
+-----+--------------+--------------+---------------------------------+
|0x08 |   Reserved   | Fuse version |       Software version          |
+-----+--------------+--------------+---------------------------------+
|0x10 |                      Signature Block                          |
+-----+---------------------------------------------------------------+

Signed Message:

+-----+--------------+--------------+----------------+----------------+
|Off  |    Byte 3    |    Byte 2    |      Byte 1    |     Byte 0     |
+-----+--------------+--------------+----------------+----------------+
|0x00 |    Tag       | Length (MSB) | Length (LSB)   |     Version    |
+-----+--------------+--------------+----------------+----------------+
|0x04 |                          Flags                                |
+-----+--------------+--------------+---------------------------------+
|0x08 |   Reserved   | Fuse version |       Software version          |
+-----+--------------+--------------+---------------------------------+
|0x10 |                    Message descriptor                         |
+-----+---------------------------------------------------------------+
|0x34 |                      Message header                           |
+-----+---------------------------------------------------------------+
|0x44 |                      Message payload                          |
+-----+---------------------------------------------------------------+
|0xXX |                      Signature Block                          |
+-----+---------------------------------------------------------------+

Message descriptor::

Off	Byte 3	Byte 2	Byte 1	Byte 0
0x00	Reserved			Flags
0x04	IV (256 bits)

Class object initializer.

Chip_config:

Chip configuration for AHAB.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• message (Union[Message, MessageV2, None]) – Message command to be signed.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

• encrypt_iv (Optional[bytes]) – Encryption Initial Vector - if defined the encryption is used.

ENCRYPT_IV_LEN = 32

MESSAGE_TYPE

alias of Message

NAME = 'Signed Message'

SIGNATURE_BLOCK

alias of SignatureBlock

TAG: Union[int, list[int]] = 137

export()

Export the signed image into one chunk.

Raises:

SPSDKValueError – if the number of images doesn’t correspond the the number of entries in image array info.

Return type:

bytes

Returns:

images exported into single binary

classmethod format()

Format of binary representation.

Return type:

str

get_config(data_path='./')

Create configuration of the Signed Message.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_validation_schemas(family)

Get list of validation schemas.

Parameters:

family (FamilyRevision) – Family for which the validation schema should be generated.

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

image_info()

Get Image info object.

Return type:

BinaryImage

Returns:

Signed Message Info object.

classmethod load_from_config(chip_config, config)

Converts the configuration option into an Signed message object.

“config” content of container configurations.

Parameters:

• chip_config (AhabChipConfig) – Ahab chip configuration.

• config (Config) – Signed Message configuration dictionaries.

Return type:

Self

Returns:

Message object.

classmethod parse(data, chip_config)

Parse input binary to the signed message object.

Parameters:

• data (bytes) – Binary data with Container block to parse.

• chip_config (AhabChipConfig) – Ahab image chip configuration.

Return type:

Self

Returns:

The Signed Message Container

update_fields()

Updates all volatile information in whole container structure.

Raises:

SPSDKError – When inconsistent image array length is detected.

Return type:

None

verify()

Verify message properties.

Return type:

Verifier

class spsdk.image.ahab.signed_msg.SignedMessageContainerV2(chip_config, flags=0, fuse_version=0, sw_version=0, message=None, signature_block=None, encrypt_iv=None)

Bases: SignedMessageContainer

Class representing the Signed message container V2.

Class object initializer.

Chip_config:

Chip configuration for AHAB.

Parameters:

• flags (int) – flags.

• fuse_version (int) – value must be equal to or greater than the version stored in the fuses to allow loading this container.

• sw_version (int) – used by PHBC (Privileged Host Boot Companion) to select between multiple images with same fuse version field.

• message (Union[Message, MessageV2, None]) – Message command to be signed.

• signature_block (Union[SignatureBlock, SignatureBlockV2, None]) – signature block.

• encrypt_iv (Optional[bytes]) – Encryption Initial Vector - if defined the encryption is used.

MESSAGE_TYPE

alias of MessageV2

SIGNATURE_BLOCK

alias of SignatureBlockV2

VERSION: Union[int, list[int]] = 2

classmethod get_validation_schemas(family)

Get list of validation schemas.

Parameters:

family (FamilyRevision) – Family for which the validation schema should be generated.

Return type:

list[dict[str, Any]]

Returns:

Validation list of schemas.

class spsdk.image.ahab.signed_msg.SignedMessageTags(tag, label, description=None)

Bases: SpsdkEnum

Signed message container related tags.

SIGNED_MSG = (137, 'SIGNED_MSG', 'Signed message.')

Bootable image

This module contains Bootable image related code.

class spsdk.image.bootable_image.bimg.BootableImage(family, mem_type, init_offset=0)

Bases: FeatureBaseClass

Bootable Image class.

Bootable Image constructor.

Parameters:

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

FEATURE: str = 'bootable_image'

property bootable_header_only: bool

The image contains only bootable image header.

No application is available.

export()

Export bootable image.

Return type:

bytes

Returns:

Complete binary of bootable image.

get_config(data_path='./')

Create configuration of the AHAB Image.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.c

classmethod get_config_template(family, mem_type=MemoryType(tag=4, label='flexspi_nor', description='Flexspi NOR'))

Get validation schema for the family.

Parameters:

• family (FamilyRevision) – Chip family

• mem_type (MemoryType) – Used memory type.

Return type:

str

Returns:

Configuration template in string.

static get_memory_type_config(family, mem_type)

Return dictionary with configuration for specific memory type.

Parameters:

• family (FamilyRevision) – Chip family name.

• mem_type (MemoryType) – CHip memory type to handle bootable area.

Raises:

SPSDKKeyError – If memory type does not exist in database

Return type:

dict[str, Any]

Returns:

Dictionary with configuration.

get_segment(segment)

Get bootable segment by its name or Enum class.

Parameters:

segment (Union[str, BootableImageSegment]) – Name of enum class of segment.

Return type:

Segment

Returns:

Segment.

get_segment_offset(segment)

Get segment offset.

Parameters:

segment (Segment) – Segment object to get its offset

Return type:

int

Returns:

Segment offset

classmethod get_supported_memory_types(family=None)

Return list of supported memory types.

Return type:

list[MemoryType]

Returns:

List of supported families.

static get_supported_revisions(family)

Return list of supported revisions.

Return type:

list[str]

Returns:

List of supported revisions.

classmethod get_validation_schemas(family, mem_type=None)

Get validation schema for the family.

