Master Boot Image (MBI)#
Master Boot Image can be used directly (e.g. by using blhost write-memory command) or it can be used for further processing (e.g. used as input to Secure Binary image container). Image is created based on a supplied configuration file, either JSON or YAML is supported.
We can divide divide into two categories based on layout.
- eXecute-In-Place (XIP) images
Plain
CRC
Signed
- Load-to-RAM images
Plain
CRC
Signed images with HMAC signed header. Since load-to-RAM copies the image from untrusted media to on-chip RAM, the length field in header should be authenticated before copy. Hence HMAC signed headers are used.
Encrypted (plain header with HMAC + AES-CBC encrypted).
Example of use
nxpimage: nxpimage mbi export -c <path to config file>
Supported devices for MBI#
Supported execution targets are: XIP (Execute in place) and Load to RAM and image authentication types: Plain, CRC, Signed, Encrypted and NXP Signed.
The following table shows the supported image types for each device.
Target in the table represents outputImageExecutionTarget in the configuration file and authentication in the table represents outputImageAuthenticationType.
Targets |
xip |
xip |
xip |
xip |
xip |
load-to-ram |
load-to-ram |
load-to-ram |
load-to-ram |
load-to-ram |
|---|---|---|---|---|---|---|---|---|---|---|
Authentication |
plain |
crc |
signed |
signed-nxp |
signed-encrypted |
plain |
crc |
signed |
signed-nxp |
signed-encrypted |
k32w1xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||||
kw45xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||||
lpc550x |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
|||
lpc551x |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
|||
lpc552x |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
|||
lpc553x |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||||
lpc55s0x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
lpc55s1x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
lpc55s2x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
lpc55s3x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
lpc55s6x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
mc56f816xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mc56f817xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mc56f818xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa142 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa143 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa144 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa145 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa146 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa152 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa153 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa154 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa155 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxa156 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mcxn23x |
❌ |
❌ |
❌ |
❌ |
||||||
mcxn54x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
mcxn94x |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
mcxw71xx |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||||
mwct2x12 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
mwct2xd2 |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
❌ |
||
nhs52sxx |
❌ |
❌ |
❌ |
❌ |
❌ |
|||||
rt5xx |
❌ |
❌ |
❌ |
|||||||
rt6xx |
❌ |
❌ |
❌ |
|||||||
rw61x |
❌ |
❌ |
❌ |
❌ |
Note
For LPC55xx (except for the LPC55S36 with external flash), MCXN9xx and MCXN23x the load-to-RAM images are intended only for recovery boot from 1-bit SPI flash.
Implementation details#
To handle the small differences between the MBI types. Mixin classes were used to define the common parts of the MBI. This definition of required mixins is stored in database for each family of devices. When you click on the supported MBI type in the table above, you will be pointed to the documentation of the specific MBI type. Naming convention for each MBI type is used here just for documentation purposes. For example: “MBI-A-IV-I-TZM-LA-EATZ-ECS” contains first letters of mixins used in the MBI, like App, ImageVersion, IVT, TrustZoneMandatory and ohters…
If you want to create MBI class directly you might use create_mbi_class function. The function takes two arguments, the first one is the MBI type and the second one is the device family. The method returns the class that can be used to create MBI image.
from spsdk.image.mbi.mbi import create_mbi_class
MbiClass = create_mbi_class("plain", "k32w1xx")
Exporting the image is done in six steps.
Validating the input data by calling the validate method.
Collecting the data by calling the collect_data method.
Optionally encrypting the image by calling the encrypt method.
Optionally do post encrypt update by calling the post_encrypt method.
Optionally sign the image by calling the sign method.
Finalize the image by calling the finalize method.
Supported configuration options#
Refer to the documentation below for the supported configuration options for each image type. Please note that the outputImageExecutionTarget and outputImageAuthenticationType must be filled in addition to the basic settings according to the table with supported devices.
outputImageExecutionTarget: xip # Application target., Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
outputImageAuthenticationType: signed # Type of boot image authentication., Specification of final master boot image authentication.
