Easy repeatable with Creator, difficult to describe. Due to minor customer code addition, I can not upload workspace to community.
CY8CPROTO-063-BLE was used for this exercise. CYBLE-416045-02 is the intended production module.
The bootloading mechanism is a simplified implementation of the CE220960 "Upgradable Stack" example project with some customization. AN221111 "Creating a Secure System" did not provide insight.
The flash memory structure is made up of:
-App0 - Launcher application (Validates and launches App1, validates and copies decrypted App1 from flash storage, updates metadata)
-App1 - Running application firmware (Downloads, decrypts and validates new App1 firmware to Flash Storage, updates metadata and resets into App0)
-Flash Storage - Holds decrypted firmware image to be copied by App0
Customer started with CE222802 "Encrypted Bootloader" example to implement a layer of security, and studied it thoroughly. He is using the encyption keys provided in this example.
Successfully able to generate an encrypted .cyacd2 image, send it to App1, get it decrypted, stored and validated, then let App0 overwrite App1 with new image.
App0 is a Secure Image CySAF with the RSA encrypted SHA-256 signature.
This is the step that allows the code to go off in the weeds. UART messaging was added.
After adding the necessary .cy_app_header, .cy_toc_part2, cy_si_keystorage.c/h, etc code sections to Launcher app, debugging to the attached cm0+ target appears to go off into the weeds with no messaging through UART.
In the "main_cm0p.c" .cy_app_header CY_SECTION below is commented out, App0 runs fine when debugging to the attached cm0+ target and UART messaging show success.
/* Cypress Standard Application Format Header */
const cy_stc_user_appheader_t applicationHeader =
.objSize = CY_BOOTLOAD_APP0_VERIFY_LENGTH, /* Application Size (Bytes) excluding hash */
//.appId = CY_SI_APP_VERSION, /* App ID */
// Need APP_ID_SECUREIMG section in .appId???
.appId = (CY_SI_APP_VERSION | CY_SI_APP_ID_SECUREIMG),
.appAttributes = 0UL, /* Reserved */
.numCores = 2UL, /* CM0+ and CM4 */
.core0Vt = (uint32_t)(&__Vectors) - APP0_START_ADDRESS - offsetof(cy_stc_user_appheader_t, core0Vt), /* Offset to CM0+ Vector Table in flash */
//.core1Vt = (uint32_t)(&__cy_app_core1_start_addr) - APP0_START_ADDRESS - offsetof(cy_stc_user_appheader_t, core1Vt), /* Offset to CM4 Vector Table in flash */
.core1Vt = (uint32_t) APP0_CORE1_START_ADDRESS - APP0_START_ADDRESS - offsetof(cy_stc_user_appheader_t, core1Vt), /* Offset to CM4 Vector Table in flash */
.core0Id = CY_ARM_CM0P_CPUID, /* ARM CM0+ CPU ID */
.core1Id = CY_ARM_CM4_CPUID, /* ARM CM4 CPU ID */
Is there an addressing issue to make the code go off in the weeds? Why does it work when the section is commented?