FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Regenerating OEMiRoT_Data.obk

Go to solution
jens-vdb
Associate II

‎2024-02-29 11:21 AM

Hi,

While using the STM32Cube_FW_H5_V1.1.1 repository to explore secure boot on the STM32H5, I saw that the configuration file to generate OEMiRoT_Data.obk is missing. As I want to use my own keys and certificates for the OEMiRoT example application, I think I should regenerate the OEMiRoT_Data.obk file, but I can't find how to do this.

Am i missing something, or is the OEMiRoT_Data.xml file missing from the repository?

Best,

Jens

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Frantz LEFRERE
ST Employee
In response to jens-vdb

‎2024-02-29 11:17 PM - edited ‎2024-02-29 11:18 PM

Hi @jens-vdb 

in fact we do not provide an xml to generate this OEMiRoT_Data.obk.
As this one is only initialize data region used by OEM-iRot to 0, you don't need to tune it.

Basically the obk syntax is 
Address / Size /  Flag / SHA256 ( content)  / Content
If you dump the content you will find the sha256 : 
0x B3 93 97 88 42 A0 FA 3D 3E 14 70 19 6F 09 8F 47 3F 96 78 E7 24 63 CB 65 EC 4A B5 58 18 56 C2 E4

Data Content 
0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

So you can use it as it's.

Best regards,

Frantz 

View solution in original post

4 REPLIES 4
Go to solution
Imen.D
ST Employee

‎2024-02-29 12:02 PM

Hello @jens-vdb ,

I advise you follow this wiki page How to start with OEMiRoT on STM32H573 and 563–Arm® TrustZone® enabled - stm32mcu to generate a customized configuration file.

When your question is answered, please close this topic by clicking "Accept as Solution".
Thanks
Imen
0 Kudos
Go to solution
jens-vdb
Associate II
In response to Imen.D

‎2024-02-29 01:18 PM - edited ‎2024-02-29 01:44 PM

Hi @Imen.D ,

On that page I have found instructions to generate the OEMiRoT_Config.obk file (and generate a OEMiRoT_Config.xml) file using the Trusted Package Creator, but that page does not mention anything about the OEMiRoT_Data.obk file and how to generate that.

In the repository both the OEMiRoT_Config.obk and OEMiRoT_Config.xml files are present, but only OEMiRoT_Data.obk and *not* OEMiRoT_Data.xml. It is that last xml file that I don't know what to put in there.

0 Kudos
Go to solution
Frantz LEFRERE
ST Employee
In response to jens-vdb

‎2024-02-29 11:17 PM - edited ‎2024-02-29 11:18 PM

Hi @jens-vdb 

in fact we do not provide an xml to generate this OEMiRoT_Data.obk.
As this one is only initialize data region used by OEM-iRot to 0, you don't need to tune it.

Basically the obk syntax is 
Address / Size /  Flag / SHA256 ( content)  / Content
If you dump the content you will find the sha256 : 
0x B3 93 97 88 42 A0 FA 3D 3E 14 70 19 6F 09 8F 47 3F 96 78 E7 24 63 CB 65 EC 4A B5 58 18 56 C2 E4

Data Content 
0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

So you can use it as it's.

Best regards,

Frantz 

Go to solution
jens-vdb
Associate II
In response to Frantz LEFRERE

‎2024-03-08 04:40 AM

Thanks, that explains a lot!

0 Kudos
Top