• 状态 Resolved
  • 已锁定 已锁定
  • 回复 10 回复
  • 订户 0 订户
  • 视图 1259 视图
  • 用户 0 会员在此处
选项
选项
相关

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

[参考译文] LAUNCHXL-CC3235SF:在开发模式下对 OTP 进行编程时出错

admin
Guru**** 2553420 points
Other Parts Discussed in Thread: CC3235SF, UNIFLASH

请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

https://e2e.ti.com/support/wireless-connectivity/wi-fi-group/wifi/f/wi-fi-forum/1160199/launchxl-cc3235sf-errors-while-programming-the-otp-in-dev-mode

器件型号:LAUNCHXL-CC3235SF
主题中讨论的其他器件:CC3235SFUNIFLASH

你好!

我正在尝试在 CC3235SF (在开发模式下)上安装证书、但当我尝试对 OTP 进行编程时、它会失败。 我已按照您在 swru469h、 swru547a 和 swpu332a 中的文档进行操作。 “供应商证书”保留了其“.der”扩展名,而“根 CA”的扩展名(DER 格式)已被删除。 所有密钥都是使用 OpenSSL 通过 RSA 2048生成的。  

我们可以在此处看到用于生成证书的方法: 

# ROOT OF TRUST CERTIFICATE     (Signs/verifies the catalog)
#===============================================================================

# Generate Private Key
openssl genrsa -out "$RootOfTrustKey.pem" 2048

#Create Certificate
openssl req -x509 -sha256 -new -nodes -key "$RootOfTrustKey.pem" -days "$ValidNumDays" \
-subj "$ROTSpecs" -out "$RootOfTrustCert.pem"

# Convert Cert to DER Format
openssl x509 -in "$RootOfTrustCert.pem" -out "$RootOfTrustCert" -outform "DER"


# SS ROOT CA CERTIFICATE       (SoftwareSigning Root CA)
#===============================================================================

# Generate Root Private Key
openssl genrsa -out "$SSRootCAKey.pem" 2048

# Create and Self-Sign Root CA Certificate
openssl req -x509 -sha256 -new -nodes  -key "$SSRootCAKey.pem" \
-days "$ValidNumDays"  -subj "$SSCASpecs" \
-addext 'keyUsage=keyCertSign'  -set_serial 0  -out "$SSRootCACert.pem"

# Convert Cert to DER Format
openssl x509 -in "$SSRootCACert.pem" -out "$SSRootCA" -outform "DER"

#Copy to Cert Catalog
cp "$SSRootCA"  "$CADir/"  

# SS CERTIFICATE             (Vendor cert, for softwareSigning)
#===============================================================================

# Generate Private Key
openssl genrsa -out "$SSKey.pem" 2048

# Generate the CSR
openssl req -config "$SS.cnf" -batch -new -nodes \
-key "$SSKey.pem" -out "$SSCSR.pem"

# Sign with the Root-CA
openssl ca -config "$SS.cnf" -batch -in "$SSCSR.pem" \
-out "$SSCert.pem"

# Convert to DER
openssl x509 -in "$SSCert.pem" -outform "DER" -out "$SS.der"

(根 CA 被添加到将成为证书目录的文件夹中)

我已经知道需要将"供应商证书"添加到 CCS 项目中、Uniflash 项目需要使用它及其密钥对 MCU 进行签名/验证。 使用"信任根私钥"创建并签名目录(以 PEM 格式、由于具有 CC3235SF、因此使用 SHA2)。 OTP 元数据使用"信任根私钥"创建和签名(使用 SHA2与以前一样)。 使用"algo 2"创建"inf-file"(再次表示 SHA2)。  

# SETUP PROJECT IN UNIFLASH AND CCS
#===============================================================================

# Add "$SSRootCA" and "$SS.der" to both the UniFlash and the CCS project 
# Build the CCS project
# Add the MCU to the Uniflash Project (FAILSAFE, SECURE, PUBLICWRITE)
# Sign the MCU with "$SSKey.pem" and verify with "$SS.der"

