wen/luban-lite-t3e-pro
1
0
Fork 0
mirror of https://gitee.com/Vancouver2017/luban-lite-t3e-pro.git synced 2025-12-14 10:28:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b4033d8696b77dddcafce4e00eaaf2a01ccc38fb
luban-lite-t3e-pro/doc/topics/sdk/secure/firmware_encryption_with_spienc.html
刘可亮 b4033d8696 add doc v1.1.2
2025-01-23 16:37:00 +08:00

335 lines
46 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-cn" lang="zh-cn" data-whc_version="26.0">
<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><meta name="viewport" content="width=device-width, initial-scale=1.0"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="description" content="本节以 D13x 系列芯片为例,演示固件加密的具体流程。关于 eFuse 烧录区域,可参考对应用户手册。 完成本节所有操作后,编译镜像直接使用 AiBurn 工具进行烧录即可。 配置 BROM 中的 SPI_ENC_EN 比特位 使能 BROM 中 SPI_ENC 功能,在开发板平台命令行执行下列命令,烧录下列 eFuse 信息中的 SPI_ENC_EN 比特位: efuse writehex ..."/><meta name="DC.rights.owner" content="(C) 版权 2025"/><meta name="copyright" content="(C) 版权 2025"/><meta name="generator" content="DITA-OT"/><meta name="DC.type" content="topic"/><meta name="DC.relation" content="../../../topics/sdk/secure/chapter-secure.html"/><meta name="DC.relation" content="../../../topics/sdk/secure/chapter-secure.html"/><meta name="DC.relation" content="../../../topics/sdk/secure/hw_authorization.html"/><meta name="DC.contributor" content="yan.wang"/><meta name="DC.contributor" content="yan.wang"/><meta name="DC.date.modified" content="2024-01-15"/><meta name="DC.format" content="HTML5"/><meta name="DC.identifier" content="id"/><meta name="DC.language" content="zh-CN"/><title>固件加密-SPIENC</title><!-- Build number 2023110923. --><meta name="wh-path2root" content="../../../"/><meta name="wh-toc-id" content="id-d5856e1818"/><meta name="wh-source-relpath" content="topics/sdk/secure/firmware_encryption_with_spienc.dita"/><meta name="wh-out-relpath" content="topics/sdk/secure/firmware_encryption_with_spienc.html"/>
<link rel="stylesheet" type="text/css" href="../../../webhelp/app/commons.css?buildId=2023110923"/>
<link rel="stylesheet" type="text/css" href="../../../webhelp/app/topic.css?buildId=2023110923"/>
<script src="../../../webhelp/app/options/properties.js?buildId=20250121171154"></script>
<script src="../../../webhelp/app/localization/strings.js?buildId=2023110923"></script>
<script src="../../../webhelp/app/search/index/keywords.js?buildId=20250121171154"></script>
<script defer="defer" src="../../../webhelp/app/commons.js?buildId=2023110923"></script>
<script defer="defer" src="../../../webhelp/app/topic.js?buildId=2023110923"></script>
<link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-styles-web.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/notes.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-common.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-images.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/footnote.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-web-watermark.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/topic-body-list.css?buildId=2023110923"/></head>
<body id="id" class="wh_topic_page frmBody">
<a href="#wh_topic_body" class="sr-only sr-only-focusable">
跳转到主要内容
</a>
<header class="navbar navbar-default wh_header">
<div class="container-fluid">
<div class="wh_header_flex_container navbar-nav navbar-expand-md navbar-dark">
<div class="wh_logo_and_publication_title_container">
<div class="wh_logo_and_publication_title">
<a href="http://www.artinchip.com" class=" wh_logo d-none d-sm-block "><img src="../../../company-logo-white.png" alt="RTOS SDK 使用指南SDK 指南文件"/></a>
<div class=" wh_publication_title "><a href="../../../index.html"><span class="booktitle"><span class="ph mainbooktitle">RTOS SDK 使用指南</span><span class="ph booktitlealt">SDK 指南文件</span></span></a></div>
</div>
</div>
<div class="wh_top_menu_and_indexterms_link collapse navbar-collapse" id="wh_top_menu_and_indexterms_link">
</div>
</div>
</div>
</header>
<div class=" wh_search_input navbar-form wh_topic_page_search search " role="form">
<form id="searchForm" method="get" role="search" action="../../../search.html"><div><input type="search" placeholder="搜索 " class="wh_search_textfield" id="textToSearch" name="searchQuery" aria-label="搜索查询" required="required"/><button type="submit" class="wh_search_button" aria-label="搜索"><span class="search_input_text">搜索</span></button></div></form>