MBI-A-IZTL-LA-TZM-IST-EATZ#
MBI Mixins
Class name: plain
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinLoadAddress
Mbi_MixinTrustZoneMandatory
Mbi_MixinImageSubType
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-LA-TZM-IST-EATZ JSON schema
MBI-A-IZTL-LA-TZM-IST-EATZ YAML configuration template
# =============================================== YAML template plain ================================================
# ======================================================================================================================
# == MBI-A-IZTL-LA-TZM-IST-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------------------===== Image SubType [Optional] =====-----------------------------------------
# Description: Image subtype determine the image use in MCU. "main" for main application, "nbu" for Narrow Band Unit
# image and "recovery" for recovery image type
# Possible options: <main, nbu, recovery>
outputImageSubtype: main
MBI-A-I-LA-TZM-IST-EATZ-ECS#
MBI Mixins
Class name: crc
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinTrustZoneMandatory
Mbi_MixinImageSubType
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-LA-TZM-IST-EATZ-ECS JSON schema
MBI-A-I-LA-TZM-IST-EATZ-ECS YAML configuration template
# ================================================ YAML template crc =================================================
# ======================================================================================================================
# == MBI-A-I-LA-TZM-IST-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------------------===== Image SubType [Optional] =====-----------------------------------------
# Description: Image subtype determine the image use in MCU. "main" for main application, "nbu" for Narrow Band Unit
# image and "recovery" for recovery image type
# Possible options: <main, nbu, recovery>
outputImageSubtype: main
MBI-A-I-LA-CBV-MD-EACBM-EES#
MBI Mixins
Class name: signed
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinCertBlockV21
Mbi_MixinManifestDigest
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-I-LA-CBV-MD-EACBM-EES JSON schema
MBI-A-I-LA-CBV-MD-EACBM-EES YAML configuration template
# =============================================== YAML template signed ===============================================
# ======================================================================================================================
# == MBI-A-I-LA-CBV-MD-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# --------------------------------===== Manifest signing hash algorithm [Optional] =====--------------------------------
# Description: Optional Manifest signing hash algorithm name to create Certificate v3.1 Manifest.
# Possible options: <sha256, sha384, sha512>
manifestDigestHashAlgorithm: sha256
MBI-A-I-LA-CBV-MD-IST-EACBM-EES#
MBI Mixins
Class name: nxp_signed
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinCertBlockV21
Mbi_MixinManifestDigest
Mbi_MixinImageSubType
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-I-LA-CBV-MD-IST-EACBM-EES JSON schema
MBI-A-I-LA-CBV-MD-IST-EACBM-EES YAML configuration template
# ============================================= YAML template nxp_signed =============================================
# ======================================================================================================================
# == MBI-A-I-LA-CBV-MD-IST-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# --------------------------------===== Manifest signing hash algorithm [Optional] =====--------------------------------
# Description: Optional Manifest signing hash algorithm name to create Certificate v3.1 Manifest.
# Possible options: <sha256, sha384, sha512>
manifestDigestHashAlgorithm: sha256
# -----------------------------------------===== Image SubType [Optional] =====-----------------------------------------
# Description: Image subtype determine the image use in MCU. "main" for main application, "nbu" for Narrow Band Unit
# image and "recovery" for recovery image type
# Possible options: <main, nbu, recovery>
outputImageSubtype: main
MBI-A-IZTL-EA#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_ExportMixinApp
MBI-A-IZTL-EA JSON schema
MBI-A-IZTL-EA YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-EA ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
MBI-A-I-EA-ECS#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_ExportMixinApp
Mbi_ExportMixinCrcSign
MBI-A-I-EA-ECS JSON schema
MBI-A-I-EA-ECS YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-I-EA-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
MBI-A-I-LA-EA-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_ExportMixinApp
Mbi_ExportMixinCrcSign
MBI-A-I-LA-EA-ECS JSON schema
MBI-A-I-LA-EA-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-I-LA-EA-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-IZTL-LA-EA#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvtZeroTotalLength
Mbi_MixinLoadAddress
Mbi_ExportMixinApp
MBI-A-IV-IZTL-LA-EA JSON schema
MBI-A-IV-IZTL-LA-EA YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IV-IZTL-LA-EA ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-I-LA-EA#
MBI Mixins
Class name: plain_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_ExportMixinApp
MBI-A-IV-I-LA-EA JSON schema
MBI-A-IV-I-LA-EA YAML configuration template
# ============================================= YAML template plain_ram ==============================================
# ======================================================================================================================
# == MBI-A-IV-I-LA-EA ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-I-LA-EA-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_ExportMixinApp
Mbi_ExportMixinCrcSign