Parameters:

• family (FamilyRevision) – Chip family

• mem_type (Optional[MemoryType]) – Used memory type.

Return type:

list[dict[str, Any]]

Returns:

List of validation schema dictionaries.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

property header_len: int

Length of the header.

The length of the space before application data. :return: Length of the bootable image area.

image_info()

Create Binary image of bootable image.

Return type:

BinaryImage

Returns:

BinaryImage object of bootable image.

property init_offset: int

Initial offset compared to “full” bootable image.Only segments after this offset are considered.

classmethod load_from_config(config)

Load bootable image from configuration.

Parameters:

config (Config) – Configuration of Bootable image.

Return type:

Self

classmethod parse(binary, family=None, mem_type=None)

Parse binary into bootable image object.

Parameters:

• binary (bytes) – Bootable image binary.

• family (Optional[FamilyRevision]) – Chip family.

• mem_type (Optional[MemoryType]) – Used memory type.

Return type:

Self

post_export(output_path)

Perform post export on all segments.

Return type:

list[str]

static pre_parse_verify(data, family, mem_type)

Pre-Parse binary T osee main issue before parsing.

Parameters:

• data (bytes) – Bootable image binary.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

Return type:

Verifier

Returns:

Verifier object of preparsed data.

property segments: list[Segment]

List of used segments.

set_init_offset(init_offset)

Set init offset by name of segment or length.

Return type:

None

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

Bootable image segments

This module contains Bootable image related code.

class spsdk.image.bootable_image.segments.BootableImageSegment(tag, label, description=None)

Bases: SpsdkEnum

Bootable image segment.

AHAB_CONTAINER = (11, 'ahab_container', 'AHAB container segment')

BEE_HEADER_0 = (6, 'bee_header_0', 'BEE header 0 segment')

BEE_HEADER_1 = (7, 'bee_header_1', 'BEE header 1 segment')

FCB = (2, 'fcb', 'Fcb segment')

HAB_CONTAINER = (10, 'hab_container', 'HAB container segment')

IMAGE_VERSION = (3, 'image_version', 'Image version segment')

IMAGE_VERSION_AP = (4, 'image_version_ap', 'Image version antipole segment')

KEYBLOB = (1, 'keyblob', 'Keyblob segment')

KEYSTORE = (5, 'keystore', 'Keystore segment')

MBI = (9, 'mbi', 'Masterboot image segment')

PRIMARY_IMAGE_CONTAINER_SET = (12, 'primary_image_container_set', 'Primary Image Container Set segment')

SB21 = (14, 'sb21', 'Secure binary 2.1 segment')

SB31 = (15, 'sb31', 'Secure binary 3.1 segment')

SECONDARY_IMAGE_CONTAINER_SET = (13, 'secondary_image_container_set', 'Secondary Image Container Set segment')

UNKNOWN = (0, 'unknown', 'Unknown segment')

XMCD = (8, 'xmcd', 'XMCD segment')

exception spsdk.image.bootable_image.segments.SPSDKSegmentNotPresent(desc=None)

Bases: SPSDKError

The segment is not present in the configuration.

Initialize the base SPSDK Exception.

class spsdk.image.bootable_image.segments.Segment(offset, family, mem_type, raw_block=None)

Bases: BaseClass

Base Bootable Image Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

BOOT_HEADER = True

CFG_NAME: Optional[str] = None

IMAGE_PATTERNS = ['zeros', 'ones']

INIT_SEGMENT = False

NAME = (0, 'unknown', 'Unknown segment')

OFFSET_ALIGNMENT = 1

classmethod cfg_key()

Configuration key name.

Return type:

str

clear()

Clear the segment to init state.

Return type:

None

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

export()

Export object into bytes array.

Return type:

bytes

Returns:

Raw binary block of segment

static find_segment_offset(binary)

Try to find the start of the Segment in data blob.

Parameters:

binary (bytes) – Data to be used to find Segment.

Return type:

int

Returns:

Offset in data to new data container.

property full_image_offset: int

Offset of the segment within the full bootable image.

image_info()

Get Image info format.

Return type:

BinaryImage

Returns:

The segment content in Binary Image format.

property is_present: bool

Returns true if the segment is present in the image.

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

classmethod parse(data)

Parse object from bytes array.

Parameters:

data (bytes) – Input data to parse

Return type:

Self

Returns:

Parsed object

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – Binary image.

Raises:

• SPSDKParsingError – If given binary block size is not equal to block size in header

• SPSDKSegmentNotPresent – If the input binary contains only padding bytes

Return type:

None

post_export(output_path)

Post export arifacts like fuse scripts.

Parameters:

output_path (str) – Path to export artifacts

Return type:

list[str]

Returns:

List of post export artifacts (usually fuse scripts)

pre_parse_verify(data)

Pre-Parse binary to see main issue before parsing.

Parameters:

data (bytes) – Bootable image binary.

Return type:

Verifier

Returns:

Verifier object of preparsed data.

property size: int

Segment size.

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

class spsdk.image.bootable_image.segments.SegmentAhab(offset, family, mem_type, raw_block=None, ahab=None)

Bases: Segment

Bootable Image Advanced High Assurance Boot(HAB) Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• ahab (Optional[AHABImage]) – Advanced High Assurance Boot class.

BOOT_HEADER = False

INIT_SEGMENT = True

NAME = (11, 'ahab_container', 'AHAB container segment')

clear()

Clear the segment to init state.

Return type:

None

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

static find_segment_offset(binary)

Try to find the start of the AHAB Image in data blob.

Parameters:

binary (bytes) – Data to be used to find AHAB container.

Return type:

int

Returns:

Offset in data to new data container.

image_info()

Get Image info format.

Return type:

BinaryImage

Returns:

The segment content in Binary Image format.

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Return type:

None

post_export(output_path)

Post export step.

Parameters:

output_path (str) – _description_

Return type:

list[str]

Returns:

_description_

pre_parse_verify(data)

Pre-Parse binary T osee main issue before parsing.

Parameters:

data (bytes) – Bootable image binary.

Return type:

Verifier

Returns:

Verifier object of preparsed data.

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

class spsdk.image.bootable_image.segments.SegmentBeeHeader0(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image BEE encryption header 0 Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

NAME = (6, 'bee_header_0', 'BEE header 0 segment')

property size: int

Keyblob segment size.

class spsdk.image.bootable_image.segments.SegmentBeeHeader1(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image BEE encryption header 1 Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

NAME = (7, 'bee_header_1', 'BEE header 1 segment')

property size: int

Keyblob segment size.

class spsdk.image.bootable_image.segments.SegmentFcb(offset, family, mem_type, raw_block=None, fcb=None)

Bases: Segment

Bootable Image FCB Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• fcb (Optional[FCB]) – FCB class.