</div>
<div class="container-fluid" id="wh_topic_container">
<div class="row">
<nav class="wh_tools d-print-none navbar-expand-md" aria-label="Tools">
<div data-tooltip-position="bottom" class=" wh_breadcrumb "><ol class="d-print-none"><li><span class="home"><a href="../../../index.html"><span>主页</span></a></span></li><li><div class="topicref" data-id="concept_rcx_czh_pzb"><div class="title"><a href="../../../topics/sdk/chapter-app.html">应用场景</a><div class="wh-tooltip"><p class="shortdesc">描述了 SDK 在不同应用场景中的配置和使用包括系统更新、OTA、安全方案等。</p></div></div></div></li><li><div class="topicref" data-id="id"><div class="title"><a href="../../../topics/sdk/secure/chapter-secure.html">安全方案</a></div></div></li><li class="active"><div class="topicref" data-id="id"><div class="title"><a href="../../../topics/sdk/secure/firmware_encryption_with_spienc.html">固件加密-SPIENC</a></div></div></li></ol></div>
<div class="wh_right_tools">
<button class="wh_hide_highlight" aria-label="切换搜索突出显示" title="切换搜索突出显示"></button>
<button class="webhelp_expand_collapse_sections" data-next-state="collapsed" aria-label="折叠截面" title="折叠截面"></button>
<div class=" wh_navigation_links "><span id="topic_navigation_links" class="navheader">
<span class="navprev"><a class="- topic/link link" href="../../../topics/sdk/secure/chapter-secure.html" title="安全方案" aria-label="上一主题: 安全方案" rel="prev"></a></span>
<span class="navnext"><a class="- topic/link link" href="../../../topics/sdk/secure/hw_authorization.html" title="硬件授权认证" aria-label="下一主题: 硬件授权认证" rel="next"></a></span> </span></div>
<div class=" wh_print_link print d-none d-md-inline-block "><button onClick="window.print()" title="打印此页" aria-label="打印此页"></button></div>
<button type="button" id="wh_toc_button" class="custom-toggler navbar-toggler collapsed wh_toggle_button navbar-light" aria-expanded="false" aria-label="Toggle publishing table of content" aria-controls="wh_publication_toc">
<span class="navbar-toggler-icon"></span>
</button>
</div>
</nav>
</div>
<div class="wh_content_area">
<div class="row">
<nav id="wh_publication_toc" class="col-lg-3 col-md-3 col-sm-12 d-md-block d-none d-print-none" aria-label="Table of Contents Container">
<div id="wh_publication_toc_content">
<div class=" wh_publication_toc " data-tooltip-position="right"><span class="expand-button-action-labels"><span id="button-expand-action" role="button" aria-label="Expand"></span><span id="button-collapse-action" role="button" aria-label="Collapse"></span><span id="button-pending-action" role="button" aria-label="Pending"></span></span><ul role="tree" aria-label="Table of Contents"><li role="treeitem"><div data-tocid="revinfo_linux-d5856e989" class="topicref" data-id="revinfo_linux" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/revinfo/revinfo_rtos.html" id="revinfo_linux-d5856e989-link">修订记录</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1003" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1003-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/env/sdk-compile.html" id="id-d5856e1003-link">SDK 编译</a><div class="wh-tooltip"><p class="shortdesc">介绍不同编译环境下 SDK 的详细编译流程。</p></div></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1152" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1152-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/advanced/sdk-usage.html" id="id-d5856e1152-link">使用指南</a><div class="wh-tooltip"><p class="shortdesc">系统镜像、编译选项、开发板、应用等相关的详细使用说明。</p></div></div></div></li><li role="treeitem" aria-expanded="true"><div data-tocid="concept_rcx_czh_pzb-d5856e1416" class="topicref" data-id="concept_rcx_czh_pzb" data-state="expanded"><span role="button" tabindex="0" aria-labelledby="button-collapse-action concept_rcx_czh_pzb-d5856e1416-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/chapter-app.html" id="concept_rcx_czh_pzb-d5856e1416-link">应用场景</a><div class="wh-tooltip"><p class="shortdesc">描述了 SDK 在不同应用场景中的配置和使用包括系统更新、OTA、安全方案等。