STM32 header for binary files
来自百问网嵌入式Linux wiki
STM32标头是STMicroelectronics标头,是由 ROM code 和 TF-A加载的二进制文件所需要的。
Description
由ROM code 和 TF-A 加载的每个二进制映像(已签名或未签名)都需要在二进制数据的顶部添加特定的STM32标头,标题包括认证信息。
Name | Length | Byte Offset | Description |
---|---|---|---|
Magic number | 32 bits | 0 | 4 bytes in big endian: 'S', 'T', 'M', 0x32 = 0x53544D32 |
Image signature | 512 bits | 4 | ECDSA signature for image authentication[Note 1] |
Image checksum | 32 bits | 68 | Checksum of the payload[Note 2] |
Header version | 32 bits | 72 | Header version v1.0 = 0x00010000 Byte0: reserved Byte1:major version = 0x01 Byte2: minor version = 0x00 Byte3: reserved |
Image length | 32 bits | 76 | Length of image in bytes[Note 3] |
Image entry Point | 32 bits | 80 | Entry point of image |
Reserved1 | 32 bits | 84 | Reserved |
Load address | 32 bits | 88 | Load address of image[Note 4] |
Reserved2 | 32 bits | 92 | Reserved |
Version number | 32 bits | 96 | Image Version (monotonic number)[Note 5] |
Option flags | 32 bits | 100 | b0=1: no signature verification[Note 6] |
ECDSA algorithm | 32 bits | 104 | 1: P-256 NIST ; 2: brainpool 256 |
ECDSA public key | 512 bits | 108 | ECDSA public key to be used to verify the signature.[Note 7] |
Padding | 83 Bytes | 172 | Reserved padding bytes[Note 8]. Must all be set to 0 |
Binary type | 1 Byte | 255 | Used to check the binary type 0x00: U-Boot 0x10-0x1F: TF-A 0x20-0X2F: OPTEE 0x30: Copro |
- ↑ Signature is calculated from first byte of header version field to last byte of image given by image length field.
- ↑ 32-bit sum of all payload bytes accessed as 8-bit unsigned numbers, discarding any overflow bits. Used to check the downloaded image integrity when signature is not used (if b0=1 in Option flags).
- ↑ Length is the length of the built image, it does not include the length of the STM32 header.
- ↑ This field is not used by ROM code.
- ↑ Image version number is an anti rollback monotonic counter. The ROM code checks that it is higher or equal to the monotonic counter stored in OTP.
- ↑ Enabling signature verification is mandatory on secure closed chips.
- ↑ This field is an extract of PEM public key file that only kept the ECC Point coordinates x and y in a raw binary format (RFC 5480). This field will be hashed with SHA-256 and compared to the Hash of pubKey that is stored in OTP.
- ↑ This padding forces STM32 header size to 256 bytes (0x100).
用于 Version number 和 Hash of pubKey 的动态口令在 “OTP 配置”一章中定义 ROM code overview.