| <!DOCTYPE html> |
| <!-- |
| Copyright 2019 NXP |
| |
| This software is owned or controlled by NXP and may only be used |
| strictly in accordance with the applicable license terms. By expressly |
| accepting such terms or by downloading, installing, activating and/or |
| otherwise using the software, you are agreeing that you have read, and |
| that you agree to comply with and are bound by, such license terms. If |
| you do not agree to be bound by the applicable license terms, then you |
| may not retain, install, activate or otherwise use the software. |
| --> |
| |
| <html xmlns="http://www.w3.org/1999/xhtml"> |
| <head> |
| <meta charset="utf-8" /> |
| <title>11.5.6.2. AOSP build Environment Setup — Plug & Trust MW v03.00.05 documentation</title> |
| <link rel="stylesheet" href="../_static/bootstrap-sphinx.css" type="text/css" /> |
| <link rel="stylesheet" href="../_static/pygments.css" type="text/css" /> |
| <link rel="stylesheet" type="text/css" href="../_static/graphviz.css" /> |
| <script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script> |
| <script src="../_static/jquery.js"></script> |
| <script src="../_static/underscore.js"></script> |
| <script src="../_static/doctools.js"></script> |
| <script src="../_static/language_data.js"></script> |
| <link rel="index" title="Index" href="../genindex.html" /> |
| <link rel="search" title="Search" href="../search.html" /> |
| <link rel="next" title="11.5.6.10. Stack with SE050" href="doc/stack-with-se050.html" /> |
| <link rel="prev" title="11.5.6.1. Supported Features" href="doc/keymaster_features.html" /> |
| <meta charset='utf-8'> |
| <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> |
| <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> |
| <meta name="apple-mobile-web-app-capable" content="yes"> |
| <script type="text/javascript" src="../_static/js/jquery-1.11.0.min.js "></script> |
| <script type="text/javascript" src="../_static/js/jquery-fix.js "></script> |
| <script type="text/javascript" src="../_static/bootstrap-3.3.7/js/bootstrap.min.js "></script> |
| <script type="text/javascript" src="../_static/bootstrap-sphinx.js "></script> |
| |
| </head><body> |
| |
| <div id="navbar" class="navbar navbar-inverse navbar-default navbar-fixed-top"> |
| <div class="container"> |
| <div class="navbar-header"> |
| <!-- .btn-navbar is used as the toggle for collapsed navbar content --> |
| <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse"> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| </button> |
| <a class="navbar-brand" href="../toc.html"><span><img src="../_static/NXP_logo_JPG.jpg"></span> |
| MW</a> |
| <span class="navbar-text navbar-version pull-left"><b>v03.00.05</b></span> |
| </div> |
| |
| <div class="collapse navbar-collapse nav-collapse"> |
| <ul class="nav navbar-nav"> |
| |
| |
| <li class="dropdown globaltoc-container"> |
| <a role="button" |
| id="dLabelGlobalToc" |
| data-toggle="dropdown" |
| data-target="#" |
| href="../toc.html">TOC <b class="caret"></b></a> |
| <ul class="dropdown-menu globaltoc" |
| role="menu" |
| aria-labelledby="dLabelGlobalToc"><ul class="current"> |
| <li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug & Trust Middleware</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../organization-of-documentation.html">1.1. Organization of Documentation</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../folder-structure.html">1.2. Folder Structure</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sw-prerequisites.html">1.3. List of Platform Prerequisites</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/pending.html">2.1. Pending Refactoring items</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/pending.html#known-limitations">2.2. Known limitations</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_05.html">2.3. Release <code class="docutils literal notranslate"><span class="pre">v03.00.05</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_04.html">2.4. Release <code class="docutils literal notranslate"><span class="pre">v03.00.04</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_03.html">2.5. Release <code class="docutils literal notranslate"><span class="pre">v03.00.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v03_00_02.html">2.6. Release <code class="docutils literal notranslate"><span class="pre">v03.00.02</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_01.html">2.7. Release <code class="docutils literal notranslate"><span class="pre">v02.16.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_16_00.html">2.8. Release <code class="docutils literal notranslate"><span class="pre">v02.16.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_15_00.html">2.9. Release <code class="docutils literal notranslate"><span class="pre">v02.15.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_14_00.html">2.10. Release <code class="docutils literal notranslate"><span class="pre">v02.14.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html">2.11. Release <code class="docutils literal notranslate"><span class="pre">v02.12.05</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-04">2.12. Release <code class="docutils literal notranslate"><span class="pre">v02.12.04</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-03">2.13. Release <code class="docutils literal notranslate"><span class="pre">v02.12.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-02">2.14. Release <code class="docutils literal notranslate"><span class="pre">v02.12.02</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-01">2.15. Release <code class="docutils literal notranslate"><span class="pre">v02.12.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_12_00.html#release-v02-12-00">2.16. Release <code class="docutils literal notranslate"><span class="pre">v02.12.