# (Done automatically based on chapter 7 in swru469h, but same result as when done manually)


# CERTIFICATE CATALOG
#===============================================================================

# Create the Cert Catalogue
"$ImageCreatorPath/SLImageCreator.exe" \
tools make_cert_catalog  --cert_folder "$CADir/"  --out_file "$Catalog.lst"

# Sign the Cert Catalogue
"$ImageCreatorPath/SLImageCreator.exe" \
tools sign  --file "$Catalog.lst"  --priv "$RootOfTrustKey.pem"  --out_file "$Catalog.lst.signed.bin"  --fmt BINARY_SHA2

# Set the Cert Catalog
"$ImageCreatorPath/SLImageCreator.exe" \
project set_certstore  --name "$ProjName"  --file "$Catalog.lst"  --sign "$Catalog.lst.signed.bin"


# One-Time-Programming
#===============================================================================

#Create OTP Metadata
"$ImageCreatorPath/SLImageCreator.exe" \
tools meta  --cert "$RD/$RootOfTrustCert.pem"  --out_file "$OTP.meta

#Sign the OTP Metadata
"$ImageCreatorPath/SLImageCreator.exe" \
tools sign  --file "$OTP.meta"  --priv "$RD/$RootOfTrustKey.pem"  --out_file "$OTP.meta.sig"  --fmt BINARY_SHA2

#Create the OTP Info
"$ImageCreatorPath/SLImageCreator.exe" \
tools inf  --algo 2  --sign1 "$OTP.meta.sig"  --meta "$OTP.meta"  --out_file "$OTP.inf"

# Set OTP                (<---- Crashes here!!!)
"$ImageCreatorPath/SLImageCreator.exe" \
project program  --name "$ProjName"    --vendor_cert  --otp_file "$OTP.inf" --dev

崩溃发生在前一代码的最后一步。 以下是输出:   (长路径已被[...]取代) 

================================================================================
CCS headless build complete! 0 out of 1 projects have errors.
INFO:root:FTDI not detected, trying XDS
INFO:slbootloader.slbootloader:Connecting to device
INFO:slbootloader.slbootloader:Power off
INFO:slbootloader.slbootloader:Set break signal
INFO:slbootloader.slbootloader:Power on
INFO:slbootloader.slbootloader:Clear break signal
INFO:slbootloader.slbootloader:Connection succeeded
INFO:slbootloader.slbootloader:Received storage list
partitionBitMap   0 00000000
partitionBitMap24 0 00000000
checkSum 0 00000000

------------------------



Copyright 2014 TI.com. All rights reserved, SimpleLink programming image builder
Builder = 5.0.0.2

Interface version   = 1.0.2.16
Recommended command line window resolution W124 X H67

The output directory is  :[[...]\sl_image]
The XML file is          :[[...]\sl_image\ImageConfig.xml]

Validate the XML against the schema.

The XML validation passed.