MBI-A-IV-I-LA-EA-ECS JSON schema
MBI-A-IV-I-LA-EA-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-IV-I-LA-EA-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IZTL-TZ-HK-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinTrustZone
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-TZ-HK-EATZ JSON schema
MBI-A-IZTL-TZ-HK-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-TZ-HK-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-I-TZ-LA-EATZ-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinLoadAddress
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-TZ-LA-EATZ-ECS JSON schema
MBI-A-I-TZ-LA-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-I-TZ-LA-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-I-LA-TZ-HK-EATZ-ECS#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinTrustZone
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-LA-TZ-HK-EATZ-ECS JSON schema
MBI-A-I-LA-TZ-HK-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-I-LA-TZ-HK-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-I-TZ-LA-CBV-EATZCB-ERS#
MBI Mixins
Class name: signed_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinLoadAddress
Mbi_MixinCertBlockV1
Mbi_ExportMixinAppTrustZoneCertBlock
Mbi_ExportMixinRsaSign
MBI-A-I-TZ-LA-CBV-EATZCB-ERS JSON schema
MBI-A-I-TZ-LA-CBV-EATZCB-ERS YAML configuration template
# ============================================= YAML template signed_ram =============================================
# ======================================================================================================================
# == MBI-A-I-TZ-LA-CBV-EATZCB-ERS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
MBI-A-I-LA-TZ-CBV-HK-EATZCB-ERS#
MBI Mixins
Class name: signed_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinTrustZone
Mbi_MixinCertBlockV1
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZoneCertBlock
Mbi_ExportMixinRsaSign
MBI-A-I-LA-TZ-CBV-HK-EATZCB-ERS JSON schema
MBI-A-I-LA-TZ-CBV-HK-EATZCB-ERS YAML configuration template
# ============================================= YAML template signed_xip =============================================
# ======================================================================================================================
# == MBI-A-I-LA-TZ-CBV-HK-EATZCB-ERS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-IZTL-TZ-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinTrustZone
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-TZ-EATZ JSON schema
MBI-A-IZTL-TZ-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-TZ-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
MBI-A-I-TZ-EATZ-ECS#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-TZ-EATZ-ECS JSON schema
MBI-A-I-TZ-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-I-TZ-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
MBI-A-I-TZ-CBV-EATZCB-ERS#
MBI Mixins
Class name: signed_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinCertBlockV1
Mbi_ExportMixinAppTrustZoneCertBlock
Mbi_ExportMixinRsaSign
MBI-A-I-TZ-CBV-EATZCB-ERS JSON schema
MBI-A-I-TZ-CBV-EATZCB-ERS YAML configuration template
# ============================================= YAML template signed_xip =============================================
# ======================================================================================================================
# == MBI-A-I-TZ-CBV-EATZCB-ERS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
MBI-A-IV-IZTL-TZM-LA-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvtZeroTotalLength
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_ExportMixinAppTrustZone
MBI-A-IV-IZTL-TZM-LA-EATZ JSON schema
MBI-A-IV-IZTL-TZM-LA-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IV-IZTL-TZM-LA-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-I-TZM-LA-EATZ#
MBI Mixins
Class name: plain_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvt
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_ExportMixinAppTrustZone
MBI-A-IV-I-TZM-LA-EATZ JSON schema
MBI-A-IV-I-TZM-LA-EATZ YAML configuration template
# ============================================= YAML template plain_ram ==============================================
# ======================================================================================================================
# == MBI-A-IV-I-TZM-LA-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-I-TZM-LA-EATZ-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvt
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-IV-I-TZM-LA-EATZ-ECS JSON schema
MBI-A-IV-I-TZM-LA-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-IV-I-TZM-LA-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-IV-I-CBV-MD-LA-FV-EACBM-EES#
MBI Mixins
Class name: signed_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinImageVersion
Mbi_MixinIvt
Mbi_MixinCertBlockV21
Mbi_MixinManifestDigest
Mbi_MixinLoadAddress
Mbi_MixinFwVersion
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-IV-I-CBV-MD-LA-FV-EACBM-EES JSON schema
MBI-A-IV-I-CBV-MD-LA-FV-EACBM-EES YAML configuration template
# ============================================= YAML template signed_xip =============================================
# ======================================================================================================================
# == MBI-A-IV-I-CBV-MD-LA-FV-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# --------------------------------===== Manifest signing hash algorithm [Optional] =====--------------------------------