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_03.html">2.17. Release <code class="docutils literal notranslate"><span class="pre">v02.11.03</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_01.html">2.18. Internal Release <code class="docutils literal notranslate"><span class="pre">v02.11.01</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_11_00.html">2.19. Release <code class="docutils literal notranslate"><span class="pre">v02.11.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_10_00.html">2.20. Release <code class="docutils literal notranslate"><span class="pre">v02.10.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_09_00.html">2.21. Release <code class="docutils literal notranslate"><span class="pre">v02.09.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_07_00.html">2.22. Release <code class="docutils literal notranslate"><span class="pre">v02.07.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_06_00.html">2.23. Release <code class="docutils literal notranslate"><span class="pre">v02.06.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html">2.24. Release <code class="docutils literal notranslate"><span class="pre">v02.05.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-v02-04-00">2.25. Release <code class="docutils literal notranslate"><span class="pre">v02.04.00</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../changes/v02_05_00_to_v02_03_00.html#release-02-03-00">2.26. Release <code class="docutils literal notranslate"><span class="pre">02.03.00</span></code></a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug & Trust MW Stack</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/features.html">3.1. Features</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/features.html#plug-trust-mw-block-diagram">3.2. Plug & Trust MW : Block Diagram</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss-apis.html">3.3. SSS APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/se05xfeatures.html">3.4. SSS APIs: SE051 vs SE050</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/param_checks.html">3.5. Parameter Check & Conventions</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/i2cm.html">3.6. I2CM / Secure Sensor</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/logging.html">3.7. Logging</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/feature-file.html">3.8. Feature File - <code class="docutils literal notranslate"><span class="pre">fsl_sss_ftr.h</span></code></a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/platf-scp-from-fs.html">3.9. Using Platform SCP Keys from File System</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects.html">3.10. Auth Objects</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-userid.html">3.11. Auth Objects : UserID</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-aeskey.html">3.12. Auth Objects : AESKey</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/auth/auth-objects-eckey.html">3.13. Auth Objects : ECKey</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html">3.14. Key Id Range and Purpose</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#authentication-keys">3.15. Authentication Keys</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../stack/key-id-range.html#trust-provisioned-keyids">3.16. Trust provisioned KeyIDs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/ex/doc/puf-scp03.html">3.17. SCP03 with PUF</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/doc/sss_heap_management.html">3.18. SSS Heap Management</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../building/windows.html">4.1. Windows Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-sdk.html">4.2. Import MCUXPresso projects from SDK</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../building/frdm-k64f-cmake.html">4.3. Freedom K64F Build (CMake - Advanced)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../building/imx6.html">4.4. i.MX Linux Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../building/rpi3.html">4.5. Raspberry Pi Build</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../building/cmake.html">4.6. CMake</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../scripts/cmake_options.html">4.7. CMake Options</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../demos/index.html">5. Demo and Examples</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#demo-list">5.1. Demo List</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#sss-api-examples">5.2. SSS API Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#cloud-demos">5.3. Cloud Demos</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#linux-specific-demos">5.4. Linux Specific Demos</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#opc-ua-example">5.5. OPC-UA Example</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#arm-psa-example">5.6. ARM PSA Example</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#se05x-examples">5.7. SE05X Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#openssl-examples">5.8. OpenSSL Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#tests-for-user-crypto">5.9. Tests for User Crypto</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#nxpnfcrdlib-examples">5.10. NXPNFCRDLIB examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#ease-of-use-examples">5.11. Ease-of-Use examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#semslite-examples">5.12. Semslite examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/index.html#puf-examples">5.13. PUF examples</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html">6.1. Introduction</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#building-and-running-the-edgelock-2go-agent">6.2. Building and running the EdgeLock 2GO agent</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#datastore-keystore">6.3. Datastore / Keystore</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#connection-to-the-edgelock-2go-cloud-service">6.4. Connection to the EdgeLock 2GO cloud service</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/introduction.html#claim-codes">6.5. Claim