EasyManuals Logo

Nvidia MSTFLINT Documentation

Nvidia MSTFLINT
123 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #57 background imageLoading...
Page #57 background image
57
Tool Flow Secure FW With CS Token Blocked
Commands
HW SET (Set flash
parameters)
Flash GW is blocked Flash GW is blocked Flash GW is
blocked
"--no_fw_ctrl" (Legacy
Flow)
Not supported in Secure FW Not supported in Secure FW MFBA
mstmc
ra
Read working working working
Write Read Only CR- Space working Read Only
CR- Space
mstre
gdump
Read working working working
mstco
nfig
working working working working
mstfw
reset
working working working working
The following sections describe how Secure FW updates are performed.
Signing Binary Image Files
For firmware Secure purposes, you may sign the image file using the sign command. If you donot
provide the sign command with a private key and UUID, the command will only computeSHA256
digest and add it to the image signature section. The sign command supports RSA keyswith lengths
of 2048 and 4096 bits.
If you provide a private key with the length of 2048 bits, the command will compute SHA256
digest and encrypt it with the private key and add the result with the provided UUID to the
appropriate image signature section.
If you provide a private key with the length of 4096 bits, the command will compute SHA512
digest and encrypt it with the provided key and add the result with the provided UUID to the
appropriate image signature.
You can sign with two keys in the same command by providing keys with lengths of 2048 and4096
bits. The flags to be used for the first private key and uuid are “--private_key“ and “--key_uuid”,
and for the second private and uuid use “--private_key2” and“–key_uuid2”.
The motivation for signing with two keys is to allow a firmware update from both firmwares,
theone that supports only 2048bit keys and the one that supports 4096bit keys.
Examples:
# mstflint -i /tmp/image.bin sign --private_key privatekey.pem --key_uuid "e0129552-13ba-11e7-a990-0cc47a6d39d2"
# mstflint -i /tmp/image.bin sign --private_key privatekey_2048.pem --key_uuid "e0129552-13ba-11e7-
a990-0cc47a6d39d2" --private_key2 privatekey_4096.pem --key_uuid2 "a0b43568-17cb-16e9-a990-0ff47a6d39e4"

Table of Contents

Other manuals for Nvidia MSTFLINT

Preview: Manual
Manual129 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Nvidia MSTFLINT and is the answer not in the manual?

Nvidia MSTFLINT Specifications

General IconGeneral
BrandNvidia
ModelMSTFLINT
CategoryTools
LanguageEnglish