------------------------

 Commands Set Number = 0
        CommandNum = 0
                CommandFormatStorage:
        CommandNum = 1
                CommandWriteCertificateStore:
                FileLocation = [...]\sl_cs\certificate_catalog.lst
                FileSystemName = /sys/certstore.lst
                File max size is 7000 bytes, actual size 472 bytes
                After running the extracting the file will require 4 blocks on the device
        CommandNum = 2
                CommandWriteServicePack:
                Service pack versions, NWP = (4, 17, 0, 0)  MAC = (3, 1, 0, 5)  PHY = (3, 1, 0, 25)
                Max Service Pack file size = 131072
                FileLocation = [...]\sl_sp\sp_4.13.0.2_3.7.0.1_3.1.0.26.bin
                FileSystemName = /sys/servicepack.ucf
                File max size is 131072 bytes, actual size 81916 bytes
                After running the extracting the file will require 66 blocks on the device
        CommandNum = 3
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\ipcfg.bin
                FileSystemName = 17
                File max size is 240 bytes, actual size 240 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 4
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\mode.cfg.bin
                FileSystemName = 0
                File max size is 132 bytes, actual size 132 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 5
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\device.name.bin
                FileSystemName = 5
                File max size is 98 bytes, actual size 98 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 6
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\ap.cfg.bin
                FileSystemName = 1
                File max size is 158 bytes, actual size 158 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 7
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\httpsrv.cfg.bin
                FileSystemName = 4
                File max size is 387 bytes, actual size 387 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 8
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\sta.cfg.bin
                FileSystemName = 12
                File max size is 136 bytes, actual size 136 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 9
                CommandWriteSystemFile:
                FileLocation = [...]\sl_fs\sys\dhcpsrv.cfg.bin
                FileSystemName = 3
                File max size is 12 bytes, actual size 12 bytes
                After running the extracting the file will require 2 blocks on the device
        CommandNum = 10
                CommandWriteFile:
                FileLocation = [...]\sl_fs\sys\phypwr.cal.bin
                FileSystemName = /sys/phypwr.cal
                File max size is 312 bytes, actual size 312 bytes
                After running the extracting the file will require 1 blocks on the device
        CommandNum = 11
                CommandWriteFile:
                FileLocation = [...]\sl_temp\tmp0ouhge
                FileSystemName = "$SS.der"
                File max size is 976 bytes, actual size 976 bytes
                After running the extracting the file will require 1 blocks on the device
        CommandNum = 12
                CommandWriteFile:
                FileLocation = [...]\sl_temp\tmpegv3gk
                FileSystemName = "$SSRootCA"
                File max size is 969 bytes, actual size 969 bytes
                After running the extracting the file will require 1 blocks on the device
        CommandNum = 13
                CommandWriteFile:
                FileLocation = [...]\sl_temp\tmpgphs_l
                FileSystemName = /sys/mcuflashimg.bin
                File max size is 1048576 bytes, actual size 79200 bytes
                After running the extracting the file will require 514 blocks on the device
        CommandNum = 14
                CommandWriteFile:
                FileLocation = ../files\CrashMiniDump.bin
                FileSystemName = /tmp/CrashMiniDump.bin
                File max size is 24576 bytes, actual size 1 bytes
                After running the extracting the file will require 7 blocks on the device

        For Set Number = 0 ,
        Set Files will require 608 blocks on the device after running the extraction  ( Programming image is not included )

------------------------
        The actual size of the image data is 172032 bytes
                => The  image data requires minimum of 44 blocks on the device.

Block size is 4096 bytes.
Configured Storage size is 1024 blocks.


Total size of image( 44 blocks )
        Total size of user files after extraction( 10 blocks )
        Total size of FileSystem( 4 blocks )

        Total System files after extraction(includes reserved space for system files)( 620 blocks )
                Total reserved for system files ( 620 blocks )
                        Service pack after extraction size ( 66 blocks )
                        Application code  after extraction size ( 514 blocks )
                        Kept for system files ( 32 blocks )
                System files after extraction size (includes the service-pack) ( 598 blocks )
        Reserved size for the Image (includes image protecting) ( 64 blocks )
         ==> After the extraction the set will require total size of 698 blocks.<==
         ==> During the extraction process the set will require total size of 698 blocks.<==

Non-encrypted files generated successfully !!!



Finished successfully !!!!
The products are available in : [c:\ti\uniflash_8.0.0\simplelink\imagecreator\bin\[...]\sl_image\Output ]

------------------------




INFO:root:Patching Secondary RAM...
Preparing...: 100% (94708/94708)OTP already locked !!!!!
Preparing...: 100% (1008/1008)OTP already locked !!!!!

Modified capacity = 2!!!

Image Programming: 99% (172032/173296)INFO:slbootloader.slbootloader:Received error : error number = -10289 , extended error = 2694
Traceback (most recent call last):
  File "<string>", line 5266, in <module>
  File "<string>", line 5262, in main
  File "<string>", line 5232, in cmdline
  File "<string>", line 4077, in command_project_program
  File "<string>", line 2741, in program_image_from_project
  File "<string>", line 2946, in program_image
  File "W:\slbootloader\slbootloader.py", line 793, in fs_programming
slbootloader.slbootloader.BootLoaderError:
Error: SLImageCreator.exe: fs_programming error: ret: -10289, ex_err: 2694 - FS_WRONG_SIGNATURE
SLImageCreator returned -1

如您所见、错误消息为:"FS_ERROR_signatic"。

如果仅使用虚拟证书和虚拟目录、映像会成功构建、这就是我对所有这些都有点困惑的原因。 希望获得一些关于我所做的错误的反馈。 提前感谢!