Codes</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/edgelock2go_agent_apis.html">6.6. API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../nxp_iot_agent/doc/readme_usage_examples.html">6.7. Usage Examples</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_overview.html">7.1. SEMS Lite Overview (Only for SE051)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_package.html">7.2. Update Package</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_usage.html">7.3. SEMS Lite Agent Usage</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_mgmt_api.html">7.4. SEMS Lite management APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_process.html">7.5. SEMS Lite Agent Package Load Process</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_api.html">7.6. APIs</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/sems_lite_known_issue.html">7.7. SEMS Lite Known Issue</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../semslite/doc/demo_update.html">7.8. SEMS Lite DEMOs</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/plugin/openssl/scripts/readme.html">8.1. Introduction on OpenSSL engine</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/plugin/mbedtls/scripts/readme.html">8.2. Introduction on mbedTLS ALT Implementation</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/plugin/psa/Readme.html">8.3. Platform Security Architecture</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../plugins/akm.html">8.4. Android Key master</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../sss/plugin/open62541/readme.html">8.5. Introduction on Open62541 (OPC UA stack)</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../plugins/wifiEAP/wifiEAP.html">8.6. WiFi EAP Demo with Raspberry Pi3</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../plugins/pkcs11.html">8.7. PKCS#11 Standalone Library</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/introduction.html">9.1. Introduction</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/block-diagram.html">9.2. Block Diagram</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/pre-steps.html">9.3. Steps needed before running <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/running.html">9.4. Running the <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> tool - Windows</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/Provisioning/readme.html">9.5. CLI Provisioning</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/readme_usage_examples.html">9.6. Usage Examples</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_commands_list.html">9.7. List of <code class="docutils literal notranslate"><span class="pre">ssscli</span></code> commands</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_data_format.html">9.8. CLI Data formats</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../pycli/doc/cli_object_policy.html">9.9. Object Policies Through ssscli</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/upload_se05x_using_pycli.html">9.10. Upload keys and certificates to SE05X using ssscli tool</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1"><a class="reference internal" href="../a71ch.html">10. A71CH</a><ul> |
| <li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_sss.html">10.1. A71CH and SSS API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_miscellaneous.html">10.2. Miscellaneous</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_legacy_host_api.html">10.3. A71CH Legacy API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_legacy_hlse_api.html">10.4. A71CH Legacy HLSE (Generic) API</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../a71ch/a71ch_configure_tool.html">10.5. A71CH Legacy Configure Tool</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l1 current"><a class="reference internal" href="../appendix.html">11. Appendix</a><ul class="current"> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/glossary.html">11.1. Glossary</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li> |
| <li class="toctree-l2 current"><a class="reference internal" href="../dev-platforms.html">11.5. Development Platforms</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/version_info.html">11.7. Version Information</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../api/api_list.html">11.12. Plug & Trust MW APIs</a></li> |
| </ul> |
| </li> |
| </ul> |
| </ul> |
| </li> |
| |
| <li class="dropdown"> |
| <a role="button" |
| id="dLabelLocalToc" |
| data-toggle="dropdown" |
| data-target="#" |
| href="#">Page <b class="caret"></b></a> |
| <ul class="dropdown-menu localtoc" |
| role="menu" |
| aria-labelledby="dLabelLocalToc"><ul> |
| <li><a class="reference internal" href="#">11.5.6.2. AOSP build Environment Setup</a><ul> |
| <li><a class="reference internal" href="#aosp-build-environment-for-hikey960">11.5.6.2.1. AOSP build Environment for Hikey960</a></li> |
| <li><a class="reference internal" href="#aosp-build-environment-for-imx8m-coming-soon">11.5.6.2.2. AOSP build environment for iMX8M (coming soon)</a></li> |
| </ul> |
| </li> |
| <li><a class="reference internal" href="#se050-based-android-keymaster">11.5.6.3. SE050 based Android Keymaster</a><ul> |
| <li><a class="reference internal" href="#cmake-based-build-system">11.5.6.3.1. CMAKE based build system</a></li> |
| <li><a class="reference internal" href="#aosp-based-build-system">11.5.6.3.2. AOSP based build system</a></li> |
| </ul> |
| </li> |
| <li><a class="reference internal" href="#extract-secure-element-information">11.5.6.4. Extract Secure Element Information</a></li> |
| <li><a class="reference internal" href="#rotate-platform-scp03-keys">11.5.6.5. Rotate Platform SCP03 Keys</a></li> |
| <li><a class="reference internal" href="#how-to-use-own-platform-scp03-keys">11.5.6.6. How to use own Platform SCP03 Keys</a></li> |
| <li><a class="reference internal" href="#retrieve-existing-certificates">11.5.6.7. Retrieve Existing Certificates</a></li> |
| <li><a class="reference internal" href="#key-attestation">11.5.6.8. Key Attestation</a></li> |