INIT_SEGMENT = True

NAME = (2, 'fcb', 'Fcb segment')

clear()

Clear the segment to init state.

Return type:

None

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Raises:

• SPSDKParsingError – If given binary block size is not equal to block size in header

• SPSDKSegmentNotPresent – If the input binary contains only padding bytes

Return type:

None

property size: int

Size of FCB segment.

class spsdk.image.bootable_image.segments.SegmentHab(offset, family, mem_type, raw_block=None, hab=None)

Bases: Segment

Bootable Image High Assurance Boot(HAB) Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• hab (Optional[HabImage]) – High Assurance Boot class.

BOOT_HEADER = False

INIT_SEGMENT = True

NAME = (10, 'hab_container', 'HAB container segment')

clear()

Clear the segment to init state.

Return type:

None

image_info()

Get Image info format.

Return type:

BinaryImage

Returns:

The segment content in Binary Image format.

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Return type:

None

class spsdk.image.bootable_image.segments.SegmentImageVersion(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image Image version Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

NAME = (3, 'image_version', 'Image version segment')

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Raises:

SPSDKParsingError – If given binary block size is not equal to block size in header

Return type:

None

property size: int

Keyblob segment size.

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

class spsdk.image.bootable_image.segments.SegmentImageVersionAntiPole(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image Image version with antipole value Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

CFG_NAME: Optional[str] = 'image_version'

NAME = (4, 'image_version_ap', 'Image version antipole segment')

UNPROGRAMMED_VALUE = 65535

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Raises:

SPSDKParsingError – If given binary block size is not equal to block size in header

Return type:

None

property size: int

Keyblob segment size.

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

class spsdk.image.bootable_image.segments.SegmentKeyBlob(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image KeyBlob Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

NAME = (1, 'keyblob', 'Keyblob segment')

property size: int

Keyblob segment size.

class spsdk.image.bootable_image.segments.SegmentKeyStore(offset, family, mem_type, raw_block=None)

Bases: Segment

Bootable Image KeyStore Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in the full bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

NAME = (5, 'keystore', 'Keystore segment')

property size: int

Keyblob segment size.

class spsdk.image.bootable_image.segments.SegmentMbi(offset, family, mem_type, raw_block=None, mbi=None)

Bases: Segment

Bootable Image Master Boot Image(MBI) Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• mbi (Optional[MasterBootImage]) – Master boot image class.

BOOT_HEADER = False

INIT_SEGMENT = True

NAME = (9, 'mbi', 'Masterboot image segment')

clear()

Clear the segment to init state.

Return type:

None

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

image_info()

Get Image info format.

Return type:

BinaryImage

Returns:

The segment content in Binary Image format.

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Return type:

None

class spsdk.image.bootable_image.segments.SegmentPrimaryAhab(offset, family, mem_type, raw_block=None, ahab=None)

Bases: SegmentAhab

Primary Bootable Image Advanced High Assurance Boot(HAB) Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• ahab (Optional[AHABImage]) – Advanced High Assurance Boot class.

NAME = (12, 'primary_image_container_set', 'Primary Image Container Set segment')

class spsdk.image.bootable_image.segments.SegmentSB21(offset, family, mem_type, raw_block=None, sb21=None)

Bases: Segment

Bootable Image Secure Binary 2.1 Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• sb21 (Optional[BootImageV21]) – Secure Binary v2.1 class.

BOOT_HEADER = False

INIT_SEGMENT = True

NAME = (14, 'sb21', 'Secure binary 2.1 segment')

clear()

Clear the segment to init state.

Return type:

None

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Return type:

None

class spsdk.image.bootable_image.segments.SegmentSB31(offset, family, mem_type, raw_block=None, sb31=None)

Bases: Segment

Bootable Image Secure Binary 3.1 Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• sb31 (Optional[SecureBinary31]) – Secure Binary v3.1 class.

BOOT_HEADER = False

INIT_SEGMENT = True

NAME = (15, 'sb31', 'Secure binary 3.1 segment')

clear()

Clear the segment to init state.

Return type:

None

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Return type:

None

class spsdk.image.bootable_image.segments.SegmentSecondaryAhab(offset, family, mem_type, raw_block=None, ahab=None)

Bases: SegmentAhab

Primary Bootable Image Advanced High Assurance Boot(HAB) Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

• raw_block (Optional[bytes]) – Raw data of segment.

• ahab (Optional[AHABImage]) – Advanced High Assurance Boot class.

INIT_SEGMENT = False

NAME = (13, 'secondary_image_container_set', 'Secondary Image Container Set segment')

OFFSET_ALIGNMENT = 1024

class spsdk.image.bootable_image.segments.SegmentXmcd(offset, family, mem_type, raw_block=None, xmcd=None)

Bases: Segment

Bootable Image XMCD Segment class.

Segment initialization, at least raw data are stored.

Parameters:

• offset (int) – Offset of Segment in whole bootable image.

• family (FamilyRevision) – Chip family.

• raw_block (Optional[bytes]) – Raw data of segment.

• xmcd (Optional[XMCD]) – XMCD class.

NAME = (8, 'xmcd', 'XMCD segment')

clear()

Clear the segment to init state.

Return type:

None

create_config(output_dir)

Create configuration including store the data to specified path.

Parameters:

output_dir (str) – Path where the information should be stored

Return type:

Union[str, int]

Returns:

Value of segment to configuration file

load_config(config)

Load segment from configuration.

Parameters:

config (Config) – Configuration of Segment.

Return type:

None

parse_binary(binary)

Parse binary block into Segment object.

Parameters:

binary (bytes) – binary image.

Raises:

• SPSDKParsingError – If given binary block size is not equal to block size in header

• SPSDKSegmentNotPresent – If the input binary contains only padding bytes

Return type:

None

property size: int

Keyblob segment size.

verify()

Get verifier object of segment.

Return type:

Verifier

Returns:

Verifier of current object.

spsdk.image.bootable_image.segments.get_segment_class(name)

Get the segment class type.

Return type:

Type[Segment]

Returns:

Segment class type.

spsdk.image.bootable_image.segments.get_segments()

Get list of all supported segments.