</p></div></div></div><ul role="group" class="navbar-nav nav-list"><li role="treeitem"><div data-tocid="id-d5856e1431" class="topicref" data-id="id" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/usb/udisk.html" id="id-d5856e1431-link">挂载 U 盘 </a></div></div></li><li role="treeitem"><div data-tocid="id-d5856e1443" class="topicref" data-id="id" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/sdmc/sdcard.html" id="id-d5856e1443-link">挂载 SD 卡</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1455" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1455-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/burnsys/burnsys_user_guide.html" id="id-d5856e1455-link">系统更新</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1553" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1553-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/ota/ota_guide.html" id="id-d5856e1553-link">OTA 方案</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1657" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1657-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/xip/xip_user_guide.html" id="id-d5856e1657-link">XIP 方案 </a></div></div></li><li role="treeitem"><div data-tocid="id-d5856e1734" class="topicref" data-id="id" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/app/psram_load.html" id="id-d5856e1734-link">分散加载</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1746" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1746-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/app/dm.html" id="id-d5856e1746-link">动态加载 (DM-APP)</a></div></div></li><li role="treeitem" aria-expanded="true"><div data-tocid="id-d5856e1806" class="topicref" data-id="id" data-state="expanded"><span role="button" tabindex="0" aria-labelledby="button-collapse-action id-d5856e1806-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/secure/chapter-secure.html" id="id-d5856e1806-link">安全方案</a></div></div><ul role="group" class="navbar-nav nav-list"><li role="treeitem" class="active"><div data-tocid="id-d5856e1818" class="topicref" data-id="id" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/secure/firmware_encryption_with_spienc.html" id="id-d5856e1818-link">固件加密-SPIENC</a></div></div></li><li role="treeitem"><div data-tocid="hw_authentication-d5856e1830" class="topicref" data-id="hw_authentication" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/secure/hw_authorization.html" id="hw_authentication-d5856e1830-link">硬件授权认证 </a></div></div></li><li role="treeitem"><div data-tocid="id-d5856e1842" class="topicref" data-id="id" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/secure/spienc_function_d12x.html" id="id-d5856e1842-link">防抄板-SPIENC-D12x</a></div></div></li><li role="treeitem"><div data-tocid="spienc_function-d5856e1854" class="topicref" data-id="spienc_function" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/secure/spienc_function_d13x.html" id="spienc_function-d5856e1854-link">防抄板-SPIENC-D13x</a></div></div></li></ul></li><li role="treeitem"><div data-tocid="mkfs_partition_image-d5856e1866" class="topicref" data-id="mkfs_partition_image" data-state="leaf"><span role="button" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/app/mkfs_partition_image.html" id="mkfs_partition_image-d5856e1866-link">制作分区镜像</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1878" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1878-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/d13x_bare_boot/index.html" id="id-d5856e1878-link">客制化启动</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e1963" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e1963-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/burnsys/burner_offline_lite.html" id="id-d5856e1963-link">离线烧录</a></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="usb_display-d5856e2011" class="topicref" data-id="usb_display" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action usb_display-d5856e2011-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/app/usb-display.html" id="usb_display-d5856e2011-link">USB Display 方案</a></div></div></li></ul></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e2119" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e2119-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/peripheral/peripheral-intro.html" id="id-d5856e2119-link">外设移植</a><div class="wh-tooltip"><p class="shortdesc"><span class="ph">CTP、U 盘、SD 卡、有线和无线网络</span>等外设的介绍和使用说明。</p></div></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e2244" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e2244-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/bringup/chapter-bringup.html" id="id-d5856e2244-link">BringUp</a><div class="wh-tooltip"><p class="shortdesc">在硬件上电后快速初始化系统,为操作系统的启动准备好必要的硬件环境。</p></div></div></div></li><li role="treeitem" aria-expanded="false"><div data-tocid="id-d5856e2345" class="topicref" data-id="id" data-state="not-ready"><span role="button" tabindex="0" aria-labelledby="button-expand-action id-d5856e2345-link" class="wh-expand-btn"></span><div class="title"><a href="../../../topics/sdk/chapter-advanced-app.html" id="id-d5856e2345-link">高级应用</a><div class="wh-tooltip"><p class="shortdesc">系统、存储、多媒体、接口、安全等模块的详细配置和设计说明。</p></div></div></div></li></ul></div>