| <li><a class="reference internal" href="#how-to-enable-logging">11.5.6.9. How To Enable Logging</a><ul> |
| <li><a class="reference internal" href="#i2c-connections-with-se05x">11.5.6.9.1. I2C connections with SE05x</a></li> |
| <li><a class="reference internal" href="#i2c-data-transceive-operation">11.5.6.9.2. I2C data transceive operation</a></li> |
| </ul> |
| </li> |
| </ul> |
| </ul> |
| </li> |
| |
| |
| |
| |
| |
| <li> |
| <a href="doc/keymaster_features.html" title="Previous Chapter: 11.5.6.1. Supported Features"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">« 11.5.6.1. Sup...</span> |
| </a> |
| </li> |
| <li> |
| <a href="doc/stack-with-se050.html" title="Next Chapter: 11.5.6.10. Stack with SE050"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">11.5.6.10. St... »</span> |
| </a> |
| </li> |
| |
| |
| |
| |
| |
| </ul> |
| |
| |
| |
| </div> |
| </div> |
| </div> |
| |
| <div class="container"> |
| <div class="row"> |
| <div class="col-md-3"> |
| <div id="sidebar" class="bs-sidenav" role="complementary"> |
| |
| <div class="sidebar-header"> |
| <h3>Plug & Trust MW</h3> |
| </div> |
| |
| <div class="row"> |
| <ul class="current"> |
| <li class="toctree-l1"><a class="reference internal" href="../index.html">1. NXP Plug & Trust Middleware</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../changes/index.html">2. Changes</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../stack/index.html">3. Plug & Trust MW Stack</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../building/index.html">4. Building / Compiling</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../demos/index.html">5. Demo and Examples</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../edgelock2go-agent.html">6. NXP EdgeLock 2GO Agent</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../semslite/doc/index.html">7. SEMS Lite Agent</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../plugins/index.html">8. Plugins / Add-ins</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../cli-tool.html">9. CLI Tool</a></li> |
| <li class="toctree-l1"><a class="reference internal" href="../a71ch.html">10. A71CH</a></li> |
| <li class="toctree-l1 current"><a class="reference internal" href="../appendix.html">11. Appendix</a><ul class="current"> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/glossary.html">11.1. Glossary</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/vcom.html">11.2. APDU Commands over VCOM</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/vs2019-setup.html">11.3. Visual Studio 2019 Setup</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/ide_mcux.html">11.4. Setting up MCUXPresso IDE</a></li> |
| <li class="toctree-l2 current"><a class="reference internal" href="../dev-platforms.html">11.5. Development Platforms</a><ul class="current"> |
| <li class="toctree-l3"><a class="reference internal" href="../dev-platforms/platform_imx8_linux.html">11.5.1. Setup <code class="samp docutils literal notranslate"><span class="pre">i.MX</span> <span class="pre">8MQuad</span></code> - <code class="samp docutils literal notranslate"><span class="pre">MCIMX8M-EVK</span></code></a></li> |
| <li class="toctree-l3"><a class="reference internal" href="../dev-platforms/platform_imx6_linux.html">11.5.2. Setup <code class="samp docutils literal notranslate"><span class="pre">i.MX6UL</span></code> - <code class="samp docutils literal notranslate"><span class="pre">MCIMX6UL-EVK</span></code></a></li> |
| <li class="toctree-l3"><a class="reference internal" href="../dev-platforms/platform_frdm_k64f.html">11.5.3. Freedom K64F</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="../dev-platforms/platform_1060rt.html">11.5.4. i.MX RT 1060</a></li> |
| <li class="toctree-l3"><a class="reference internal" href="../dev-platforms/platform_lpc55s.html">11.5.5. LPC55S69</a></li> |
| <li class="toctree-l3 current"><a class="reference internal" href="../dev-platforms/platform_android.html">11.5.6. Android: Hikey960</a></li> |
| </ul> |
| </li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/se_uid.html">11.6. How to get SE Platform Information and UID</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/version_info.html">11.7. Version Information</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../demos/Certificate_Chains/Readme.html">11.8. Certificate Chains</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/rjct_server.html">11.9. JRCP_v1 Server</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/platfscp.html">11.10. Using own Platform SCP03 Keys</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../appendix/apdu_write_to_buffer.html">11.11. Write APDU to buffer</a></li> |
| <li class="toctree-l2"><a class="reference internal" href="../api/api_list.html">11.12. Plug & Trust MW APIs</a></li> |
| </ul> |
| </li> |
| </ul> |
| |
| </div> |
| <div class="row"> |
| <form class="form" action="../search.html" method="get"> |
| <div class="form-group"> |
| <label for="Search">Search:</label> |
| <input type="text" name="q" class="form-control" placeholder="Search" /> |
| </div> |
| <input type="hidden" name="check_keywords" value="yes" /> |
| <input type="hidden" name="area" value="default" /> |
| </form> |
| </div> |
| </div> |
| </div> |
| <div class="body col-md-9 content" role="main"> |
| |
| <div class="section" id="aosp-build-environment-setup"> |
| <span id="aosp-setup"></span><h1><span class="section-number">11.5.6.2. </span>AOSP build Environment Setup<a class="headerlink" href="#aosp-build-environment-setup" title="Permalink to this headline">¶</a></h1> |
| <div class="section" id="aosp-build-environment-for-hikey960"> |
| <span id="aosp-hikey960"></span><h2><span class="section-number">11.5.6.2.1. </span>AOSP build Environment for Hikey960<a class="headerlink" href="#aosp-build-environment-for-hikey960" title="Permalink to this headline">¶</a></h2> |
| <p>To setup Android build environment for Hikey960 board please follow steps below:</p> |
| <ol class="arabic"> |
