GR5xxx_encrypt_signature.exe
Follow the steps below to run GR5xxx_encrypt_signature.exe:
- Open the Command Prompt window from the Start menu or by entering cmd in the Run window.
- Navigate to the GProgrammer installation directory by using cd command.
- Type GR5xxx_encrypt_signature.exe --parameter to complete
corresponding operations.
For most frequently used parameters, see Table 9. To view all parameters, enter GR5xxx_encrypt_signature.exe --help.
| Parameter | Description | Remarks |
|---|---|---|
| operation | Indicates the operation type. Options:
|
|
| firmware_key | Shows the directory of firmware.key, which is used for firmware encryption and signing, or signing only. | The directories correspond to the paths you have set when you click Generate eFuse File in "eFuse Settings". |
| signature_key | Shows the directory of sign.key, which is used for firmware encryption and signing, or signing only. | |
| signature_pub_key | Shows the directory of sign_pub.key, which is used for firmware encryption and signing, or signing only. | |
| product_json_path | Shows the directory of product.json, which is used for firmware encryption and signing, or signing only. | |
| rand_number | Shows the directory of random.bin, which is used for firmware encryption and signing, or signing only. | |
| ori_firmware | Shows the directory that saves the firmware before encryption and signing, or signing only. | |
| output | Shows the directory that saves the firmware after encryption and signing, or signing only. | |
| base_addr | Sets the start address in the Flash memories to which firmware files
are downloaded. Value:
|
|
| flash_size | Indicates the Flash size (unit: KB) of the selected SoC. For value
details, see the Flash column in Figure 6. Note: For SoCs with 0 KB Flash, the external Flash size applies. |
|
| product_type | Indicates the SoC series. Valid value and description:
|
|
| random_output | Shows the directory that saves the random numbers used in firmware encryption and signing, or signing only. | |
| help | Displays help information. |
Take GR551x SoC as an example. The code below shows how to encrypt and sign firmware by using GR5xxx_encrypt_signature.exe:
GR5xxx_encrypt_signature.exe --operation="encryptandsign" --firmware_key="D:/test/eFuse/firmware.key" --signature_key="D:/test/eFuse/sign.key" --signature_pub_key="D:/test/eFuse/sign_pub.key" --product_json_path="D:/test/eFuse/product.json" --ori_firmware="D:/test/firmware/test_fw.bin" --output="D:/test/firmware_encryptAndSign/test_fw_encryptAndSign.bin" --random_output="D:/test/firmware_encryptAndSign/random.bin" --base_addr="0x01000000" --flash_size="1024" --product_type="0"In the code snippet above, the D:/test/eFuse/ directories show the user-defined folders where files are saved after users click Generate eFuse File, as described in “eFuse Settings”. For descriptions of other parameter, see Table 9.
- --ori_firmware=“D:/test/firmware/test_fw.bin”: the directory of the firmware before any operation
- --output=“D:/test/firmware_encryptAndSign/test_fw_encryptAndSign.bin”: the directory of the encrypted and signed firmware
- --base_addr="0x01000000" --flash_size="1024" --product_type="0": the start address in Flash to which the firmware is downloaded (0x01000000), the Flash size (1024 KB), and SoC model (GR551x) respectively
Run the command to encrypt and sign the firmware.