</div>
</nav>
<div class="col-lg-7 col-md-9 col-sm-12" id="wh_topic_body">
<button id="wh_close_publication_toc_button" class="close-toc-button d-none" aria-label="Toggle publishing table of content" aria-controls="wh_publication_toc" aria-expanded="true">
<span class="close-toc-icon-container">
<span class="close-toc-icon"></span>
</span>
</button>
<button id="wh_close_topic_toc_button" class="close-toc-button d-none" aria-label="Toggle topic table of content" aria-controls="wh_topic_toc" aria-expanded="true">
<span class="close-toc-icon-container">
<span class="close-toc-icon"></span>
</span>
</button>
<div class=" wh_topic_content body "><main role="main"><article class="- topic/topic topic" role="article" aria-labelledby="ariaid-title1"><span class="edit-link" style="font-size:12px; opacity:0.6; text-align:right; vertical-align:middle"><a target="_blank" href="http://172.16.35.88/tasks/jdssno1uvvbf2mltu9kb9v3if05d5gopuakboe8hlud18rma/edit/F:/aicdita/aicdita-cn/topics/sdk/secure/firmware_encryption_with_spienc.dita">Edit online</a></span><h1 class="- topic/title title topictitle1" id="ariaid-title1">固件加密-SPIENC</h1><div class="date inPage">15 Jan 2024</div><div style="color: gray;">
Read time: 3 minute(s)
</div><div class="- topic/body body"><p class="- topic/p p" data-ofbid="d241107e19__20250121171659">本节以 D13x
系列芯片为例,演示固件加密的具体流程。关于
eFuse
烧录区域,可参考对应用户手册。</p><p class="- topic/p p" data-ofbid="d241107e25__20250121171659">完成本节所有操作后,编译镜像直接使用 AiBurn 工具进行烧录即可。</p><section class="- topic/section section" data-ofbid="d241107e27__20250121171659"><h2 class="- topic/title title sectiontitle">配置 BROM 中的 SPI_ENC_EN 比特位</h2><p class="- topic/p p" data-ofbid="d241107e30__20250121171659">使能 BROM 中 SPI_ENC
功能,在开发板平台命令行执行下列命令,烧录下列 eFuse 信息中的 SPI_ENC_EN
比特位:</p><pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_b55_14t_vcc" data-ofbid="id__pre_b55_14t_vcc">efuse writehex <span class="hl-number">0x38</span> <span class="hl-number">00000800</span></pre>
上述命令会在地址 0x38 处设置 SPI_ENC_EN 比特位为 1。<div class="table-container"><table class="- topic/table table frame-all" data-ofbid="d241107e35__20250121171659" data-cols="8"><caption></caption><colgroup><col style="width:13.885647607934654%"/><col style="width:11.785297549591599%"/><col style="width:11.90198366394399%"/><col style="width:12.135355892648775%"/><col style="width:11.668611435239207%"/><col style="width:11.668611435239207%"/><col style="width:11.90198366394399%"/><col style="width:15.052508751458577%"/></colgroup><thead class="- topic/thead thead"><tr class="- topic/row"><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__1">用途</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__2">位数</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__3">地址</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__4">禁止位</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__5">禁写</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__6">禁读</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__entry__7">归属</th><th class="- topic/entry entry colsep-0 rowsep-1" id="id__entry__8">备注</th></tr></thead><tbody class="- topic/tbody tbody"><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__1">SECURE</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__2">64</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__3">38~3F</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__4">14~15</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__5">V</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__6">-</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__entry__7">CSTM</td><td class="- topic/entry entry colsep-0 rowsep-0" headers="id__entry__8">安全和调试功能开关</td></tr></tbody></table></div></section><section class="- topic/section section" id="id__secure" data-ofbid="id__secure"><h2 class="- topic/title title sectiontitle">SECURE 区域定义</h2>
