Main Certificate private key
Type: stringFormat: fileMain Certificate private key used to sign certificate. It can be replaced by signProvider key.
NXP chip family identifier.
Revision of silicon. The 'latest' name, means most current revision.
Value compared with SecureFWVersion monotonic counter value stored in protected memory (MCU specific). If value is lower than value in protected memory, then is image rejected (rollback protection).
Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
Main Certificate private key used to sign certificate. It can be replaced by signProvider key.
Signature provider configuration in format 'type=<identifier>;<key1>=<value1>;<key2>=<value2>'.
Path to certificate block binary or config file.
Path to PCK/NPK 256 or 128 bit key in plain hex string format or path to binary file or hex string.
Internal usage only, used for generating SB files with NXP content e.g. provisioning firmware, etc...
Accepted values are 0, 1, 2 and 3. Value used as key properties for key derivation process, more details can be found in CSSv2 manual.
Flag value in SB3.1 manifest, not used by silicons with LPC55S3x ROM. Value can be kept 0, or it can be removed from the configuration file.
Description up to 16 characters, longer will be truncated. Stored in SB3.1 manifest.
If false, generated SB3.1 blocks are not encrypted, only for testing, ROM won't accept unencrypted SB3.1 file. If option is missing, SB3.1 file is automatically encrypted.
For testing purposes. This option can override real timestamp of SB3 file.
Generated SB3 container filename.
Secure Binary v3.1 commands block, list of all possible options - Modify it according to your application
No Additional ItemsPerforms a flash erase of the given address range. The erase will be rounded up to the sector size.
Address of memory block to be erased.
Size of memory block to be erased.
ID of memory block to be erased.
If set, then the data to write immediately follows the range header. The length field contains the actual data length
Address of memory block to be loaded.
ID of memory block to be loaded.
Binary file to be loaded.
32-bit binary values delimited by comma to be loaded.
Binary value to be loaded. Value will be converted to binary little endian format.
If authentication is not used, just omit this option or set 'none'.
Address is the jump-to address. No further processing of SB after jump, ROM do not expect to return.
Jump-to address to start execute code.
Address is OTP index of fuses to be programmed (Check the reference manual for more information). Values is a comma separated list of 32bit values.
OTP Index of fuses to be programmed. Depends on the chip ROM.
32bit binary values delimited by comma or one 32 bit integer to be programmed.
The startAddress will be the address into the IFR region, length will be in number of bytes to write to IFR region. The data to write to IFR region at the given address will immediately follow the header
Address of IFR region to be programmed.
Binary file to be programmed.
Binary value to be programmed, at least 4 bytes. Value will be converted to binary little endian format.
32-bit binary values delimited by comma to be programmed.
If set, then the data to write immediately follows the range header. The length field contains the actual data length. ROM is calculating cmac from loaded data and storing on address known by ROM decided based on startAddress.
Address of memory block to be CMAC loaded.
ID of memory block to be CMAC loaded.
Binary file to be loaded.
If set, then the data to write immediately follows the range header. The length field contains the actual data length. ROM is calculating hash of the data and storing the value in the last 64 bytes of the loaded data, which are reserved for it.
Address of memory block to be loaded.
ID of memory block to be loaded.
Binary file to be loaded.
Used for filling of the memory range by same repeated int32 pattern.
Address of memory block to be filled.
Size of memory block to be filled.
Pattern which will be used to fill memory.
Checks FW version value specified in command for specified counter ID. FW version value in command must be greater than value programmed in OTP to be accepted, otherwise rollback is detected and receive SB fails
Firmware version to be compared.
ID of FW counter to be checked.