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    您是否将 MCU 映像作为"MCU 映像"或作为安全文件添加到 Uniflash? (应将其指定为"MCU 镜像")。

    您可以尝试使用 $SSRootCA 为 MCU 签名吗? (我不确定创建的链、您能否共享"$SCert"?)

      

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    你好!

    我在创建过程中添加了"--mcu"标志、指定这是一个 MCU 镜像。 我也尝试使用 RootCA 进行签名、同时完全删除 SS 证书。 很抱歉、我只是假设在网上共享证书及其名称不安全。 但我会分享这些信息。 仅需一秒

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    您认为仔细查看这些证书是正确的;它们的主体在 SSRootCA 和 SS 之间不匹配(但不知道这是否是问题的原因)。 RootOfTrust 和 SS 的主体(CommonName 除外)相同、但 SSRootCA 的主体不同。 会更正此问题并返回给您!  

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    更改后它不起作用。 下面显示了三个使用的证书。

    以下是信任根: 

    Root-Of-Trust Certificate
-----------------------------------------------
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:2c:ce:89:45:97:99:fe:3e:3d:49:3d:78:3e:98:52:2c:56:f2:53
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = XX, L = City, O = Company, OU = Unit, CN = root_of_trust
        Validity
            Not Before: Oct 11 16:12:30 2022 GMT
            Not After : Oct 12 16:12:30 2022 GMT
        Subject: C = XX, L = City, O = Company, OU = Unit, CN = root_of_trust
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cd:aa:a4:29:2a:90:ab:4a:85:91:47:82:02:
                    54:e9:35:37:75:e4:8a:30:e8:03:da:c4:bb:81:39:
                    c7:5b:db:f6:f4:de:7d:bb:92:35:02:63:f8:30:8e:
                    a2:db:93:a4:58:10:ad:e5:d7:bc:ce:ea:ab:17:1f:
                    45:3b:37:8c:34:74:ab:8c:a2:ad:b5:0f:d5:53:38:
                    d2:49:9c:43:03:7c:72:0a:2d:25:4b:92:e6:39:c5:
                    24:d2:98:fa:06:c8:37:c8:0d:8c:ea:b5:16:7f:ff:
                    f5:27:c8:09:cc:f9:80:e2:8d:45:bb:a7:7c:3c:2d:
                    d3:08:65:42:02:54:af:85:7e:e0:b9:8e:ce:cc:de:
                    6f:1b:59:da:64:d2:95:d8:68:13:c0:ae:d4:b3:fb:
                    1f:7e:4f:d4:43:c8:8b:b8:91:4f:37:ca:d2:07:21:
                    9e:2c:3e:f0:31:f6:c7:95:97:82:d9:2c:6c:88:01:
                    e2:9c:09:84:1c:dc:4b:e6:e3:78:62:fa:5b:81:99:
                    aa:b8:05:16:d5:a5:ff:c1:02:3b:a4:f7:99:40:ab:
                    f6:98:16:42:7d:1e:24:29:7f:cf:c6:98:2a:3c:63:
                    d4:a9:1c:e4:e4:35:2e:db:6a:13:26:01:5f:ca:60:
                    e3:78:ea:a3:3b:ad:3d:3d:53:65:7b:a2:dd:74:88:
                    83:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:B5:34:25:F1:12:FF:CA:00:C8:CD:92:A1:AD:69:84:CC:73:46:82
            X509v3 Authority Key Identifier:
                keyid:95:B5:34:25:F1:12:FF:CA:00:C8:CD:92:A1:AD:69:84:CC:73:46:82