<div class="table-container"><table class="- topic/table table frame-all" data-ofbid="d241107e86__20250121171659" data-cols="3"><caption></caption><colgroup><col style="width:16.33986928104575%"/><col style="width:34.64052287581699%"/><col style="width:49.01960784313725%"/></colgroup><thead class="- topic/thead thead"><tr class="- topic/row"><th class="- topic/entry entry colsep-1 rowsep-1" id="id__secure__entry__1">比特位</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__secure__entry__2">名称</th><th class="- topic/entry entry colsep-0 rowsep-1" id="id__secure__entry__3">描述</th></tr></thead><tbody class="- topic/tbody tbody"><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">31:25</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2"><em class="+ topic/ph hi-d/i ph i">-</em>
</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3"><em class="+ topic/ph hi-d/i ph i">-</em>
</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">24</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2">PBP_ENC_EN</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3">BROM 读取使用,使能 PBP 程序加密功能</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">23:20</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2"><em class="+ topic/ph hi-d/i ph i">-</em>
</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3"><em class="+ topic/ph hi-d/i ph i">-</em>
</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">19</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2">SPI_ENC_EN</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3">BROM 读取使用,使能 SPI 总线数据加密功能</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">18</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2"><em class="+ topic/ph hi-d/i ph i">-</em>
</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3"><em class="+ topic/ph hi-d/i ph i">-</em>
</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">17</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2">ENCRYPT_BOOT_EN</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3">BROM 读取使用,使能固件加密启动功能</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">16</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2">SECURE_BOOT_EN</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3">BROM 读取使用,使能安全启动功能</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__1">15:1</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__secure__entry__2"><em class="+ topic/ph hi-d/i ph i">-</em>
</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__secure__entry__3"><em class="+ topic/ph hi-d/i ph i">-</em>
</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__secure__entry__1">0</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__secure__entry__2">JTAG_LOCK</td><td class="- topic/entry entry colsep-0 rowsep-0" headers="id__secure__entry__3">逻辑组合后连接到 CPU 屏蔽 TDO关闭 JTAG 调试功能,在安全方案中烧录为 1</td></tr></tbody></table></div>
<p class="- topic/p p" data-ofbid="d241107e180__20250121171659">具体 eFuse 区域的地址,请参考芯片的数据手册。</p>
</section><div class="- topic/div div section" id="id__spi-enc-en"></div><section class="- topic/section section" id="id__bootloader" data-ofbid="id__bootloader"><h2 class="- topic/title title sectiontitle">
BootLoader
中启用 SPIENC
驱动</h2>
<ol class="- topic/ol ol" id="id__ol_kgv_44t_vcc" data-ofbid="id__ol_kgv_44t_vcc"><li class="- topic/li li" data-ofbid="d241107e190__20250121171659"><span class="- topic/ph ph">Luban-Lite</span> 根目录下执行 <code class="+ topic/ph pr-d/codeph ph codeph">bm</code>,进入 BootLoader 的 menuconfig
功能配置界面。<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__codeblock_sbs_r4t_vcc" data-ofbid="id__codeblock_sbs_r4t_vcc">bm</pre></li><li class="- topic/li li" data-ofbid="d241107e200__20250121171659">进入 menuconfig
功能配置界面,按如下选择启用
QSPI0 的加密功能,配置只打开了 QSPI0 的加密使能作为示例:
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_mqg_54t_vcc" data-ofbid="id__pre_mqg_54t_vcc">Board options ---&gt;
[*] Using Spienc
[*] Enc qspi0
</pre>
</li><li class="- topic/li li" data-ofbid="d241107e205__20250121171659">如果需要,进入 menuconfig
功能配置界面设置
Tweak 值,否则可略过。<p class="- topic/p p" data-ofbid="d241107e207__20250121171659">SPIENC 中的 Tweak 可以影响 COUNTER 的生成,进而改变加密的结果。
如果需要让在不同的产品对相同的数据有不同的加密结果,则可以进入 menuconfig 的功能配置界面调整该值。
</p><pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_xlw_v4t_vcc" data-ofbid="id__pre_xlw_v4t_vcc">Board options ---&gt;