# Description: Optional Manifest signing hash algorithm name to create Certificate v3.1 Manifest.
# Possible options: <sha256, sha384, sha512>
manifestDigestHashAlgorithm: sha256
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
MBI-A-BT-F-EAF#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinBcaTable
Mbi_MixinFcf
Mbi_ExportMixinAppFcf
MBI-A-BT-F-EAF JSON schema
MBI-A-BT-F-EAF YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-BT-F-EAF ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ---------------------------------------===== Life cycle state [Optional] =====----------------------------------------
# Description: life cycle state model to protect code from reading from the device internal flash, which is called code
# read protection feature. There are different levels of protections in the system, so that access to the on-chip flash
# and use of ISP can be restricted. Four levels of Read Out Protection (ROP) are supported. This read out protection is
# a mechanism that allows user to enable different levels of protection in the system. It is a 8-bit field FTFA_FSEC
# associated with flash security byte (0x40c byte address). It can be programmed by customer. Check the SRM for more
# information. If not provided, value in application will be used.
# Possible options: <NOT_SET, OEM_OPEN, OEM_CLOSED_ROP1, OEM_CLOSED_ROP2, OEM_CLOSED_ROP3, OEM_CLOSED_NO_RETURN>
lifeCycle: NOT_SET
MBI-A-BT-F-ECSB-EAF#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinBcaTable
Mbi_MixinFcf
Mbi_ExportMixinCrcSignBca
Mbi_ExportMixinAppFcf
MBI-A-BT-F-ECSB-EAF JSON schema
MBI-A-BT-F-ECSB-EAF YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-BT-F-ECSB-EAF ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ---------------------------------------===== Life cycle state [Optional] =====----------------------------------------
# Description: life cycle state model to protect code from reading from the device internal flash, which is called code
# read protection feature. There are different levels of protections in the system, so that access to the on-chip flash
# and use of ISP can be restricted. Four levels of Read Out Protection (ROP) are supported. This read out protection is
# a mechanism that allows user to enable different levels of protection in the system. It is a 8-bit field FTFA_FSEC
# associated with flash security byte (0x40c byte address). It can be programmed by customer. Check the SRM for more
# information. If not provided, value in application will be used.
# Possible options: <NOT_SET, OEM_OPEN, OEM_CLOSED_ROP1, OEM_CLOSED_ROP2, OEM_CLOSED_ROP3, OEM_CLOSED_NO_RETURN>
lifeCycle: NOT_SET
MBI-A-BT-B-F-CBV-EABF-EESV#
MBI Mixins
Class name: signed_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinBcaTable
Mbi_MixinBca
Mbi_MixinFcf
Mbi_MixinCertBlockVx
Mbi_ExportMixinAppBcaFcf
Mbi_ExportMixinEccSignVx
MBI-A-BT-B-F-CBV-EABF-EESV JSON schema
MBI-A-BT-B-F-CBV-EABF-EESV YAML configuration template
# ============================================= YAML template signed_xip =============================================
# ======================================================================================================================
# == MBI-A-BT-B-F-CBV-EABF-EESV ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Used for anti-rollback protection. New firmware must have the same or higher FW version. This value is
