Sign image
Signs the user application and converts it into
MCUboot format
. If the signing key is not provided, the result is the MCUboot formatted unsigned image. All the numeric values can be provided in a decimal (for example,
fill-value: 255
) or hexadecimal format (for example,
fill-value: "0xFF"
).
Inputs
Name | Type | Optional/Required | Description |
|---|---|---|---|
file | string | required | Path to the file to be signed or converted into MCUboot format. |
description | string | optional | Description for this field. |
signing-key | string | optional | ECDSA or RSA private key used to sign the image. |
header-size | string, integer | required | MCUboot header size. |
slot-size | string, integer | required | Maximum slot size. |
fill-value | string, integer | optional | Value read back from erased flash. Default: . Available values: , . |
min-erase-size | string, integer | optional | Minimum erase size. Default: . |
image-version | string | optional | Image version in the image header. Default: . |
security-counter | string, integer | optional | Value of security counter. Use the keyword to automatically generate it from the image version. Default: . |
align | string, integer | optional | Flash alignment. Default: . Available values: , , , . |
pubkey-format | string | optional | Public key format in the image TLV: full key or hash of the key. Available values: or . Default: . |
pubkey-encoding | string | optional | Public key encoding in the image TLV. Applicable values: , or . Default: . |
signature-encoding | string | optional | Image signature encoding. Applicable values: , or . Default: . |
pad | boolean | optional | Adds padding to the image trailer. Pads the image from the end of the TLV area up to the slot size. boot_magic is always at the very end after the padding. |
confirm | boolean | optional | Adds image OK status to the trailer. Pads the image from the end of the TLV area up to the slot size and sets the image OK byte to 0x01 (the eighth byte from the end). The padding is required for this feature and is always applied. boot_magic is always at the very end after the padding. |
overwrite-only | boolean | optional | Use overwrite mode instead of swap. |
boot-record | string | optional | Create CBOR encoded boot record TLV. Represents the role of the software component (for example, CoFM for coprocessor firmware). Maximum 12 characters. |
hex-address | string, integer | optional | Adjust the address in the hex output file. |
load-address | string, integer | optional | Load address for image when it should run from RAM. |
rom-fixed | string, integer | optional | Set flash address the image is built for. |
max-sectors | string, integer | optional | When padding allow for this amount of sectors. Default: . |
save-enctlv | boolean | optional | When upgrading, save encrypted key TLVs instead of plain keys. Enable when BOOT_SWAP_SAVE_ENCTLV config option was set. |
dependencies | string | optional | Add dependency on another image. Format: . |
encryption-public-key | string | optional | ECDSA public key used to generate the symmetric key for image encryption (ECIES schema). It must be the receiver's public key. |
encryption-secret-key | string | optional | An encryption key. |
encryption-key-role | string | optional | An encryption key role. Specifies what the key is used for:
Available values: , . Default: . |
encryption-address | string | optional | Starting address for data encryption. |
protected-tlv | list | optional | The custom TLV to be placed into a protected area (the signed part). Add the prefix for the value to be interpreted as an , otherwise it will be interpreted as a . |
tlv | list | optional | The custom TLV to be placed into a non-protected area. Add the |
kdf | string | optional | Key derivation function name. Default: . Available values: , . |
remove-tlv | list | optional | Removes TLV with the specified ID. |
Outputs
Name | Type | Optional/Required | Description |
|---|---|---|---|
description | string | optional | Description for this field. |
file | string | required | Path to the signed and/or converted to the MCUboot format image. |
format | string | required | Format of the output file. Available values: or . |
unencrypted | string | optional | The path where to save unencrypted image payload (bin). Specify this option if the image is encrypted and provide the unencrypted image to HSM because the signature is calculated on the unencrypted data. |
nonce-output | string | optional | The path to a file where to save the nonce. |
Example
{
"schema-version": 1.0,
"content": [
{
"name" : "sign command example",
"description": "Signs the input file and converts it to the MCUboot format",
"enabled": true,
"commands": [
{
"command": "sign",
"inputs": [
{
"description": "Secure application",
"file": "./rram_1.hex",
"signing-key": "./some-key-ec-p256.pem",
"overwrite-only": true,
"header-size": "0x400",
"slot-size": "0x1000",
"fill-value": "0x00",
"min-erase-size": "0x200",
"pad": true,
"hex-address": "0x32005000",
"protected-tlv": [
{
"tag": "0x22",
"value": "0x12345678"
}
]
}
],
"outputs" : [
{
"description": "Signed secured application",
"format" : "ihex",
"file": "./rram_1_signed.hex"
}
]
}
]
}
]
}