[*] Using spienc ---&gt;
(<span class="hl-number">0</span>) set qspi0 tweak
</pre><p class="- topic/p p" data-ofbid="d241107e211__20250121171659">完成以上配置之后, BootLoader SPI_ENC 驱动将被使能, SPI NOR / SPI NAND
驱动在数据访问时将自动进行数据加解密。</p></li></ol>
</section><section class="- topic/section section" id="id__section_ydv_fk4_fdc" data-ofbid="id__section_ydv_fk4_fdc"><h2 class="- topic/title title sectiontitle">在 RTOS 中启用
SPIENC
驱动
</h2>
<div class="- topic/p p" data-ofbid="d241107e219__20250121171659">
<ol class="- topic/ol ol" id="id__ol_sg2_hk4_fdc" data-ofbid="id__ol_sg2_hk4_fdc"><li class="- topic/li li" data-ofbid="d241107e222__20250121171659"><span class="- topic/ph ph">Luban-Lite</span> 根目录下执行以下命令,进入 RTOS 的 menuconfig
功能配置界面:<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__codeblock_wg2_hk4_fdc" data-ofbid="id__codeblock_wg2_hk4_fdc">scons --menuconfig</pre></li><li class="- topic/li li" data-ofbid="d241107e229__20250121171659">在功能配置界面,按如下选择启用 QSPI0 的加密功能,配置只打开了 QSPI0 的加密使能作为示例:
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__codeblock_xg2_hk4_fdc" data-ofbid="id__codeblock_xg2_hk4_fdc">Board options ---&gt;
[*] Using Spienc
[*] Enc qspi0
</pre>
</li><li class="- topic/li li" data-ofbid="d241107e234__20250121171659">如果需要,进入 menuconfig 功能配置界面设置 Tweak 值,否则可略过。<p class="- topic/p p" data-ofbid="d241107e236__20250121171659">SPIENC 中的 Tweak 可以影响 COUNTER
的生成,进而改变加密的结果。 如果需要让在不同的产品对相同的数据有不同的加密结果,则可以进入 menuconfig
的功能配置界面调整该值。</p><pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__codeblock_yg2_hk4_fdc" data-ofbid="id__codeblock_yg2_hk4_fdc">Board options ---&gt;
[*] Using spienc ---&gt;
(<span class="hl-number">0</span>) set qspi0 tweak
</pre><p class="- topic/p p" data-ofbid="d241107e240__20250121171659">完成以上配置之后, RTOS SPI_ENC 驱动将被使能, SPI NOR/ SPI NAND
驱动在数据访问时将自动进行数据加解密。</p></li></ol>
</div>
</section><section class="- topic/section section" id="id__section_f14_vj4_fdc" data-ofbid="id__section_f14_vj4_fdc"><h2 class="- topic/title title sectiontitle">配置密钥及所需的
KEY 和 COUNTER 值</h2>
<div class="- topic/p p" data-ofbid="d241107e249__20250121171659">SPI_ENC 模块使用 AES-128-CTR 算法对 SPI 总线数据进行加解密,该算法在计算时的密钥有两部分:<ul class="- topic/ul ul simple" id="id__ul_w5w_vj4_fdc" data-ofbid="id__ul_w5w_vj4_fdc"><li class="- topic/li li" data-ofbid="d241107e252__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e254__20250121171659">128 bit AES 密钥(KEY)</p>
</li><li class="- topic/li li" data-ofbid="d241107e257__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e259__20250121171659">128 bit 数据块的 COUNTER 值</p>
</li></ul></div>
<div class="- topic/p p" data-ofbid="d241107e263__20250121171659">其中 KEY 直接使用 eFuse 中的 <code class="+ topic/ph pr-d/codeph ph codeph">SPI_ENC_KEY</code> COUNTER 值则由几部分共同产生:<ul class="- topic/ul ul simple" id="id__ul_kdh_wj4_fdc" data-ofbid="id__ul_kdh_wj4_fdc"><li class="- topic/li li" data-ofbid="d241107e269__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e271__20250121171659">eFuse 中的 <code class="+ topic/ph pr-d/codeph ph codeph">SPI_ENC_NONCE</code></p>
</li><li class="- topic/li li" data-ofbid="d241107e276__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e278__20250121171659">memuconfig 中配置的 <code class="+ topic/ph pr-d/codeph ph codeph">tweak</code></p>
</li><li class="- topic/li li" data-ofbid="d241107e283__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e285__20250121171659">访问数据所在的地址 <code class="+ topic/ph pr-d/codeph ph codeph">address</code></p>
</li></ul></div>
<figure class="- topic/fig fig fignone" id="id__id2" data-ofbid="id__id2"><br/><div class="imagecenter"><img class="- topic/image image imagecenter" id="id__image_inr_wj4_fdc" src="../../../images/secure/spienc_counter_value1.png" alt="spienc_counter_value1"/></div><br/><figcaption data-caption-side="bottom" class="- topic/title title figcapcenter"><span class="figtitleprefix fig--title-label"><span class="fig--title-label-number"> 1</span><span class="fig--title-label-punctuation">. </span></span><span class="fig--title">COUNTER 值的生成</span></figcaption></figure>