# the minimum firmware version will be stored in BCA and the firmware version specified in SBX file is then compared
# with this value.
firmwareVersion: 0
# ---------------------------------------===== Life cycle state [Optional] =====----------------------------------------
# Description: life cycle state model to protect code from reading from the device internal flash, which is called code
# read protection feature. There are different levels of protections in the system, so that access to the on-chip flash
# and use of ISP can be restricted. Four levels of Read Out Protection (ROP) are supported. This read out protection is
# a mechanism that allows user to enable different levels of protection in the system. It is a 8-bit field FTFA_FSEC
# associated with flash security byte (0x40c byte address). It can be programmed by customer. Check the SRM for more
# information. If not provided, value in application will be used.
# Possible options: <NOT_SET, OEM_OPEN, OEM_CLOSED_ROP1, OEM_CLOSED_ROP2, OEM_CLOSED_ROP3, OEM_CLOSED_NO_RETURN>
lifeCycle: NOT_SET
# ---------------------------------===== Certificate Block binary file [Required] =====---------------------------------
# Description: Path to certificate block.
certBlock: cert_block.bin
# --------------===== True to append SHA256 hash [0:127] at the end of certificate block [Optional] =====---------------
# Description: Not mandatory if the hash is written in OTP
addCertHash: true
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
MBI-A-IZTL-IV-EA#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinImageVersion
Mbi_ExportMixinApp
MBI-A-IZTL-IV-EA JSON schema
MBI-A-IZTL-IV-EA YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-IV-EA ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-IV-EA-ECS#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinImageVersion
Mbi_ExportMixinApp
Mbi_ExportMixinCrcSign
MBI-A-I-IV-EA-ECS JSON schema
MBI-A-I-IV-EA-ECS YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-I-IV-EA-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-IV-EA#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinImageVersion
Mbi_ExportMixinApp
MBI-A-I-IV-EA JSON schema
MBI-A-I-IV-EA YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-I-IV-EA ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-IZTL-TZM-LA-IV-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_MixinImageVersion
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-TZM-LA-IV-EATZ JSON schema
MBI-A-IZTL-TZM-LA-IV-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-TZM-LA-IV-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-TZM-LA-IV-EATZ#
MBI Mixins
Class name: plain_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_MixinImageVersion
Mbi_ExportMixinAppTrustZone
MBI-A-I-TZM-LA-IV-EATZ JSON schema
MBI-A-I-TZM-LA-IV-EATZ YAML configuration template
# ============================================= YAML template plain_ram ==============================================
# ======================================================================================================================
# == MBI-A-I-TZM-LA-IV-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-TZM-LA-IV-EATZ-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZoneMandatory
Mbi_MixinLoadAddress
Mbi_MixinImageVersion
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-TZM-LA-IV-EATZ-ECS JSON schema
MBI-A-I-TZM-LA-IV-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-I-TZM-LA-IV-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-LA-CBV-MC-IST-IV-FV-EACBM-EES#
MBI Mixins
Class name: signed_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinCertBlockV21
Mbi_MixinManifestCrc
Mbi_MixinImageSubType
Mbi_MixinImageVersion
Mbi_MixinFwVersion
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-I-LA-CBV-MC-IST-IV-FV-EACBM-EES JSON schema
MBI-A-I-LA-CBV-MC-IST-IV-FV-EACBM-EES YAML configuration template
# ============================================= YAML template signed_xip =============================================
# ======================================================================================================================
# == MBI-A-I-LA-CBV-MC-IST-IV-FV-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# -----------------------------------------===== Image SubType [Optional] =====-----------------------------------------
# Description: Image subtype determine the image use in MCU. "main" for main application, "nbu" for Narrow Band Unit
# image and "recovery" for recovery image type
# Possible options: <main, nbu, recovery>
outputImageSubtype: main
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-CBV-MC-IST-LA-IV-FV-EACBM-EES#
MBI Mixins
Class name: signed_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinCertBlockV21
Mbi_MixinManifestCrc
Mbi_MixinImageSubType
Mbi_MixinLoadAddress
Mbi_MixinImageVersion
Mbi_MixinFwVersion
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-I-CBV-MC-IST-LA-IV-FV-EACBM-EES JSON schema
MBI-A-I-CBV-MC-IST-LA-IV-FV-EACBM-EES YAML configuration template
# ============================================= YAML template signed_ram =============================================
# ======================================================================================================================
# == MBI-A-I-CBV-MC-IST-LA-IV-FV-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# -----------------------------------------===== Image SubType [Optional] =====-----------------------------------------
# Description: Image subtype determine the image use in MCU. "main" for main application, "nbu" for Narrow Band Unit
# image and "recovery" for recovery image type
# Possible options: <main, nbu, recovery>
outputImageSubtype: main