Return type:

dict[BootableImageSegment, Type[Segment]]

FCB - Flash Configuration Block

This module contains FCB (Flash Configuration Block) related code.

class spsdk.image.fcb.fcb.FCB(family, mem_type)

Bases: SegmentBase

FCB (Flash Configuration Block).

FCB Constructor.

Parameters:

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

Raises:

SPSDKValueError – Unsupported family.

FEATURE: str = 'fcb'

SIZE = 512

TAG = b'FCFB'

TAG_SWAPPED = b'CFBF'

get_config(data_path='./')

Create configuration of the FCB.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_config_template(family, mem_type=MemoryType(tag=4, label='flexspi_nor', description='Flexspi NOR'))

Get configuration for selected family.

Parameters:

• family (FamilyRevision) – Family description.

• mem_type (MemoryType) – Used memory type.

Return type:

str

Returns:

Template of FCB Block configuration.

classmethod get_validation_schemas(family, mem_type=MemoryType(tag=4, label='flexspi_nor', description='Flexspi NOR'))

Create the validation schema.

Parameters:

• family (FamilyRevision) – Family description.

• mem_type (MemoryType) – Used memory type.

Raises:

SPSDKError – Family or revision is not supported.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

static get_validation_schemas_basic()

Create the validation schema just for supported families.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas for FCB supported families.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

classmethod load_from_config(config)

Load FCB object from configuration.

Parameters:

config (Config) – Configuration dictionary.

Return type:

Self

Returns:

Initialized FCB object.

classmethod parse(binary, offset=0, family=Unknown, Revision: latest, mem_type=MemoryType(tag=4, label='flexspi_nor', description='Flexspi NOR'))

Parse binary block into FCB object.

Parameters:

• binary (bytes) – binary image.

• offset (int) – Offset of FCB in binary image.

• family (FamilyRevision) – Chip family.

• mem_type (MemoryType) – Used memory type.

Raises:

SPSDKError – If given binary block contains wrong FCB tag

Return type:

Self

property registers: Registers

Registers of segment.

HAB - High Assurance Boot

This module contains HAB related code.

HAB Container

This module contains HAB container related code.

class spsdk.image.hab.hab_image.BootDevice(tag, label, description=None)

Bases: SpsdkEnum

Boot device enum.

FLEXSPI_NAND = (1, 'flexspi_nand')

FLEXSPI_NOR = (0, 'flexspi_nor')

MMC = (4, 'mmc')

SD = (3, 'sd')

SEMC_NAND = (2, 'semc_nand')

SERIAL_DOWNLOADER = (5, 'serial_downloader')

class spsdk.image.hab.hab_image.HabImage(family, flags, start_address, segments, boot_device=None, ivt_offset=None, image_pattern='zeros')

Bases: FeatureBaseClass

Hab image.

HAB image initialization.

Parameters:

• flags (int) – Flags

• ivt_offset (Optional[int]) – IVT offset value which is actually the HAB image offset

• start_address (int) – Start address of bootable image

• segments (list[HabSegmentBase]) – Segments list

• image_pattern (str) – Image pattern used to fill empty spaces

FEATURE: str = 'hab'

property app_segment: HabSegmentApp

APP segment object.

property bdt_segment: HabSegmentBDT

BDT segment object.

property csf_segment: HabSegmentCSF | None

CSF segment object if exists, None otherwise.

property dcd_segment: HabSegmentDcd | None

DCD segment object if exists, None otherwise.

export()

Export into binary.

Return type:

bytes

export_padding()

Get into binary including initial padding.

Return type:

bytes

static get_boot_devices(family)

Get all supported boot devices for given family.

Parameters:

family (FamilyRevision) – Target family name.

Return type:

list[BootDevice]

Returns:

List of supported boot devices.

get_config(data_path='./')

Create configuration of the Feature.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_config_template(family)

Generate configuration template.

Return type:

str

Returns:

Dictionary of individual templates (key is name of template, value is template itself).

get_segment(segment)

Get image’s segment.

Parameters:

segment (HabSegmentEnum) – Segment enum

Return type:

Optional[HabSegmentBase]

get_supported_boot_devices()

Get supported boot devices(target memories).

Return type:

list[BootDevice]

classmethod get_validation_schemas(family)

Create the list of validation schemas.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

image_info(padding=False)

Create Binary image of HAB image.

Return type:

BinaryImage

Returns:

BinaryImage object of HAB image.

property is_authenticated: bool

Returns true if image is authenticated, false otherwise.

property is_encrypted: bool

Returns true if image is encrypted, false otherwise.

property ivt_offset: int

IVT offset property.

property ivt_segment: HabSegmentIvt

IVT segment object.

classmethod load_from_config(config)

Load the HAB image object from parsed bd_data configuration.

Parameters:

config (Config) – Image configuration

Return type:

Self

classmethod parse(data, family=Unknown, Revision: latest)

Parse existing binary into HAB image object.

Parameters:

• data (bytes) – Binary to be parsed

• family (FamilyRevision) – Chip family name

Return type:

Self

post_export(output_path)

Perform post export steps.

Return type:

list[str]

classmethod transform_bd_configuration(config)

Transform configuration from flat structure to BD structure.

Parameters:

config (Config) – Parsed configuration from BD parser

Return type:

Config

Returns:

Transformed configuration

classmethod transform_configuration(config)

Transform configuration from BD parser to flat YAML structure.

Parameters:

config (dict[Any, Any]) – Parsed configuration from BD parser

Return type:

dict[Any, Any]

Returns:

Transformed configuration

update_csf()

Update the CSF segment including signing and encryption.

Return type:

None

verify()

Verify HAB image data.

Return type:

Verifier

property xmcd_segment: HabSegmentXMCD | None

XMCD segment object if exists, None otherwise.

XMCD

This module contains XMCD (External Memory Configuration Data) related code.

class spsdk.image.xmcd.xmcd.ConfigurationBlockType(tag, label, description=None)

Bases: SpsdkEnum

Support configuration blocks Enum.

FULL = (1, 'full', 'Full configuration')

SIMPLIFIED = (0, 'simplified', 'Simplified configuration')

class spsdk.image.xmcd.xmcd.XMCD(family, mem_type, config_type)

Bases: SegmentBase

XMCD (External Memory Configuration Data).

XMCD Constructor.

Parameters:

• family (FamilyRevision) – Chip family.

• config_type (ConfigurationBlockType) – Configuration block type: simplified | full.

FEATURE: str = 'xmcd'

calculate_crc()

Calculate XMCD CRC value.

