CY8CPROTO-064B0S3 PSoC 64 "Secure Boot" Prototyping Kit Guide, Doc. # 002-29505 Rev. *B
26
Running Code on PSoC 64 “Secure Boot” MCUs
3. Create new keys.
What does this step do?
“CySecureTools” reads the provided policy and generates the keys defined.
Depending on the policy chosen, there can be multiple keys generated under the “keys” folder.
By default only one key, the USERAPP_CM4_KEY, a P-256 Elliptic curve key-pair is
generated.
“CySecureTools” generates keys in two formats, PEM and JSON. Both the PEM and JSON
files represent the same key. For a full description of all fields, please refer to the
.
Run the following command:
cysecuretools --target cyb06xx5 --policy ./policy/
policy_single_CM0_CM4.json create-keys
After running this step, the ‘keys’ directory will have public/private key pairs and symmetric key
pairs (if encrypt is enabled) generated according to the policy. These keys are used either to sign
(or) encrypt images built by ModusToolbox software.
Figure 4-7. Application Workspace having a new ‘keys’ directory
4. Connect your CY8CPROTO-064B0S3 PSoC 64 “Secure Boot” Prototyping Kit to PC using
the provided USB cable through the KitProg3 USB connector.
ATTENTION:
Make sure jumper shunt on J3 is placed in VTARG = 2.5 V position (between pin 1
and 2) before plugging in the kit to the PC. The 2.5 V supply is necessary for Step 5, where
PSoC 64 eFuses are blown. KitProg3 must be in DAPLink mode for provisioning. The Status LED
(LED2) will be ramping ON/OFF (~2Hz) in this mode. Press and release the Mode button (SW3)
one or more times until the KitProg3 is in DAPLink mode.