<div class="- topic/p p" data-ofbid="d241107e298__20250121171659">因此在使用 SPI_ENC 时,需要设置以下的 eFuse 信息:<div class="table-container"><table class="- topic/table table frame-all" id="id__table_unx_wj4_fdc" data-ofbid="id__table_unx_wj4_fdc" data-cols="8"><caption class="- topic/title title tablecap" data-caption-side="top" data-is-repeated="true"><span class="table--title-label"><span class="table--title-label-number"> 1</span><span class="table--title-label-punctuation">. </span></span><span class="table--title"></span></caption><colgroup><col style="width:13.924050632911392%"/><col style="width:10.654008438818565%"/><col style="width:11.181434599156118%"/><col style="width:11.181434599156118%"/><col style="width:10.548523206751053%"/><col style="width:10.548523206751053%"/><col style="width:10.864978902953586%"/><col style="width:21.097046413502106%"/></colgroup><thead class="- topic/thead thead"><tr class="- topic/row"><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__1">用途</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__2">位数</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__3">地址</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__4">禁止位</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__5">禁写</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__6">禁读</th><th class="- topic/entry entry colsep-1 rowsep-1" id="id__table_unx_wj4_fdc__entry__7">归属</th><th class="- topic/entry entry colsep-0 rowsep-1" id="id__table_unx_wj4_fdc__entry__8">备注</th></tr></thead><tbody class="- topic/tbody tbody"><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__1">DIS RD</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__2">64</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__3">0~7</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__4">0~1</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__5">V</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__6">-</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__7">CSTM</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__table_unx_wj4_fdc__entry__8">eFuse 读禁止配置区域</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__1">DIS WR</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__2">64</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__3">8~F</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__4">2~3</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__5">-</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__6">-</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__7">-</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__table_unx_wj4_fdc__entry__8">eFuse 写禁止配置区域</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__1">SPI ENC KEY</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__2">128</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__3">A0~AF</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__4">40~43</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__5">V</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__6">V</td><td class="- topic/entry entry colsep-1 rowsep-1" headers="id__table_unx_wj4_fdc__entry__7">CSTM</td><td class="- topic/entry entry colsep-0 rowsep-1" headers="id__table_unx_wj4_fdc__entry__8">安全,连接到 SPI ENC对称密钥</td></tr><tr class="- topic/row"><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__1">SPI ENC NONCE</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__2">64</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__3">B0~B7</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__4">44~45</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__5">V</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__6">V</td><td class="- topic/entry entry colsep-1 rowsep-0" headers="id__table_unx_wj4_fdc__entry__7">CSTM</td><td class="- topic/entry entry colsep-0 rowsep-0" headers="id__table_unx_wj4_fdc__entry__8">安全,连接到 SPI ENC随机数</td></tr></tbody></table></div></div>
<p class="- topic/p p" data-ofbid="d241107e400__20250121171659">具体 eFuse 区域的地址,请参考芯片的数据手册。</p>
</section><section class="- topic/section section" id="id__spi-enc-key" data-ofbid="id__spi-enc-key"><h2 class="- topic/title title sectiontitle">烧写 SPI_ENC KEY</h2>
<strong class="+ topic/ph hi-d/b ph b">到 eFuse
</strong><ol class="- topic/ol ol" id="id__ol_rxg_fqt_vcc" data-ofbid="id__ol_rxg_fqt_vcc"><li class="- topic/li li" data-ofbid="d241107e410__20250121171659">主机端执行 <code class="+ topic/ph pr-d/codeph ph codeph">opensslrand-hex16</code> 生成 SPI_ENC KEY。
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_g2b_gqt_vcc" data-ofbid="id__pre_g2b_gqt_vcc"><span class="hl-number">52e0</span>ef932d755b69f7a93dd7485748d8
</pre>