Return type:

bytes

property crc: bytes

CRC value if XMCD object.

Returns:

SHA256 hash of SRK table.

create_crc_hash_fuses_script()

Create fuses script of CRC hash.

Return type:

str

get_config(data_path='./')

Create configuration of the XMCD.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

classmethod get_config_template(family, mem_type=MemoryType(tag=0, label='flexspi_ram', description='FlexSPI RAM'), config_type=ConfigurationBlockType(tag=1, label='full', description='Full configuration'))

Generate configuration for selected family.

Parameters:

• family (FamilyRevision) – Family description.

• mem_type (MemoryType) – Used memory type.

• config_type (ConfigurationBlockType) – Config type: either simplified or full.

Return type:

str

Returns:

Template of XMCD Block.

classmethod get_supported_configuration_types(family, mem_type)

Return list of supported memory interfaces.

Return type:

list[ConfigurationBlockType]

Returns:

List of supported family interfaces.

classmethod get_validation_schemas(family, mem_type=MemoryType(tag=4, label='flexspi_nor', description='Flexspi NOR'), config_type=ConfigurationBlockType(tag=0, label='simplified', description='Simplified configuration'))

Create the validation schema.

Parameters:

• family (FamilyRevision) – Family description.

• mem_type (MemoryType) – Used memory type.

• config_type (ConfigurationBlockType) – Config type: either simplified or full.

Raises:

SPSDKError – Family or revision is not supported.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

classmethod get_validation_schemas_basic()

Create the validation schema just for supported families.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas for XMCD supported families.

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

classmethod load_from_config(config)

Load XMCD object from configuration.

Parameters:

config (Config) – Configuration dictionary.

Return type:

Self

Returns:

Initialized XMCD object.

classmethod parse(binary, offset=0, family=Unknown, Revision: latest)

Parse binary block into XMCD object.

Parameters:

• binary (bytes) – binary image.

• offset (int) – Offset of XMCD in binary image.

• family (FamilyRevision) – Chip family.

Raises:

SPSDKError – If given binary block size is not equal to block size in header

Return type:

Self

static pre_parse_verify(data, family)

Pre-Parse verify of XMCD.

Parameters:

• data (bytes) – Binary data withXMCD to be verified.

• family (FamilyRevision) – Device family.

Return type:

Verifier

Returns:

Verifier of pre-parsed binary data.

property registers: Registers

Configuration block registers.

property size: int

XMCD size.

verify()

Verify XMCD data.

Return type:

Verifier

class spsdk.image.xmcd.xmcd.XMCDHeader(family)

Bases: object

External Memory Configuration Data Header.

Initialize the XMCD Header.

TAG = 12

property config_block_size: int

Size of XMCD config data blob.

property config_type: ConfigurationBlockType

Config type property.

property mem_type: MemoryType

Memory type property.

parse(data)

Parse XMCD Header from binary data.

Return type:

None

property size: int

Header size.

property supported_mem_types: list[MemoryType]

Get list if supported memory types.

verify(mem_type=None, config_type=None, xmcd_size=None)

Verify XMCD header data.

Return type:

Verifier

property xmcd_size: int

The size of configuration block including XMCD header itself.

Inline Encryption Engine (IEE)

This module contains IEE (In-Line Encryption Engine) related code.

On-the-Fly AES Decryption (OTFAD)

This module contains OTFAD (On-the-Fly AES Decryption) related code.

Certification blocks

Module for handling Certificate block.

class spsdk.image.cert_block.cert_blocks.CertBlock(family)

Bases: FeatureBaseClass

Common general class for various CertBlocks.

Base constructor of certificate block.

FEATURE: str = 'cert_block'

classmethod find_main_cert_index(config)

Go through all certificates and find the index matching to private key.

Parameters:

config (Config) – Configuration to be searched.

Return type:

Optional[int]

Returns:

List of root certificates.

classmethod get_all_supported_families()

Get supported families for all certification blocks.

Return type:

list[FamilyRevision]

classmethod get_cert_block_class(family)

Get certification block class by family name.

Parameters:

family (FamilyRevision) – Chip family

Raises:

SPSDKError – No certification block class found for given family

Return type:

Type[CertBlock]

classmethod get_cert_block_classes()

Get list of all cert block classes.

Return type:

list[Type[CertBlock]]

classmethod get_main_cert_index(config)

Gets main certificate index from configuration.

Parameters:

config (Config) – Input standard configuration.

Return type:

int

Returns:

Certificate index

Raises:

• SPSDKError – If invalid configuration is provided.

• SPSDKError – If correct certificate could not be identified.

• SPSDKValueError – If certificate is not of correct type.

get_root_public_key()

Get the root public key from the certificate block.

Raises:

SPSDKNotImplementedError – When called on the base class (this method must be implemented by subclasses)

Return type:

PublicKey

classmethod get_validation_schemas_from_cfg(config)

Get validation schema based on configuration.

Parameters:

config (Config) – Valid configuration

Return type:

list[dict[str, Any]]

Returns:

Validation schemas

classmethod parse(data, family=Unknown, Revision: latest)

Parse Certification block from binary file.

Parameters:

• data (bytes) – Binary data of certification block

• family (FamilyRevision) – Chip family

Raises:

SPSDKNotImplementedError – The method is not implemented in sub class

Return type:

Self

property rkth: bytes

Root Key Table Hash 32-byte hash (SHA-256) of SHA-256 hashes of up to four root public keys.

class spsdk.image.cert_block.cert_blocks.CertBlockHeader(version='1.0', flags=0, build_number=0)

Bases: BaseClass

Certificate block header.

Constructor.

Parameters:

• version (str) – Version of the certificate in format n.n

• flags (int) – Flags for the Certificate Header

• build_number (int) – of the certificate

Raises:

SPSDKError – When there is invalid version

FORMAT = '<4s2H6I'

SIGNATURE = b'cert'

SIZE = 32

export()

Certificate block in binary form.

Return type:

bytes

classmethod parse(data)

Parse object from bytes array.

Parameters:

data (bytes) – Input data as bytes

Return type:

Self

Returns:

Certificate Header instance

Raises:

SPSDKError – Unexpected size or signature of data

class spsdk.image.cert_block.cert_blocks.CertBlockV1(family, version='1.0', flags=0, build_number=0)

Bases: CertBlock

Certificate block.

Shared for SB file 2.1 and for MasterBootImage using RSA keys.

Constructor.