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-IZTL-TZM-IV-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinTrustZoneMandatory
Mbi_MixinImageVersion
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-TZM-IV-EATZ JSON schema
MBI-A-IZTL-TZM-IV-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-TZM-IV-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-LA-TZM-IV-EATZ-ECS#
MBI Mixins
Class name: crc_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddress
Mbi_MixinTrustZoneMandatory
Mbi_MixinImageVersion
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-I-LA-TZM-IV-EATZ-ECS JSON schema
MBI-A-I-LA-TZM-IV-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_xip ===============================================
# ======================================================================================================================
# == MBI-A-I-LA-TZM-IV-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0
MBI-A-I-LAO-TZ-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinLoadAddressOptional
Mbi_MixinTrustZone
Mbi_ExportMixinAppTrustZone
MBI-A-I-LAO-TZ-EATZ JSON schema
MBI-A-I-LAO-TZ-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-I-LAO-TZ-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Optional] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
MBI-A-I-TZ-LA-HK-EATZ#
MBI Mixins
Class name: plain_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinLoadAddress
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZone
MBI-A-I-TZ-LA-HK-EATZ JSON schema
MBI-A-I-TZ-LA-HK-EATZ YAML configuration template
# ============================================= YAML template plain_ram ==============================================
# ======================================================================================================================
# == MBI-A-I-TZ-LA-HK-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-RT-LA-I-TZ-CBV-HM-KS-HK-EATZCB-ERS-EHKSF#
MBI Mixins
Class name: signed_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinRelocTable
Mbi_MixinLoadAddress
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinCertBlockV1
Mbi_MixinHmacMandatory
Mbi_MixinKeyStore
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZoneCertBlock
Mbi_ExportMixinRsaSign
Mbi_ExportMixinHmacKeyStoreFinalize
MBI-A-RT-LA-I-TZ-CBV-HM-KS-HK-EATZCB-ERS-EHKSF JSON schema
MBI-A-RT-LA-I-TZ-CBV-HM-KS-HK-EATZCB-ERS-EHKSF YAML configuration template
# ============================================= YAML template signed_ram =============================================
# ======================================================================================================================
# == MBI-A-RT-LA-I-TZ-CBV-HM-KS-HK-EATZCB-ERS-EHKSF ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== The list of additional binaries [Optional] =====--------------------------------
# Description: This is software future of RTxxx family that NXP SDK startup code(not ROM) could load additional images.
applicationTable:
-
# ----------------------------------------===== Binary file [Required] =====----------------------------------------
# Description: The binary file to be added to final application.
binary: my_additional_binary.bin
# ------------------------------------===== Destination address [Required] =====------------------------------------
# Description: Destination address in RAM of additional binary.
destAddress: 536870912
# ----------------------------------------===== Enable load [Required] =====----------------------------------------
# Description: Enabler to load/use the image.
load: true
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# -----------------------------------===== OTP Master key (HMAC Key) [Required] =====-----------------------------------
# Description: The OTP Master key that is used to compute HMAC encryption key. Could be defined as hex number and also
# as hex/binary file.\n Used algorithm by tool the get HMAC Key; AES_ENCRYPT (OTP_MASTER_KEK,
# 0x00000000000000000000000000000000)
outputImageEncryptionKeyFile: otp_master_key.bin
# ------------------------------------===== The Key store data file [Optional] =====------------------------------------
# Description: Optional KeyStore data file for included keystore in LoadToRam images. If defined the KeyStore is added
# into MBI.
keyStoreFile: my_key_store_data.bin
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-RT-LA-I-TZ-HK-EATZ-ECS#
MBI Mixins
Class name: crc_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinRelocTable
Mbi_MixinLoadAddress
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZone
Mbi_ExportMixinCrcSign
MBI-A-RT-LA-I-TZ-HK-EATZ-ECS JSON schema
MBI-A-RT-LA-I-TZ-HK-EATZ-ECS YAML configuration template
# ============================================== YAML template crc_ram ===============================================
# ======================================================================================================================
# == MBI-A-RT-LA-I-TZ-HK-EATZ-ECS ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== The list of additional binaries [Optional] =====--------------------------------