| <li><p>The build setup file structure should be as below:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><ROOT-DIR> |
| <span class="p">|</span> |
| <span class="p">|</span>------ android-root/ |
| <span class="p">|</span> |
| <span class="p">|</span>------ simw-top/ |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Downloading and building AOSP source code |
| (refer <a class="reference external" href="https://source.android.com/setup/build/devices">https://source.android.com/setup/build/devices</a>).</p> |
| <p>In the steps below, <code class="file docutils literal notranslate"><span class="pre">android-root</span></code> means <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/</span></code>.</p> |
| <p>For simplicity of scripts, it is assumed that <code class="docutils literal notranslate"><span class="pre">ROOT_DIR</span></code> variable is set like as below:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nv">ROOT_DIR</span><span class="o">=</span>/opt/_ddm/aospbld |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Setup REPO Tool:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>mkdir ~/bin |
| <span class="nv">PATH</span><span class="o">=</span>~/bin:<span class="nv">$PATH</span> |
| curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo |
| chmod a+x ~/bin/repo |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Download source code using REPO tool:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nv">ROOT_DIR</span><span class="o">=</span>/opt/_ddm/aospbld <span class="c1"># For example</span> |
| |
| mkdir -p <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| |
| repo init -u https://android.googlesource.com/platform/manifest -b android-p-preview-2 |
| repo sync -j<span class="k">$(</span>nproc<span class="k">)</span> |
| </pre></div> |
| </div> |
| <p>All scripts from here on assume <code class="docutils literal notranslate"><span class="pre">ROOT_DIR</span></code> is set.</p> |
| </li> |
| <li><p>Apply patches from <code class="docutils literal notranslate"><span class="pre">android.googlesource.com</span></code>:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/prebuilts/tools |
| git fetch https://android.googlesource.com/platform/prebuilts/tools refs/changes/02/682002/1 <span class="o">&&</span> git cherry-pick FETCH_HEAD |
| |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/external/e2fsprogs/ |
| git fetch https://android.googlesource.com/platform/external/e2fsprogs refs/changes/05/683305/1 <span class="o">&&</span> git cherry-pick FETCH_HEAD |
| |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/external/f2fs-tools |
| git fetch https://android.googlesource.com/platform/external/f2fs-tools refs/changes/06/683306/1 <span class="o">&&</span> git cherry-pick FETCH_HEAD |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Apply patches from host library.</p> |
| <p>These patches are for Android Keymaster 3.0 Board init</p> |
| <p>Scripts to apply the patches:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>cp <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/simw-top/akm/src/Board_init/keymaster_sepolicy.patch <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/system/sepolicy/ |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/system/sepolicy/ |
| patch -p1 < keymaster_sepolicy.patch |
| |
| cp <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/simw-top/akm/src/Board_init/init_rc_file.patch <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/system/core/ |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/system/core/ |
| patch -p1 < init_rc_file.patch |
| </pre></div> |
| </div> |
| <ul class="simple"> |
| <li><p><code class="file docutils literal notranslate"><span class="pre">init_rc_file.patch</span></code> is to update system ownership of I2C module and |
| to create <code class="docutils literal notranslate"><span class="pre">/data/vendor/SE05x</span></code> secure directory.</p></li> |
| <li><p><code class="file docutils literal notranslate"><span class="pre">keymaster_sepolicy.patch</span></code> is to update SE050 Keymaster HAL policy for |
| accessing I2C device for communication with SE050 and <code class="docutils literal notranslate"><span class="pre">/data/vendor/SE05x</span></code> |
| secure directory for storing Platform SCP03 keys.</p></li> |
| </ul> |
| </li> |
| <li><p>Follow below instructions to build source code for hikey960:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| <span class="nb">export</span> <span class="nv">ANDROID_ROOT</span><span class="o">=</span><span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span> |
| <span class="nb">source</span> build/envsetup.sh |
| lunch hikey960-userdebug |
| make -j <span class="k">$(</span>nproc<span class="k">)</span> |
| </pre></div> |
| </div> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>Based on CPU core, build will take 1-4 hrs.</p> |
| </div> |
| </li> |
| <li><p>Installing images.</p> |
| <p>Follow <a class="reference external" href="https://source.android.com/setup/build/devices#960fastboot">https://source.android.com/setup/build/devices#960fastboot</a></p> |
| </li> |
| <li><p>Flashing images. Follow <a class="reference external" href="https://source.android.com/setup/build/devices#960images">https://source.android.com/setup/build/devices#960images</a></p> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>“fastboot” and “adb” are required for flashing images.</p> |
| </div> |
| </li> |
| <li><p>If modifications are required to hikey kernel (e.g. add/remove device driver), |
| please refer to <a class="reference external" href="https://source.android.com/setup/build/devices#960kernel">https://source.android.com/setup/build/devices#960kernel</a> |
| for bulding hikey kernel and follow the instruction given on link |
| to create new bootimage image.</p></li> |
| </ol> |
| </div> |
| <div class="section" id="aosp-build-environment-for-imx8m-coming-soon"> |