Parameters:

• family (FamilyRevision) – Chip family information

• version (str) – of the certificate in format n.n

• flags (int) – Flags for the Certificate Block Header

• build_number (int) – of the certificate

DEFAULT_ALIGNMENT = 16

SUB_FEATURE: Optional[str] = 'based_on_cert1'

add_certificate(cert)

Add certificate.

First call adds root certificate. Additional calls add chain certificates.

Parameters:

cert (Union[bytes, Certificate]) – The certificate itself in DER format

Raises:

SPSDKError – If certificate cannot be added

Return type:

None

property alignment: int

Alignment of the binary output, by default it is DEFAULT_ALIGNMENT but can be customized.

property certificates: list[Certificate]

List of certificates in header.

First certificate is root certificate and followed by optional chain certificates

property expected_size: int

Expected size of binary block.

export()

Export Certificate Block V1 object.

Return type:

bytes

get_config(data_path='./')

Create configuration of Certificate V2 from object.

Parameters:

data_path (str) – Output folder to store possible files.

Return type:

Config

Returns:

Configuration dictionary.

get_root_public_key()

Get the root public key from the certificate block.

Return type:

PublicKey

Returns:

Public key object

classmethod get_validation_schemas(family)

Create the list of validation schemas.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

property header: CertBlockHeader

Certificate block header.

property image_length: int

Image length in bytes.

classmethod load_from_config(config)

Creates an instance of CertBlockV1 from configuration.

Parameters:

config (Config) – Input standard configuration.

Return type:

Self

Returns:

Instance of CertBlockV1

Raises:

SPSDKError – Invalid certificates detected, Invalid configuration.

classmethod parse(data, family=Unknown, Revision: latest)

Parse CertBlockV1 from binary file.

Parameters:

• data (bytes) – Binary data

• family (FamilyRevision) – The MCU family

Return type:

Self

Returns:

Certificate Block instance

Raises:

SPSDKError – Length of the data doesn’t match Certificate Block length

property raw_size: int

Aligned size of the certificate block.

property rkh: list[bytes]

List of root keys hashes (SHA-256), each hash as 32 bytes.

property rkh_index: int | None

Index of the Root Key Hash that matches the certificate; None if does not match.

property rkth: bytes

Root Key Table Hash 32-byte hash (SHA-256) of SHA-256 hashes of up to four root public keys.

property rkth_fuses: list[int]

List of RKHT fuses, ordered from highest bit to lowest.

Note: Returned values are in format that should be passed for blhost

set_root_key_hash(index, key_hash)

Add Root Key Hash into RKHT.

Note: Multiple root public keys are supported to allow for key revocation.

Parameters:

• index (int) – The index of Root Key Hash in the table

• key_hash (Union[bytes, bytearray, Certificate]) – The Root Key Hash value (32 bytes, SHA-256); or Certificate where the hash can be created from public key

Raises:

• SPSDKError – When there is invalid index of root key hash in the table

• SPSDKError – When there is invalid length of key hash

Return type:

None

property signature_size: int

Size of the signature in bytes.

verify_data(signature, data)

Signature verification.

Parameters:

• signature (bytes) – to be verified

• data (bytes) – that has been signed

Return type:

bool

Returns:

True if the data signature can be confirmed using the certificate; False otherwise

verify_private_key(private_key)

Verify that given private key matches the public certificate.

Parameters:

private_key (PrivateKeyRsa) – to be tested

Return type:

bool

Returns:

True if yes; False otherwise

class spsdk.image.cert_block.cert_blocks.CertBlockV21(family, root_certs=None, ca_flag=False, version='2.1', used_root_cert=0, constraints=0, signature_provider=None, isk_cert=None, user_data=None)

Bases: CertBlock

Create Certificate block version 2.1.

Used for SB 3.1 and MBI using ECC keys.

The Constructor for Certificate block.

FORMAT_VERSION = '2.1'

MAGIC = b'chdr'

SUB_FEATURE: Optional[str] = 'based_on_cert21'

calculate()

Calculate all internal members.

Return type:

None

property expected_size: int

Expected size of binary block.

export()

Export Certificate block as bytes array.

Return type:

bytes

get_config(data_path='./')

Create configuration dictionary of the Certification block Image.

Parameters:

data_path (str) – Path to store the data files of configuration.

Return type:

Config

Returns:

Configuration dictionary.

get_root_public_key()

Get the root public key from the certificate block.

Return type:

PublicKey

Returns:

Public key object

classmethod get_validation_schemas(family)

Create the list of validation schemas.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

classmethod load_from_config(config)

Creates an instance of CertBlockV21 from configuration.

Parameters:

config (Config) – Input standard configuration.

Return type:

Self

Returns:

Instance of CertBlockV21

Raises:

SPSDKError – If found gap in certificates from config file. Invalid configuration.

classmethod parse(data, family=Unknown, Revision: latest)

Parse CertBlockV21 from binary file.

Parameters:

• data (bytes) – Binary data

• family (FamilyRevision) – The MCU family

Return type:

Self

Returns:

Certificate Block instance

Raises:

SPSDKError – Length of the data doesn’t match Certificate Block length

property rkth: bytes

Root Key Table Hash 32-byte hash (SHA-256) of SHA-256 hashes of up to four root public keys.

property signature_size: int

Size of the signature in bytes.

validate()

Validate the settings of class members.

Raises:

SPSDKError – Invalid configuration of certification block class members.

Return type:

None

class spsdk.image.cert_block.cert_blocks.CertBlockVx(family, isk_cert, signature_provider=None, self_signed=True)

Bases: CertBlock

Create Certificate block for MC56xx.

The Constructor for Certificate block.

ISK_CERT_HASH_LENGTH = 16

ISK_CERT_LENGTH = 136

SUB_FEATURE: Optional[str] = 'based_on_certx'

property cert_hash: bytes

Calculate first half [:127] of certificate hash.

property expected_size: int

Expected size of binary block.

export()

Export Certificate block as bytes array.

Return type:

bytes

get_config(data_path='./')

Create configuration of the Certification block Image.

Return type:

Config

get_otp_script()

Return script for writing certificate hash to OTP.

Return type:

str

Returns:

string value of blhost script

get_tbs_data()

Get To-Be-Signed data.

Return type:

bytes

classmethod get_validation_schemas(family)

Create the list of validation schemas.

Return type:

list[dict[str, Any]]

Returns:

List of validation schemas.

classmethod load_from_config(config)

Creates an instance of CertBlockVx from configuration.