# Description: This is software future of RTxxx family that NXP SDK startup code(not ROM) could load additional images.
applicationTable:
-
# ----------------------------------------===== Binary file [Required] =====----------------------------------------
# Description: The binary file to be added to final application.
binary: my_additional_binary.bin
# ------------------------------------===== Destination address [Required] =====------------------------------------
# Description: Destination address in RAM of additional binary.
destAddress: 536870912
# ----------------------------------------===== Enable load [Required] =====----------------------------------------
# Description: Enabler to load/use the image.
load: true
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-RT-LA-I-TZ-CBV-HK-KS-HM-CIV-EATZCBE-ERS-EHKSF#
MBI Mixins
Class name: encrypted_signed_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinRelocTable
Mbi_MixinLoadAddress
Mbi_MixinIvt
Mbi_MixinTrustZone
Mbi_MixinCertBlockV1
Mbi_MixinHwKey
Mbi_MixinKeyStore
Mbi_MixinHmacMandatory
Mbi_MixinCtrInitVector
Mbi_ExportMixinAppTrustZoneCertBlockEncrypt
Mbi_ExportMixinRsaSign
Mbi_ExportMixinHmacKeyStoreFinalize
MBI-A-RT-LA-I-TZ-CBV-HK-KS-HM-CIV-EATZCBE-ERS-EHKSF JSON schema
MBI-A-RT-LA-I-TZ-CBV-HK-KS-HM-CIV-EATZCBE-ERS-EHKSF YAML configuration template
# ======================================== YAML template encrypted_signed_ram ========================================
# ======================================================================================================================
# == MBI-A-RT-LA-I-TZ-CBV-HK-KS-HM-CIV-EATZCBE-ERS-EHKSF ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== The list of additional binaries [Optional] =====--------------------------------
# Description: This is software future of RTxxx family that NXP SDK startup code(not ROM) could load additional images.
applicationTable:
-
# ----------------------------------------===== Binary file [Required] =====----------------------------------------
# Description: The binary file to be added to final application.
binary: my_additional_binary.bin
# ------------------------------------===== Destination address [Required] =====------------------------------------
# Description: Destination address in RAM of additional binary.
destAddress: 536870912
# ----------------------------------------===== Enable load [Required] =====----------------------------------------
# Description: Enabler to load/use the image.
load: true
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
# ------------------------------------===== The Key store data file [Optional] =====------------------------------------
# Description: Optional KeyStore data file for included keystore in LoadToRam images. If defined the KeyStore is added
# into MBI.
keyStoreFile: my_key_store_data.bin
# -----------------------------------===== OTP Master key (HMAC Key) [Required] =====-----------------------------------
# Description: The OTP Master key that is used to compute HMAC encryption key. Could be defined as hex number and also
# as hex/binary file.\n Used algorithm by tool the get HMAC Key; AES_ENCRYPT (OTP_MASTER_KEK,
# 0x00000000000000000000000000000000)
outputImageEncryptionKeyFile: otp_master_key.bin
# ---------------===== The output image encryption initial vector for encryption counter [Optional] =====---------------
# Description: The initial vector for encryption counter. Could be defined as hex number and also as hex/binary file
CtrInitVector: '0xc3df2316fd40b15586cb5ae49483aee2'
MBI-A-IZTL-LAO-TZ-HK-EATZ#
MBI Mixins
Class name: plain_xip
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvtZeroTotalLength
Mbi_MixinLoadAddressOptional
Mbi_MixinTrustZone
Mbi_MixinHwKey
Mbi_ExportMixinAppTrustZone
MBI-A-IZTL-LAO-TZ-HK-EATZ JSON schema
MBI-A-IZTL-LAO-TZ-HK-EATZ YAML configuration template
# ============================================= YAML template plain_xip ==============================================
# ======================================================================================================================
# == MBI-A-IZTL-LAO-TZ-HK-EATZ ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# --------------------------------===== Loading address of application [Optional] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ----------------------------------===== Enable User HW key sharing [Required] =====-----------------------------------