            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
         00:a4:f6:08:ae:00:a4:35:31:41:19:51:ec:c0:fe:62:5b:d0:
         1f:64:0c:f9:5f:fa:10:c5:88:80:4d:02:99:e4:06:64:34:9f:
         db:09:22:09:8f:99:bc:78:bd:79:50:11:c8:31:46:66:49:0a:
         48:b4:23:ac:47:8a:e8:e1:9e:94:72:e4:51:a3:74:6d:47:55:
         f8:a3:96:55:95:46:46:9f:91:dd:71:81:4e:6e:0f:0b:1e:51:
         73:44:ef:0c:88:17:93:d1:68:0f:22:a5:bb:04:88:ef:28:1b:
         26:e7:fc:2b:71:97:6b:75:37:7d:0a:20:88:cd:96:85:09:ba:
         f1:7b:59:5c:5c:e2:31:fd:52:21:a9:49:cd:c6:e9:eb:f4:ab:
         94:cf:48:4b:83:d4:ba:e1:0f:aa:20:3b:c4:2d:85:54:e0:fe:
         68:9e:30:9d:5f:4b:83:71:fb:3d:33:0c:d0:15:d0:6d:a3:af:
         d9:2d:7c:b1:5c:5d:dd:41:66:d3:7e:42:34:1c:50:69:e1:a8:
         de:ec:f3:ab:73:38:de:d2:45:f6:7d:7e:b1:4f:4b:10:1e:4b:
         05:e1:7e:1e:4b:a1:37:dd:36:e6:a5:e0:cc:2b:24:76:cb:65:
         67:7c:24:30:d4:07:51:1a:2b:56:e3:63:2b:73:be:d8:83:73:
         53:9e:8a:d6

    下面是根 CA: 

    Software-Signing Root CA
-----------------------------------------------
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = XX, L = City, O = Company, OU = Unit, CN = software_signing_root_ca
        Validity
            Not Before: Oct 11 16:12:31 2022 GMT
            Not After : Oct 12 16:12:31 2022 GMT
        Subject: C = XX, L = City, O = Company, OU = Unit, CN = software_signing_root_ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:a5:cc:7c:aa:88:94:58:ed:52:69:81:ea:5a:
                    8d:13:02:0f:fb:70:e5:87:9e:af:ef:9c:62:2d:09:
                    6d:8a:0e:af:f6:c2:c5:95:9a:07:d2:d8:a9:11:62:
                    b5:a9:f5:1f:4c:8a:0a:12:a8:1f:46:b8:be:15:b6:
                    8b:07:fe:f8:c1:2f:d1:39:0c:5b:7a:d0:77:6b:4e:
                    d4:e2:82:dc:a0:98:6c:c1:e7:ae:e5:ff:54:86:79:
                    b6:e9:c5:c9:94:ab:8c:f0:a5:1c:d7:6e:a4:bb:cd:
                    d5:f1:8b:77:14:cb:43:24:e9:3a:95:d9:5b:7b:ff:
                    50:7b:dc:10:ea:50:07:fa:08:4b:dc:12:bd:41:a4:
                    db:8a:ea:e6:54:84:ad:8a:d9:70:60:e2:de:30:ef:
                    9a:8b:d0:4e:17:23:f8:d8:d8:98:95:04:ca:00:4d:
                    44:45:c9:33:a0:ef:1a:fd:52:e2:81:f1:b0:3b:8f:
                    2e:34:8e:41:fa:96:91:f2:98:5d:c4:bb:5b:f0:aa:
                    32:17:01:f9:30:40:1e:87:a4:a0:c6:03:a2:dd:95:
                    96:e1:51:92:70:5c:d9:54:2f:cd:e7:dc:a7:8d:30:
                    55:9f:10:61:8f:f6:e2:60:9a:68:4a:e2:d6:93:1e:
                    32:af:91:35:4c:24:c0:d6:e0:b4:23:7e:ee:2e:d9:
                    16:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:F6:05:CD:35:64:BF:91:D2:01:08:5E:7C:2D:BC:D0:0D:87:E2:4D
            X509v3 Authority Key Identifier:
                keyid:AF:F6:05:CD:35:64:BF:91:D2:01:08:5E:7C:2D:BC:D0:0D:87:E2:4D