| <h2><span class="section-number">11.5.6.2.2. </span>AOSP build environment for iMX8M (coming soon)<a class="headerlink" href="#aosp-build-environment-for-imx8m-coming-soon" title="Permalink to this headline">¶</a></h2> |
| <p>To setup Android build environment for iMX8M board please follow below steps</p> |
| <ol class="arabic"> |
| <li><p>The build setup file structure should be like (your${ROOT_DIR} dir):</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><ROOT-DIR> |
| <span class="p">|</span> |
| <span class="p">|</span>------ android-root/ |
| <span class="p">|</span> |
| <span class="p">|</span>------ simw-top/ |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| <ol class="arabic"> |
| <li><p>Downloading and building AOSP source code (refer section 3.2.3 : Build your own Android BSP |
| Image from <a class="reference external" href="https://www.nxp.com/support/developer-resources/run-time-software/i.mx-developer-resources/evaluation-kit-for-the-i.mx-8m-applications-processor:MCIMX8M-EVK?tab=In-Depth_Tab">https://www.nxp.com/support/developer-resources/run-time-software/i.mx-developer-resources/evaluation-kit-for-the-i.mx-8m-applications-processor:MCIMX8M-EVK?tab=In-Depth_Tab</a>). |
| In the steps below, |
| <code class="file docutils literal notranslate"><span class="pre">android-root</span></code> means <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/</span></code>.</p></li> |
| <li><p>Setup REPO Tool:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>mkdir -p <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| |
| mkdir ~/bin |
| <span class="nv">PATH</span><span class="o">=</span>~/bin:<span class="nv">$PATH</span> |
| curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo |
| chmod a+x ~/bin/repo |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Download source code using REPO tool</p> |
| <p>Get the Android source code from Google repo using the manifest and script provided inside the imx-o8.1.0_1.3.0_8m.tar.gz (Download package from <a class="reference external" href="https://www.nxp.com/support/developer-resources/">https://www.nxp.com/support/developer-resources/</a> run-time-software/i.mx-developer-resources/evaluation-kit-for-the-i.mx-8m-applications -processor:MCIMX8M-EVK?tab=Design_Tools_Tab ).</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">source</span> ~/imx-o8.0.0_1.3.0_8mq-prc/imx_android_setup.sh |
| |
| <span class="c1"># By default, the imx_android_setup.sh script will create the source code build environment</span> |
| in the folder ~/android_build |
| |
| <span class="c1"># ${MY_ANDROID} will be refered as the i.MX Android source code root directory in all i.MX</span> |
| Andorid release documentation. |
| |
| <span class="nb">export</span> <span class="nv">MY_ANDROID</span><span class="o">=</span>~/android_build |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Building Android images:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">MY_ANDROID</span><span class="si">}</span> |
| <span class="nb">export</span> <span class="nv">ANDROID_ROOT</span><span class="o">=</span><span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span> |
| <span class="nb">source</span> build/envsetup.sh |
| lunch evk_8mq-userdebug |
| make -j<span class="k">$(</span>nproc<span class="k">)</span> <span class="m">2</span>><span class="p">&</span><span class="m">1</span> <span class="p">|</span> tee build-log.txt |
| </pre></div> |
| </div> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>Based on CPU core, build will take 1-4 hrs.</p> |
| </div> |
| </li> |
| <li><p>Flashing newly generate images.</p> |
| <ol class="loweralpha simple"> |
| <li><p>The board images can be flashed to the target board by using the MFGTool. The release package includes MFGTool for i.MX 8MQuad EVK in <code class="file docutils literal notranslate"><span class="pre">android_O8.0.0_1.3.0_8M-PRC_tools.tar.gz</span></code>. The MFGTool is <code class="file docutils literal notranslate"><span class="pre">mfgtools-mx8mq-beta.zip</span></code>.</p></li> |
| <li><p>Unzip the <code class="file docutils literal notranslate"><span class="pre">mfgtools-mx8mq-beta.zip</span></code> file to a selected location. The directory is named MFGTool-Dir.</p></li> |
| </ol> |
| <p>#) Copy following files from <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/out/target/product/evk_8mq</span></code> to your <code class="file docutils literal notranslate"><span class="pre">MFGTool-Dir/Profiles/Linux/OS</span> <span class="pre">Firmware/files/</span> |
| <span class="pre">android/evk</span> <span class="pre">directory</span></code>.</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>u-boot-imx8mq.imx |
| partition-table.img |
| boot-imx8mq.img |
| vbmeta-imx8mq.img |
| system.img |
| vendor.img. |
| </pre></div> |
| </div> |
| </li> |
| </ol> |
| </div> |
| </div> |
| <div class="section" id="se050-based-android-keymaster"> |
| <span id="se050-keymaster"></span><h1><span class="section-number">11.5.6.3. </span>SE050 based Android Keymaster<a class="headerlink" href="#se050-based-android-keymaster" title="Permalink to this headline">¶</a></h1> |
| <div class="section" id="cmake-based-build-system"> |
| <h2><span class="section-number">11.5.6.3.1. </span>CMAKE based build system<a class="headerlink" href="#cmake-based-build-system" title="Permalink to this headline">¶</a></h2> |
| <ol class="arabic"> |
| <li><p>Download Android NDK from <a class="reference external" href="https://developer.android.com/ndk/downloads/">https://developer.android.com/ndk/downloads/</a> and store it in |
| <code class="file docutils literal notranslate"><span class="pre">/usr/local/</span></code> eg. <code class="file docutils literal notranslate"><span class="pre">/usr/local/android-ndk-r18b-linux-x86_64</span></code></p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> /usr/local/ |
| wget http://dl.google.com/android/repository/android-ndk-r18b-linux-x86_64.zip |
| unzip -d android-ndk-r18b-linux-x86_64 android-ndk-r18b-linux-x86_64.zip |
| </pre></div> |
| </div> |
| </li> |
| <li><p>Once you are able to bring-up Android build environment for <code class="docutils literal notranslate"><span class="pre">hikey960</span></code> follow |
| below steps to build SE050 based android keymaster:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| <span class="nb">export</span> <span class="nv">ANDROID_ROOT</span><span class="o">=</span><span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span> |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/simw-top/scripts/android/cmake_based |
| <span class="nb">source</span> board_config.sh hikey960 |
| ./setup_script.sh |
| </pre></div> |
| </div> |
| <p>After successful execution you will be able to locate <code class="file docutils literal notranslate"><span class="pre"><simw-top_build></span></code> directory parallel to <code class="file docutils literal notranslate"><span class="pre">simw-top</span></code> directory and <code class="file docutils literal notranslate"><span class="pre">simw-akm</span></code> directory in <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/system/keymaster</span></code></p> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>If the patches are already applied, then instead of calling setup_script.sh, call build_script.sh</p> |
| </div> |
| </li> |
| <li><p>A batch script <code class="file docutils literal notranslate"><span class="pre">keymaster_flash.bat</span></code> will be copied to |
| <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/out/target/product/<BOARD_NAME></span></code>. Execute the batch script to push all the necessary files onto the target board.</p></li> |
| </ol> |
| </div> |
| <div class="section" id="aosp-based-build-system"> |
| <h2><span class="section-number">11.5.6.3.2. </span>AOSP based build system<a class="headerlink" href="#aosp-based-build-system" title="Permalink to this headline">¶</a></h2> |
| <ol class="arabic"> |
| <li><p>Setup <code class="file docutils literal notranslate"><span class="pre">simw-top</span></code> inside <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/vendor/nxp</span></code>. If <code class="file docutils literal notranslate"><span class="pre">vendor/nxp</span></code> does not exist inside <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root</span></code> then create the same.</p></li> |
| <li><p>Follow below steps to build SE050 based android keymaster.:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| cp vendor/nxp/simw-top/akm/src/interface_keymaster/patch/aosp/interface_keymaster3.0.patch hardware/interfaces/ |
| <span class="nb">cd</span> hardware/interfaces/ |
| patch -p1 < interface_keymaster3.0.patch |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/vendor/nxp/simw-top |
| mm -j<span class="k">$(</span>nproc<span class="k">)</span> |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/hardware/interfaces/keymaster/3.0/default |
| mm -j<span class="k">$(</span>nproc<span class="k">)</span> |
| </pre></div> |
| </div> |
| </li> |
| <li><p>AKM supports Various Auth Mechanism ,below are the list of supported Auth types:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>None |
| PlatfSCP03 |
| UserID |
| AESKey |
| ECKey |
| UserID_PlatfSCP03 |
| AESKey_PlatfSCP03 |
| ECKey_PlatfSCP03 |
| </pre></div> |
| </div> |
| </li> |
| <li><p>By default SE05X Authentication is through <code class="file docutils literal notranslate"><span class="pre">None</span></code>.For any other Auth type follow below steps:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/vendor/nxp/simw-top |
| mm <span class="nv">SE05X_Auth</span><span class="o">=(</span>Auth Type<span class="o">)</span> -j<span class="k">$(</span>nproc<span class="k">)</span> |
| eg. mm <span class="nv">SE05X_Auth</span><span class="o">=</span>PlatfSCP03 -j<span class="k">$(</span>nproc<span class="k">)</span> |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root/hardware/interfaces/keymaster/3.0/default |
| mm -j<span class="k">$(</span>nproc<span class="k">)</span> |
| </pre></div> |
| </div> |
| </li> |
| <li><p>After successful build copy <code class="file docutils literal notranslate"><span class="pre">keymaster_flash.bat</span></code> located at <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/vendor/nxp/simw-top/scripts/android/aosp_based</span></code> to <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/out/target/product/<BOARD_NAME></span></code>. Execute the batch script to push all the necessary files onto the target board.</p></li> |
| <li><p>Other way to build SE050 based android keymaster is as follows:</p> |
| <div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> <span class="si">${</span><span class="nv">ROOT_DIR</span><span class="si">}</span>/android-root |
| <span class="nb">export</span> <span class="nv">ANDROID_ROOT</span><span class="o">=</span><span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span> |
| <span class="nb">cd</span> <span class="si">${</span><span class="nv">ANDROID_ROOT</span><span class="si">}</span>/vendor/nxp/simw-top/scripts/android/aosp_based |
| <span class="nb">source</span> board_config.sh hikey960 |
| ./setup_script.sh |
| </pre></div> |
| </div> |
| </li> |
| <li><p>A batch script <code class="file docutils literal notranslate"><span class="pre">keymaster_flash.bat</span></code> will be copied to |
| <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/android-root/out/target/product/<BOARD_NAME></span></code>. Execute the batch script to push all the necessary files onto the target board.</p></li> |
| </ol> |
| </div> |
| </div> |
| <div class="section" id="extract-secure-element-information"> |
| <h1><span class="section-number">11.5.6.4. </span>Extract Secure Element Information<a class="headerlink" href="#extract-secure-element-information" title="Permalink to this headline">¶</a></h1> |
| <p>Refer to <a class="reference internal" href="../appendix/se_uid.html#se-platf-info"><span class="std std-ref">SE Platform Information on Android platform</span></a>.</p> |