# Description: Controlling secure hardware key bus. If enabled(1), then it is possible to access keys on hardware secure
# bus from non-secure application, else non-secure application will read zeros.
enableHwUserModeKeys: false
MBI-A-I-CBV-MD-LA-FV-IV-EACBM-EES#
MBI Mixins
Class name: signed_ram
MasterBootImage
Mbi_MixinApp
Mbi_MixinIvt
Mbi_MixinCertBlockV21
Mbi_MixinManifestDigest
Mbi_MixinLoadAddress
Mbi_MixinFwVersion
Mbi_MixinImageVersion
Mbi_ExportMixinAppCertBlockManifest
Mbi_ExportMixinEccSign
MBI-A-I-CBV-MD-LA-FV-IV-EACBM-EES JSON schema
MBI-A-I-CBV-MD-LA-FV-IV-EACBM-EES YAML configuration template
# ============================================= YAML template signed_ram =============================================
# ======================================================================================================================
# == MBI-A-I-CBV-MD-LA-FV-IV-EACBM-EES ==
# ======================================================================================================================
# ------------------------------------------===== MCU family [Required] =====-------------------------------------------
# Description: MCU family name.
family: CHOOSE_FROM_TABLE
# --------------------------------------===== Application target [Required] =====---------------------------------------
# Description: Definition if application is Execute in Place(XiP) or loaded to RAM during reset sequence.
# Possible options: <xip, load-to-ram, Internal flash (XIP), External flash (XIP), Internal Flash (XIP), External Flash
# (XIP), RAM, ram>
outputImageExecutionTarget: CHOOSE_FROM_TABLE
# -------------------------------===== Type of boot image authentication [Required] =====-------------------------------
# Description: Specification of final master boot image authentication.
# Possible options: <plain, crc, signed, signed-encrypted, signed-nxp, Plain, CRC, Signed, Encrypted + Signed, NXP
# Signed, NXP signed, encrypted>
outputImageAuthenticationType: CHOOSE_FROM_TABLE
# ---------------------------------------===== Output Image name [Required] =====---------------------------------------
# Description: The path for result binary file.
masterBootOutputFile: my_mbi.bin
# ------------------------------------===== Plain application image [Required] =====------------------------------------
# Description: The input application image to by modified to Master Boot Image.
inputImageFile: my_application.bin
# -----------------------------===== Certificate Block binary/config file [Required] =====------------------------------
# Description: Path to certificate block binary or config file.
certBlock: cert_block.yaml
# --------------------------===== Main Certificate private key [Conditionally required] =====---------------------------
# Description: Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
signPrivateKey: main_prv_key.pem
# -------------------------------===== Signature Provider [Conditionally required] =====--------------------------------
# Description: Signature provider configuration in format 'type=<sp_type>;<key1>=<value1>;<key2>=<value2>'.
signProvider: type=file;file_path=my_prv_key.pem
# ------------------------------------===== TrustZone enable option [Optional] =====------------------------------------
# Description: If not specified, the Trust zone is disabled.
enableTrustZone: false
# ---------------------------------===== TrustZone Customization file [Optional] =====----------------------------------
# Description: If not specified, but TrustZone is enabled(enableTrustZone) the default values are used.
trustZonePresetFile: my_tz_custom.yaml
# ---------------------------------------===== Firmware version. [Optional] =====---------------------------------------
# Description: Value compared with Secure_FW_Version monotonic counter value stored in protected memory (MCU specific).
# If value is lower than value in protected memory, then is image rejected (rollback protection).
firmwareVersion: 0
# --------------------------------===== Manifest signing hash algorithm [Optional] =====--------------------------------
# Description: Optional Manifest signing hash algorithm name to create Certificate v3.1 Manifest.
# Possible options: <sha256, sha384, sha512>
manifestDigestHashAlgorithm: sha256
# --------------------------------===== Loading address of application [Required] =====---------------------------------
# Description: Application loading address in RAM if not XiP, otherwise address of load in XiP.
outputImageExecutionAddress: 0
# ----------------------------------------===== Image version. [Optional] =====-----------------------------------------
# Description: Image version is used for dual boot. The boot ROM decides which image to boot first based on the image
# version. It boots the one with the newer image version first, and in case of a failure, it boots the older one.
imageVersion: 0