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage:
                Certificate Sign
    Signature Algorithm: sha256WithRSAEncryption
         b0:ce:1a:e2:72:c6:c3:a6:49:0d:0c:73:ee:12:af:74:d5:1d:
         1c:64:39:d2:63:1b:95:f9:a5:c9:2f:29:c0:7d:87:e0:36:63:
         06:aa:d9:6a:ca:34:e0:27:0e:46:7e:d5:98:5a:70:22:02:19:
         8e:ce:1f:4e:20:d7:94:0f:63:58:e0:1b:0c:99:bd:9a:0c:ed:
         62:cb:c7:48:85:30:6a:9c:2f:de:0e:6a:4d:6b:67:b7:8d:6b:
         78:d2:2f:fb:8b:84:af:d0:db:0f:8c:3b:ea:9f:c5:5d:f3:eb:
         64:6f:fc:b7:be:93:2e:f7:79:f7:da:bd:23:17:dd:57:89:d5:
         d8:64:be:4f:b3:62:b6:fd:9c:73:7d:a2:8e:55:47:4a:5f:d7:
         81:0b:24:43:46:bc:1c:d7:dc:e5:db:33:36:ae:03:ca:6c:02:
         43:2e:f1:d5:48:d5:a2:d1:52:99:75:b1:51:25:54:5d:0d:bd:
         a5:26:67:19:83:47:f7:4c:1c:ea:16:ce:4e:7e:6a:47:a0:5b:
         80:1b:8e:7d:04:1a:60:6d:e5:07:56:f4:61:91:c1:99:a4:6b:
         c2:4d:ac:7e:82:79:07:56:58:01:80:3e:6c:c9:4c:a4:ed:dc:
         31:4a:54:ba:20:1e:26:33:89:d7:95:3d:9b:3e:88:c4:61:04:
         62:d8:3d:a7

    下面是供应商(软件签名)证书: 

    Software-Signing Cert  (Vendor)
-----------------------------------------------
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = XX, L = City, O = Company, OU = Unit, CN = software_signing_root_ca
        Validity
            Not Before: Oct 11 16:12:32 2022 GMT
            Not After : Oct 12 16:12:32 2022 GMT
        Subject: C = XX, L = City, O = Company, OU = Unit, CN = software_signing
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:bd:3e:8f:fd:da:1a:30:40:2a:10:d5:9a:68:
                    ae:d9:1a:3b:26:40:e9:ea:d6:5d:e5:ca:bc:b7:30:
                    03:81:c3:64:e8:71:c2:19:1f:12:b5:55:ec:b3:bf:
                    e4:ce:ec:dc:2d:66:f1:88:95:d1:1f:dc:b2:c9:39:
                    49:6a:10:27:12:5e:00:18:16:a7:0d:da:24:6b:32:
                    49:1d:d0:14:ad:fc:96:77:99:99:98:bb:dd:68:a9:
                    98:4e:79:8b:16:91:3c:cb:a4:ee:4b:72:eb:e6:d7:
                    9a:9e:94:f2:69:7b:fe:0d:ac:64:7d:47:35:a8:ca:
                    5b:99:4d:4d:fe:33:1b:73:f5:a7:5c:24:05:b5:6b:
                    9f:91:41:f9:b4:d9:76:05:5b:5d:9f:b4:2e:0b:f5:
                    47:ad:6b:0b:40:55:56:0a:57:bc:d6:da:ab:4b:0a:
                    4a:7e:42:92:85:bd:bb:d0:1f:6c:f8:3d:bd:bd:6c:
                    21:a6:ac:dd:11:3b:61:93:4a:65:dd:a3:02:94:82:
                    f3:15:fc:22:1a:44:e3:8c:17:53:36:30:46:47:a2:
                    01:c0:ae:b5:a5:9f:42:91:a8:0f:b6:78:74:99:22:
                    f0:a9:de:a6:27:80:45:cb:23:dc:a8:7f:d7:85:2a:
                    b7:6b:b5:cf:9d:df:f3:eb:de:24:73:49:5c:31:c4:
                    cd:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature
            X509v3 Subject Key Identifier:
                89:05:4E:33:EC:89:6B:F7:E8:66:F3:33:45:E1:85:DB:32:4D:2F:A3
            X509v3 Authority Key Identifier:
                keyid:AF:F6:05:CD:35:64:BF:91:D2:01:08:5E:7C:2D:BC:D0:0D:87:E2:4D

            X509v3 Extended Key Usage:
                Code Signing
    Signature Algorithm: sha256WithRSAEncryption
         9d:a6:79:aa:dd:6d:3f:2e:43:e4:45:80:cc:b7:47:a8:75:84:
         a9:91:62:e7:b1:33:2c:f2:07:b2:63:b0:87:24:14:e7:60:fc:
         98:a1:1e:a9:d4:43:ff:1b:31:36:02:b4:5a:69:93:0a:db:5f:
         2e:b6:87:6b:bf:83:07:09:57:b2:38:44:aa:ea:b6:c6:4a:58:
         cb:c9:1d:49:ca:c0:4a:b0:1e:16:86:42:b5:09:c0:54:08:7b:
         32:b9:a7:17:d0:6b:14:69:20:26:f6:49:c6:04:c4:da:91:25:
         84:13:8b:67:7e:6b:af:89:2a:16:e6:04:11:98:16:76:7c:8c:
         0d:f6:d0:fd:fe:9f:e9:54:c6:47:90:4a:c5:9f:bf:c5:3d:a1:
         d0:10:3c:48:e7:33:77:e9:40:5a:f0:ac:33:3c:4b:ad:f4:a1:
         6a:35:c5:8d:51:67:6e:e8:50:db:67:c5:f9:a6:3e:04:c5:6a:
         39:17:98:3c:6a:46:01:2d:3a:dc:4c:12:ce:46:00:6f:b4:46:
         9d:ae:1a:a9:9a:da:c3:d8:d2:bf:e7:85:0f:be:eb:63:12:9b:
         06:86:c7:1a:94:fb:86:44:27:e1:e4:e7:db:c4:65:3c:34:94:
         c2:51:2d:a7:98:3d:0c:1b:84:e1:9a:9b:9e:21:e3:35:16:de:
         06:b6:f9:16

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    再次读取日志、似乎 OTP 已被锁定(请参阅第163行)。

    此外、调用根 CA 文件时应与发行人的 CN 完全相同(即"software_signing_root_ca"、没有任何扩展名、并且它应位于 FS 的根文件夹中)。

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    "... OTP 已锁定(请参阅第163行)。"  这意味着什么? 它是否已在生产模式下写入、因此不能再次使用?

    我手动更改了日志以删除名称等。 此处:"$SS.der"="software_signing.der"、 "$SSRootCA"="software_signing_root_ca"(无扩展名)。

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    没错、它已经被写入、不能被覆盖。

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    好的、好的。 这至少说明了我遇到问题的原因。 您认为它看起来像是其他问题吗?

    否则、我感谢您找到问题、我可以将其称为"已解决"吗?

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    另一个问题是、是否可以在开发模式下多次写入 OTP? 或者它是否也会将自身锁定在那里? 我假设它可以在 DEV 模式下多次写入、但可能是错误的。

  • 0
    TI__Guru**** 2553420 points
    请注意,本文内容源自机器翻译,可能存在语法或其它翻译错误,仅供参考。如需获取准确内容,请参阅链接中的英语原文或自行翻译。

    您好!

    OTP 数据被写入 SPI 闪存 MX25R3235FM1IH0的 OTP 部分。 一旦 SPI 闪存的 OTP 区域被写入、它就不能被改变、而不管用于写入 OTP (开发/生产)的模式。 如果您想恢复 OTP 区域、唯一的方法是物理交换 SPI 闪存。 好消息是、闪存 MX25R3235FM1IH0可供使用、不会出现任何问题

    1月