This package contains security tools for creating keys, creating certificates, signing user applications, and provisioning Cypress/Infineon MCUs.
- HW/SW compatibility
- Prerequisites
- Documentation
- Standalone Executable
- Installing From Sources
- Supported Devices
- Interface and Usage
- Logging
- Known Issues
- Error Handling
- License and Contributions
| Target/Kit | Silicon ID, Silicon Rev., Family ID | Secure FlashBoot Version | CyBootloader Version | ||
| 512K | |||||
|
cyb06xx5 cy8cproto‑064b0s3 |
0xE70D, 0x12, 0x105 | 4.0.2.1842 | 2.0.1.6441 | ||
| 2M | |||||
|
cyb06xxa cy8ckit‑064b0s2‑4343w |
0xE470, 0x12, 0x102 | 4.0.3.2319 | 2.0.2.8102 | ||
|
cys06xxa cy8ckit‑064s0s2‑4343w |
0xE4A0, 0x12, 0x02 | 4.0.3.2319 | 2.0.2.8102 | ||
| 1M | |||||
|
cyb06xx7 cy8cproto‑064s1‑sb cy8cproto‑064b0s1‑ble cy8cproto‑064b0s1‑ssa |
0xE262, 0x24, 0x100 0xE261, 0x24, 0x100 | 4.0.2.1842 | 2.0.0.4041 | ||
| Target/Kit | Silicon ID, Silicon Rev., Family ID | ROM Boot Version | RAM Applications Version |
| cyw20829 | 0xEB43, 0x21, 0x110 | 1.2.0.8334 | 1.2.0.3073 |
| cyw89829 | 0xEB47, 0x21, 0x110 | 1.2.0.8334 | 1.2.0.3073 |
- Python 3.8 - 3.12
- Installed Infineon OpenOCD
- Ensure the KitProg3 programming mode is CMSIS-DAP Bulk
Edge Protect Tools can be used as a standalone application. The executable can be found in the tools/edgeprotecttools/bin directory of the Edge Protect Security Suite or Early Access Pack installation.
Alternatively Edge Protect Tools can be installed from the sources as a Python package. The source code is located in the tools/edgeprotecttools/src directory of the Edge Protect Security Suite or Early Access Pack installation.
Install Python 3.12 on your computer. You can download it from https://www.python.org/downloads/. Set up the appropriate environment variable(s) for your operating system.
Make sure that you have the latest version of pip installed, use the following command.
$ python -m pip install --upgrade pipRun the following command, from the Early Access Pack or Edge Protect Security Suite directory.
$ python -m pip install tools/edgeprotecttools/srcTo update the already installed package, run the following command from the Early Access Pack or Edge Protect Security Suite directory.
$ python -m pip install --upgrade --force-reinstall tools/edgeprotecttools/srcNote: There may be some pip dependency resolver errors. In most cases, these can be safely ignored.
Note: You can use the following command to show the path to the installed package
$ python -m pip show edgeprotecttools.
Use device-list command for output of the supported devices list.
$ edgeprotecttools device-listFor instructions how to use common commands, see README_GENERAL.md.
For instructions how to use target-specific commands, see the corresponding readme file in the docs directory.
Every time the tool is invoked, a new log file is created in the logs directory of the project. By default, the console output has INFO logging severity. The log file contains the DEBUG logging severity.
- Using the policy from CySecureTools 4.0.0 in projects created by CySecureTools 4.1.0 causes the CY_FB_INVALID_IMG_JWT_SIGNATURE error during re-provisioning on PSoC64-2M devices:
...
ERROR : SFB status: CY_FB_INVALID_IMG_JWT_SIGNATURE: Invalid image certificate signature. Check the log for details
Workaround:
- Open the policy file.
- Navigate to section 1 of the
boot_upgrade/firmware. - Set
boot_authandbootloader_keysas follows:
"boot_auth": [
3
],
"bootloader_keys": [
{
"kid": 3,
"key": "../keys/cy_pub_key.json"
}
]
- During the installation of the package via pip on Mac OS Big Sur, the following exception is raised:
...
distutils.errors.DistutilsError: Setup script exited with error: SandboxViolation:
mkdir('/private/var/root/Library/Caches/com.apple.python/private/tmp/easy_install-y8c1npmz', 511) {}
The package setup script has attempted to modify files on your system
that are not within the EasyInstall build area, and has been aborted.
This package cannot be safely installed by EasyInstall, and may not
support alternate installation locations even if you run its setup
script by hand. Please inform the package's author and the EasyInstall
maintainers to find out if a fix or workaround is available.
Solution: Upgrade the pip package running the following command from the terminal: python3 -m pip install --upgrade pip.
Refer to the guidelines on how to resolve errors.
The software is provided under the Apache-2.0 license. Contributions to this project are accepted under the same license. This project contains code from other projects. The original license text is included in those source files.