</li><li class="- topic/li li" data-ofbid="d241107e418__20250121171659">
<div class="- topic/p p" data-ofbid="d241107e420__20250121171659">在开发板平台命令行执行下列命令,烧录 SPI_ENC KEY 到 eFuse 中。
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_cnl_gqt_vcc" data-ofbid="id__pre_cnl_gqt_vcc">efuse writehex <span class="hl-number">0xA0</span> <span class="hl-number">52e0</span>ef932d755b69f7a93dd7485748d8
</pre>
</div>
</li><li class="- topic/li li" data-ofbid="d241107e426__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e428__20250121171659">禁止 SPI_ENC KEY 读写</p>
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_vvr_gqt_vcc" data-ofbid="id__pre_vvr_gqt_vcc">efuse writehex <span class="hl-number">0x04</span> <span class="hl-number">000f</span>0000
efuse writehex <span class="hl-number">0x0c</span> <span class="hl-number">000f</span>0000
</pre>
</li></ol>
</section><section class="- topic/section section" id="id__spi-enc-nonce" data-ofbid="id__spi-enc-nonce"><h2 class="- topic/title title sectiontitle">烧写 SPI_ENC
NONCE 到 eFuse
</h2>
<ol class="- topic/ol ol" id="id__ol_of4_3qt_vcc" data-ofbid="id__ol_of4_3qt_vcc"><li class="- topic/li li" data-ofbid="d241107e441__20250121171659">主机端执行 <code class="+ topic/ph pr-d/codeph ph codeph">opensslrand-hex8</code> 生成 SPI_ENC NONCE。
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_z1w_3qt_vcc" data-ofbid="id__pre_z1w_3qt_vcc">bb99eb4ababc43dc
</pre>
</li><li class="- topic/li li" data-ofbid="d241107e449__20250121171659">
<div class="- topic/p p" data-ofbid="d241107e451__20250121171659">在开发板平台命令行执行下列命令,烧录 SPI_ENC NONCE 到 eFuse 中。
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_ij2_jqt_vcc" data-ofbid="id__pre_ij2_jqt_vcc">efuse writehex <span class="hl-number">0xB0</span> bb99eb4ababc43dc
</pre>
</div>
</li><li class="- topic/li li" data-ofbid="d241107e457__20250121171659">
<p class="- topic/p p" data-ofbid="d241107e459__20250121171659">禁止 SPI_ENC NONCE 读写</p>
<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="id__pre_hdz_jqt_vcc" data-ofbid="id__pre_hdz_jqt_vcc">efuse writehex <span class="hl-number">0x04</span> <span class="hl-number">00300000</span>
efuse writehex <span class="hl-number">0x0c</span> <span class="hl-number">00300000</span>
</pre>
</li></ol>
</section></div></article></main></div>
</div>
<nav role="navigation" id="wh_topic_toc" aria-label="On this page" class="col-lg-2 d-none d-lg-block navbar d-print-none">
<div id="wh_topic_toc_content">
<div class=" wh_topic_toc "><div class="wh_topic_label">在本页上</div><ul><li class="section-item"><div class="section-title"><a href="#id__secure" data-tocid="id__secure">SECURE 区域定义</a></div></li><li class="section-item"><div class="section-title"><a href="#id__bootloader" data-tocid="id__bootloader">
BootLoader
中启用 SPIENC
驱动</a></div></li><li class="section-item"><div class="section-title"><a href="#id__section_ydv_fk4_fdc" data-tocid="id__section_ydv_fk4_fdc">在 RTOS 中启用
SPIENC
驱动
</a></div></li><li class="section-item"><div class="section-title"><a href="#id__section_f14_vj4_fdc" data-tocid="id__section_f14_vj4_fdc">配置密钥及所需的
KEY 和 COUNTER 值</a></div></li><li class="section-item"><div class="section-title"><a href="#id__spi-enc-key" data-tocid="id__spi-enc-key">烧写 SPI_ENC KEY</a></div></li><li class="section-item"><div class="section-title"><a href="#id__spi-enc-nonce" data-tocid="id__spi-enc-nonce">烧写 SPI_ENC
NONCE 到 eFuse
</a></div></li></ul></div>
</div>
</nav>
</div>
</div>
</div>
<footer class="navbar navbar-default wh_footer">
<div class=" footer-container mx-auto ">
<title>footer def</title>
<style><!--
.p1 {
font-family: FangZhengShuSong, Times, serif;
}
.p2 {
font-family: Arial, Helvetica, sans-serif;
}
.p3 {
font-family: "Lucida Console", "Courier New", monospace;
}
--></style>
<div class="webhelp.fragment.footer">
<p class="p1">Copyright © 2019-2024 广东匠芯创科技有限公司. All rights reserved.</p>
</div><div>
<div class="generation_time">
Update Time: 2025-01-21
</div>
</div>
</div>
</footer>
<div id="go2top" class="d-print-none">
<span class="oxy-icon oxy-icon-up"></span>
</div>
<div id="modal_img_large" class="modal">
<span class="close oxy-icon oxy-icon-remove"></span>
<div id="modal_img_container"></div>
<div id="caption"></div>
</div>
<script src="${pd}/publishing/publishing-styles-AIC-template/js/custom.js" defer="defer"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink