You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/flash-OTP.md
+19-2Lines changed: 19 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,9 +20,26 @@ The public keys are stored in the OTP area, after an initial 16-byte header that
20
20
keys stored, the size of each key, and other information.
21
21
22
22
In order for wolfBoot to start authenticating the firmware images at boot and upon update, the public keys
23
-
must be provisioned to the OTP area in a separate step, as described in the next section.
23
+
must be provisioned to the OTP area in a separate step, as described in the next sections.
24
24
25
-
### Provisioning the public keys to the OTP area
25
+
Depending on the target device, you can either prepare a binary image of the OTP area content, or use `otp-keystore-primer` firmware to directly provision the keys on the target.
26
+
27
+
### Creating an image of the OTP area content
28
+
29
+
It is possible to create a binary image of the content for the OTP area. The resulting file (otp.bin) can be manually provisioned using any external tool that allows writing to the target OTP area.
30
+
31
+
To compile the otp-keystore-gen tool using the current keystore content:
32
+
33
+
```
34
+
make otpgen
35
+
```
36
+
37
+
And then, to create the image file `otp.bin`:
38
+
39
+
tools/keytools/otp/otp-keystore-gen
40
+
41
+
42
+
### Directly provisioning the public keys to the OTP area (primer)
26
43
27
44
After enabling the `FLASH_OTP_KEYSTORE` option in your `.config` file, when you compile wolfBoot by running "make",
28
45
an additional application called `otp-keystore-primer` is generated under `tools/keytools/otp`. This application is used to
0 commit comments