Parameters:

config (Config) – Input standard configuration.

Return type:

Self

Returns:

CertBlockVx

Raises:

SPSDKError – If found gap in certificates from config file. Invalid configuration.

classmethod parse(data, family=Unknown, Revision: latest)

Parse CertBlockVx from binary file.

Parameters:

• data (bytes) – Binary data

• family (FamilyRevision) – The MCU family

Return type:

Self

Returns:

Certificate Block instance

Raises:

SPSDKError – Length of the data doesn’t match Certificate Block length

validate()

Validate the settings of class members.

Raises:

SPSDKError – Invalid configuration of certification block class members.

Return type:

None

class spsdk.image.cert_block.cert_blocks.CertificateBlockHeader(format_version='2.1')

Bases: BaseClass

Create Certificate block header.

Constructor for Certificate block header version 2.1.

Parameters:

format_version (str) – Major = 2, minor = 1

FORMAT = '<4s2HL'

MAGIC = b'chdr'

SIZE = 12

export()

Export Certificate block header as bytes array.

Return type:

bytes

classmethod parse(data)

Parse Certificate block header from bytes array.

Parameters:

data (bytes) – Input data as bytes

Raises:

• SPSDKError – Raised when SIZE is bigger than length of the data without offset

• SPSDKError – Raised when magic is not equal MAGIC

Return type:

Self

Returns:

CertificateBlockHeader

class spsdk.image.cert_block.cert_blocks.CertificateBlockHeaderV2_2(format_version='2.2')

Bases: CertificateBlockHeader

Create Certificate block header with v2.2 format that includes flags.

Constructor for Certificate block header version 2.2.

Parameters:

format_version (str) – Major = 2, minor = 2

FORMAT = '<4s2H2L'

SIZE = 16

export()

Export Certificate block header as bytes array.

Return type:

bytes

classmethod parse(data)

Parse Certificate block header from bytes array.

Parameters:

data (bytes) – Input data as bytes

Raises:

• SPSDKError – Raised when SIZE is bigger than length of the data without offset

• SPSDKError – Raised when magic is not equal MAGIC

Return type:

Self

Returns:

CertificateBlockHeaderV2_2

class spsdk.image.cert_block.cert_blocks.IskCertificate(constraints=0, signature_provider=None, isk_cert=None, user_data=None, offset_present=True, family=None)

Bases: BaseClass

Create ISK certificate.

Constructor for ISK certificate.

Parameters:

• constraints (int) – Certificate version

• signature_provider (Optional[SignatureProvider]) – ISK Signature Provider

• isk_cert (Union[PublicKeyEcc, bytes, None]) – ISK certificate

• user_data (Optional[bytes]) – User data

create_isk_signature(key_record_data, force=False)

Function to create ISK signature.

Raises:

SPSDKError – Signature provider is not specified.

Return type:

None

property expected_size: int

Binary block expected size.

export()

Export ISK certificate as bytes array.

Return type:

bytes

classmethod parse(data, signature_size)

Parse ISK certificate from bytes array.This operation is not supported.

Parameters:

• data (bytes) – Input data as bytes array

• signature_size (int) – The signature size of ISK block

Raises:

NotImplementedError – This operation is not supported

Return type:

Self

property signature_offset: int

Signature offset inside the ISK Certificate.

class spsdk.image.cert_block.cert_blocks.IskCertificateLite(pub_key, constraints=1)

Bases: BaseClass

ISK certificate lite.

Constructor for ISK certificate.

Parameters:

• pub_key (Union[PublicKeyEcc, bytes]) – ISK public key

• constraints (int) – 1 = self signed, 0 = nxp signed

• user_data – User data

HEADER_FORMAT = '<HHI'

ISK_PUB_KEY_LENGTH = 64

ISK_SIGNATURE_SIZE = 64

MAGIC = 19779

SIGNATURE_OFFSET = 72

VERSION = 1

create_isk_signature(signature_provider, force=False)

Function to create ISK signature.

Parameters:

• signature_provider (Optional[SignatureProvider]) – Signature Provider

• force (bool) – Force resign.

Raises:

SPSDKError – Signature provider is not specified.

Return type:

None

property expected_size: int

Binary block expected size.

export()

Export ISK certificate as bytes array.

Return type:

bytes

get_tbs_data()

Get To-Be-Signed data.

Return type:

bytes

classmethod parse(data)

Parse ISK certificate from bytes array.

Parameters:

data (bytes) – Input data as bytes array

Raises:

NotImplementedError – This operation is not supported

Return type:

Self

class spsdk.image.cert_block.cert_blocks.RootKeyRecord(ca_flag, root_certs=None, used_root_cert=0)

Bases: BaseClass

Create Root key record.

Constructor for Root key record.

Parameters:

• ca_flag (bool) – CA flag

• root_certs (Union[Sequence[PublicKeyEcc], Sequence[bytes], None]) – Root cert used to ISK/image signature

• used_root_cert (int) – Used root cert number 0-3

calculate()

Calculate all internal members.

Raises:

SPSDKError – The RKHT certificates inputs are missing.

Return type:

None

property expected_size: int

Get expected binary block size.

export()

Export Root key record as bytes array.

Return type:

bytes

static get_hash_algorithm(flags)

Get CTRK table hash algorithm.

Parameters:

flags (int) – Root Key Record flags

Return type:

EnumHashAlgorithm

Returns:

Name of hash algorithm

property number_of_certificates: int

Get number of included certificates.

classmethod parse(data)

Parse Root key record from bytes array.

Parameters:

data (bytes) – Input data as bytes array

Return type:

Self

Returns:

Root key record object

spsdk.image.cert_block.cert_blocks.convert_to_ecc_key(key)

Convert key into EccKey instance.

Return type:

PublicKeyEcc

spsdk.image.cert_block.cert_blocks.find_root_certificates(config)

Find all root certificates in configuration.

Parameters:

config (dict[str, Any]) – Configuration to be searched.

Raises:

SPSDKError – If invalid configuration is provided.

Return type:

list[str]

Returns:

List of root certificates.

spsdk.image.cert_block.cert_blocks.get_keys_or_rotkh_from_certblock_config(rot, family)

Get keys or ROTKH value from ROT config.

ROT config might be cert block config or MBI config. There are four cases how cert block might be configured.