| </div> |
| <div class="section" id="rotate-platform-scp03-keys"> |
| <h1><span class="section-number">11.5.6.5. </span>Rotate Platform SCP03 Keys<a class="headerlink" href="#rotate-platform-scp03-keys" title="Permalink to this headline">¶</a></h1> |
| <p>Project <code class="docutils literal notranslate"><span class="pre">se05xRotatePlatfSCP03</span></code> is available to update Platform SCP03 keys |
| on the SE. Build the project with build configuration <code class="docutils literal notranslate"><span class="pre">SE05X_Auth=PlatfSCP03</span></code>. |
| For details about the tool, refer to <a class="reference internal" href="../demos/se05x/se05x_RotatePlatformSCP03Keys/Readme.html#se05x-rotate-keys"><span class="std std-ref">SE05X Rotate PlatformSCP Keys Demo</span></a>.</p> |
| <p>After building the project, push the built binary on the android device |
| using <code class="docutils literal notranslate"><span class="pre">adb</span></code> tool and run it from the command line.</p> |
| </div> |
| <div class="section" id="how-to-use-own-platform-scp03-keys"> |
| <h1><span class="section-number">11.5.6.6. </span>How to use own Platform SCP03 Keys<a class="headerlink" href="#how-to-use-own-platform-scp03-keys" title="Permalink to this headline">¶</a></h1> |
| <p>Refer to <a class="reference internal" href="../appendix/platfscp.html#platfscp-file"><span class="std std-numref">Section 11.10</span></a> <a class="reference internal" href="../appendix/platfscp.html#platfscp-file"><span class="std std-ref">Using own Platform SCP03 Keys</span></a> for details |
| on how to use your own Platform SCP03 keys.</p> |
| <div class="admonition note"> |
| <p class="admonition-title">Note</p> |
| <p>Be sure to apply <code class="file docutils literal notranslate"><span class="pre">keymaster_sepolicy.patch</span></code> to allow |
| Platform SCP03 keys access to keymaster service.</p> |
| </div> |
| </div> |
| <div class="section" id="retrieve-existing-certificates"> |
| <h1><span class="section-number">11.5.6.7. </span>Retrieve Existing Certificates<a class="headerlink" href="#retrieve-existing-certificates" title="Permalink to this headline">¶</a></h1> |
| <p>Refer to <a class="reference internal" href="../demos/se05x/se05x_GetCertificate/Readme.html#se-get-certificate"><span class="std std-ref">Get Certificate from the SE</span></a>.</p> |
| </div> |
| <div class="section" id="key-attestation"> |
| <h1><span class="section-number">11.5.6.8. </span>Key Attestation<a class="headerlink" href="#key-attestation" title="Permalink to this headline">¶</a></h1> |
| <p>Key attestation support is available for RSA and ECC keys. |
| The attestation keys and certificates need to be pre-injected |
| at the following keyIDs:</p> |
| <div class="highlight-c notranslate"><div class="highlight"><pre><span></span><span class="cp">#define ATTESTATION_KEY_RSA_KEYID 0x00000001</span> |
| <span class="cp">#define ATTESTATION_KEY_ECC_KEYID 0x00000004</span> |
| <span class="cp">#define ATTESTATION_CERTIFICATE_RSA_KEYID 0x00000011</span> |
| <span class="cp">#define ATTESTATION_CERTIFICATE_ECC_KEYID 0x00000014</span> |
| </pre></div> |
| </div> |
| <p>For details on how to inject certificates into SE, refer |
| <a class="reference internal" href="../demos/se05x/se05x_InjectCertificate/Readme.html#se-inject-certificate"><span class="std std-numref">Section 5.7.20</span></a> <a class="reference internal" href="../demos/se05x/se05x_InjectCertificate/Readme.html#se-inject-certificate"><span class="std std-ref">Inject Certificate into SE</span></a>.</p> |
| </div> |
| <div class="section" id="how-to-enable-logging"> |
| <h1><span class="section-number">11.5.6.9. </span>How To Enable Logging<a class="headerlink" href="#how-to-enable-logging" title="Permalink to this headline">¶</a></h1> |
| <p>By default, information logs, error logs and warning logs are enabled but |
| debug logs are disabled. To enable debug logs define |
| <code class="docutils literal notranslate"><span class="pre">NX_LOG_ENABLE_DEFAULT_DEBUG</span></code> as 1 in |
| <code class="file docutils literal notranslate"><span class="pre">$</span><em><span class="pre">ROOT_DIR</span></em><span class="pre">/simw-top/hostlib/hostLib/libCommon/infra/nxLog_DefaultConfig.h</span></code></p> |
| <div class="section" id="i2c-connections-with-se05x"> |
| <h2><span class="section-number">11.5.6.9.1. </span>I2C connections with SE05x<a class="headerlink" href="#i2c-connections-with-se05x" title="Permalink to this headline">¶</a></h2> |
| <ol class="arabic simple"> |
| <li><p>Below Diagram shows the wiring connection between Host Device and SE05x</p></li> |
| </ol> |
| <img alt="../_images/HD-SE-connections.png" src="../_images/HD-SE-connections.png" /> |
| </div> |
| <div class="section" id="i2c-data-transceive-operation"> |
| <h2><span class="section-number">11.5.6.9.2. </span>I2C data transceive operation<a class="headerlink" href="#i2c-data-transceive-operation" title="Permalink to this headline">¶</a></h2> |
| <ol class="arabic simple"> |
| <li><p>The Host Device acts as an I2C_master while SE05x shall be the I2C_slave.</p></li> |
| <li><p>HD transmits requested frame from applicaton layer to SE over I2C Bus. SE |
| sends acknowledgement (ACK/NACK) for the received frame.</p></li> |
| <li><p>SE processes the recieved frame and prepares the response accordingly. HD |
| polls for Read till the time Response is prepared and sent over I2C bus.</p></li> |
| <li><p>Following Diagram demonstrate the same.</p></li> |
| </ol> |
| <img alt="../_images/I2C-operation.png" src="../_images/I2C-operation.png" /> |
| </div> |
| </div> |
| |
| |
| </div> |
| |
| </div> |
| </div> |
| <footer class="footer"> |
| <div class="container"> |
| <p class="pull-right"> |
| <a href="#">Back to top</a> |
| |
| </p> |
| <p> |
| © Copyright 2018-2020, NXP.<br/> |
| Created using <a href="http://sphinx-doc.org/">Sphinx</a> 2.4.1.<br/> |
| </p> |
| </div> |
| </footer> |
| </body> |
| </html> |