• State Resolved
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 99 subscribers
  • Views 724 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

[DRA829]How to execute x509CertificateGen.ps1 script in Windows environment

Xie Linda
Intellectual 860 points
Other Parts Discussed in Thread: DRA829, UNIFLASH

Hi. Experts,

1.I have installed openssl in a Windows environment, and then use powershell to try to run the x509CertificateGen.ps1 script to authenticate and encrypt files compiled under windows, but I don’t know what input parameters are required.

2.The files we compile under Windows include TI_DCU.appimage, TI_DCU.hex, TI_DCU.out, TI_DCU.map, TI_DCU.rprc, TI_DCU.xml and other files. Do these files meet the authentication and encryption requirements?

3.I tried to enter the following command on the powershell command line to encrypt:

.\x509CertificateGen.ps1 -e .\TI_DCU.out -b .\TI_DCU.hex -k .\k3_dev_mpk.pem -o my.appimage -l 0x41c00100 -c R5 -m SPLIT_MODE, then failed

4.The log in powershell window:

PS E:\SVN\HCP\01_Platform\Project\500_Software\530_Software_Construction\DRA829_SBL\Trunk\SBL_601> .\x509CertificateGen.
ps1 -e .\TI_DCU.out -b .\TI_DCU.hex -k .\k3_dev_mpk.pem -l 0x41C00100 -c R5 -m SPLIT_MODE


Ŀ¼: E:\SVN\HCP\01_Platform\Project\500_Software\530_Software_Construction\DRA829_SBL\Trunk\SBL_601


Mode LastWriteTime Length Name
---- ------------- ------ ----
d---- 2020/7/16 11:28 TI_DCU
Checking for OpenSSL...
OpenSSL 1.1.1g 21 Apr 2020
R5 Certificate being generated :
X509_CFG = E:\SVN\HCP\01_Platform\Project\500_Software\530_Software_Construction\DRA829_SBL\Trunk\SBL_601\TI_DCU
\x509-temp.cert
KEY = .\k3_dev_mpk.pem
BIN = .\TI_DCU.hex
CERT TYPE = R5, 1
CORE ID = 16
LOADADDR = 0x41C00100
IMAGE_SIZE = 359664
BOOT_OPTIONS = 2
SHA OID is 2.16.840.1.101.3.4.2.3
SHA is
Not found! Please install OpenSSL

Please reply as soon as possible,

Regards,

Xie

  • 0
    TI__Guru* 77904 points

    Hi Xie,

    Did you try this on a linux machine or are you trying to do this for the first time on the windows machine?

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    Intellectual 860 points

    Hi.Karan

           It can works normally on linux machine and this is first time to trying on the windows machine, do you have a good solutions? Have you tired this operation on the windows machine?

    Regards

    Xie

  • 0 in reply to Xie Linda
    TI__Guru* 77904 points

    Hi Xie,

    I haven't used it on window, checking with the team.

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    TI__Guru* 77904 points

    Hi Xie,

    I checked the above and we do not support the RTOS SDK on Windows. Please use VM or Native Linux machine for development.

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    Intellectual 860 points

    Hi,Karan

    1.I think what you said is a bit wrong,I have completed the x509 authentication encryption on the windows machine, and generate two files like compiling on the linux machine, one is *.appimage, the other is *.appimage.signed.

    2.I use uniflash to flash the *.appimage.signed file to the 0x0 address of nor flash through uart (the 0x400000 address is the original sbl compiled on the linux machine to distinguish whether to start from the windows file or the linux file), the result It is that he will start sbl from address 0x400000.

    3.But I use ccs to download the *.appimage.signed compiled on the windows machine to DRA829, the function can run normally, so I located the problem is the authentication encryption failed in the process of ROM code loading SBL, resulting in the windows machine. File does not run correctly.

    Please help me solve this problem, this problem is very important to us.

    Regards,

    Xie

  • 0 in reply to Xie Linda
    TI__Guru* 77904 points

    Hi Xie,

    So there are some windows scripts packaged along with the SDK but they aren't tested, reason being that we don't claim support for windows build for PSDKRA.

    You might be able to run some scripts correctly but it remains untested and might create issues.

    Can you please let me know the reason support on windows is critical?

    Xie Linda said:
    I use uniflash to flash the *.appimage.signed file to the 0x0 address of nor flash through uart (the 0x400000 address is the original sbl compiled on the linux machine to distinguish whether to start from the windows file or the linux file), the result It is that he will start sbl from address 0x400000.

    Can you please help me understand this? Do you build two appimages.signed (one from windows and other from linux)? Why do you flash the appimage.signed to 0x0 ?

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    Intellectual 860 points

    Hi,Karan

    Let's ignore the other sbl, only discuss the files *.appimage and *.appimage, signed files compiled under windows.

    Karan Saxena said:
    Can you please let me know the reason support on windows is critical?

    The reason is that the compilation environment we are building now is based on windows, so all apps and other software are compiled under windows.

    Karan Saxena said:
    Why do you flash the appimage.signed to 0x0 ?

    Because I think *.appimage does not have signature authentication information, and *.appimage.signed has this information, so I downloaded the *.appimage.signed file to nor flash.

    Regards,

    Xie

  • 0 in reply to Xie Linda
    TI__Guru* 77904 points

    Hi Xie,

    I suggest we have this discussion of windows support before you migrate, let me start a thread with Girish and Fan Zhang.

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    Intellectual 860 points

    Hi,Karan

    Now I have implemented all the functions on windows, using OSPI boot mode, ROM can boot normally and load sysfw.bin and then load APP!!!!!!!!

    Regards,

    Xie

  • 0 in reply to Xie Linda
    TI__Guru* 77904 points

    Hi Xie,

    Thanks for the update.

    Did that require the change in the script?

    Also, is this the same use case of SBL -> sysfw -> app1 -> app2?

    Regards,

    Karan

  • 0 in reply to Karan Saxena
    Intellectual 860 points

    Hi,Karan

    Yes, we need to modify a few scripts:

    1.Modify the x509template.txt file, you can refer to the x509base.cfg file under Linux, these two files are consistent

    2.To generate *.tiimage file under windows, you need to call tiimage.exe file in k3ImageGen.bat to generate it. For details, please refer to pdkAppImageCreate.bat (SDK7.0) file to call tiimage.exe

    3.To install relevant encryption tools such as openssl under windows and call the x509CertificateGen.ps1 script to generate the authentication encryption file

    4.All the above steps have been verified on SDK 6.01 and SDK 7.0 and can be started normally in OSPI mode. No problems have been found so far

    Karan Saxena said:
    Also, is this the same use case of SBL -> sysfw -> app1 -> app2?

    Yes,The startup process is SBL->Sysfw.bin->app1->app2.

    Regards,

    Xie