1. MBI with certBlock property pointing to YAML file

2. MBI with certBlock property pointing to BIN file

3. YAML configuration of cert block

4. Binary cert block

Parameters:

• rot (Optional[str]) – Path to ROT configuration (MBI or cert block) or path to binary cert block

• family (Optional[FamilyRevision]) – MCU family

Raises:

SPSDKError – In case the ROTKH or keys cannot be parsed

Return type:

tuple[Optional[Iterable[str]], Optional[bytes]]

Returns:

Tuple containing root of trust (list of paths to keys) or ROTKH in case of binary cert block

Certification blocks - Root Keys Hash Table (RKHT)

The module provides support for Root Key Hash table.

class spsdk.image.cert_block.rkht.RKHT(rkh_list)

Bases: object

Root Key Hash Table class.

Initialization of Root Key Hash Table class.

Parameters:

rkh_list (list[bytes]) – List of Root Key Hashes

static convert_key(key, password=None, search_paths=None)

Convert practically whole input that could hold Public key into public key.

Parameters:

• key (Union[str, bytes, bytearray, PublicKey, PrivateKey, Certificate]) – Public key in Certificate/Private key, Public key as a path to file, loaded bytes or supported class.

• password (Optional[str]) – Optional password to open secured private keys, defaults to None.

• search_paths (Optional[list[str]]) – List of paths where to search for the file, defaults to None

Raises:

SPSDKError – Invalid kye type.

Return type:

PublicKey

Returns:

Public Key object.

classmethod from_keys(keys, password=None, search_paths=None)

Create RKHT from list of keys.

Parameters:

• keys (Sequence[Union[str, bytes, bytearray, PublicKey, PrivateKey, Certificate]]) – List of public keys/certificates/private keys/bytes

• password (Optional[str]) – Optional password to open secured private keys, defaults to None

• search_paths (Optional[list[str]]) – List of paths where to search for the file, defaults to None

Return type:

Self

static get_class(family)

Return the RKHT class for given family.

Parameters:

family (FamilyRevision) – The family

Return type:

Type[RKHT]

Returns:

Class RKHT corresponding for given family.

Raises:

SPSDKError – When there is invalid seal count

property hash_algorithm: EnumHashAlgorithm

Used hash algorithm name.

property hash_algorithm_size: int

Used hash algorithm size in bites.

abstract rkth()

Root Key Table Hash.

Return type:

bytes

Returns:

Hash of hashes of public keys.

class spsdk.image.cert_block.rkht.RKHTv1(rkh_list)

Bases: RKHT

Root Key Hash Table class for cert block v1.

Initialization of Root Key Hash Table class.

Parameters:

rkh_list (list[bytes]) – List of Root Key Hashes

RKHT_SIZE = 4

RKH_SIZE = 32

export()

Export RKHT as bytes.

Return type:

bytes

property hash_algorithm: EnumHashAlgorithm

Used Hash algorithm name.

classmethod parse(rkht)

Parse Root Key Hash Table into RKHTv1 object.

Parameters:

rkht (bytes) – Valid RKHT table

Return type:

Self

rkth()

Root Key Table Hash.

Return type:

bytes

Returns:

Hash of Hashes of public key.

set_rkh(index, rkh)

Set Root Key Hash with index.

Parameters:

• index (int) – Index in the hash table

• rkh (bytes) – Root Key Hash to be set

Return type:

None

class spsdk.image.cert_block.rkht.RKHTv21(rkh_list)

Bases: RKHT

Root Key Hash Table class for cert block v2.1.

Initialization of Root Key Hash Table class.

Parameters:

rkh_list (list[bytes]) – List of Root Key Hashes

export()

Export RKHT as bytes.

Return type:

bytes

classmethod parse(rkht, hash_algorithm)

Parse Root Key Hash Table into RKHTv21 object.

Parameters:

• rkht (bytes) – Valid RKHT table

• hash_algorithm (EnumHashAlgorithm) – Hash algorithm to be used

Return type:

Self

rkth()

Root Key Table Hash.

Return type:

bytes

Returns:

Hash of Hashes of public key.

Certification blocks - Root Of Trust (RoT)

The module provides support for RoT hash calculation .

class spsdk.image.cert_block.rot.Rot(family, keys_or_certs, password=None, search_paths=None)

Bases: object

Root of Trust object providing an abstraction over the RoT hash calculation for multiple device families.

Root of Trust initialization.

calculate_hash()

Calculate RoT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

classmethod get_rot_class(family)

Get RoT class.

Return type:

Type[RotBase]

classmethod get_supported_families()

Get all supported families.

Return type:

list[FamilyRevision]

class spsdk.image.cert_block.rot.RotBase(keys_or_certs, password=None, search_paths=None)

Bases: object

Root of Trust base class.

Rot initialization.

abstract calculate_hash()

Calculate ROT hash.

Return type:

bytes

abstract export()

Calculate ROT table.

Return type:

bytes

rot_type: Optional[str] = None

class spsdk.image.cert_block.rot.RotCertBlockv1(keys_or_certs, password=None, search_paths=None)

Bases: RotBase

Root of Trust for certificate block v1 class.

Rot cert block v1 initialization.

calculate_hash()

Calculate RoT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

rot_type: Optional[str] = 'cert_block_1'

class spsdk.image.cert_block.rot.RotCertBlockv21(keys_or_certs, password=None, search_paths=None)

Bases: RotBase

Root of Trust for certificate block v21 class.

Rot cert block v21 initialization.

calculate_hash()

Calculate ROT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

rot_type: Optional[str] = 'cert_block_21'

class spsdk.image.cert_block.rot.RotSrkTableAhab(keys_or_certs, password=None, search_paths=None)

Bases: RotBase

Root of Trust for AHAB SrkTable class.

AHAB SRK table initialization.

calculate_hash()

Calculate ROT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

rot_type: Optional[str] = 'srk_table_ahab'

class spsdk.image.cert_block.rot.RotSrkTableAhabV2(keys_or_certs, password=None, search_paths=None)

Bases: RotBase

Root of Trust for AHAB SrkTable version 2 class.

AHAB SRK table initialization.

calculate_hash()

Calculate ROT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

rot_type: Optional[str] = 'srk_table_ahab_v2'

class spsdk.image.cert_block.rot.RotSrkTableHab(keys_or_certs, password=None, search_paths=None)

Bases: RotBase

Root of Trust for HAB SrkTable class.

HAB SRK table initialization.

calculate_hash()

Calculate ROT hash.

Return type:

bytes

export()

Export RoT.

Return type:

bytes

rot_type: Optional[str] = 'srk_table_hab'