Hi,
I am using sbl_qspi_am263x-lp_r5fss0-0_nortos_ti-arm-clang to build the SBL and programming both SBL and example application hello_world_am263x-lp_r5fss0-0_nortos_ti-arm-clang using C:\ti\mcu_plus_sdk_am263x_08_05_00_24\tools\boot\sbl_prebuilt\am263x-lp\default_sbl_qspi.cfg. After programming and switching the boot mode to QSPI Boot, I am able to successfully boot and see "Hello World" on the terminal.
sbl_qspi_am263x-lp_r5fss0-0_nortos_ti-arm-clang project builds sbl_qspi_am263x-lp_r5fss0-0_nortos_ti-arm-clang.tiimage using the post build script makefile_ccs_bootimage_gen.
makefile_ccs_bootimage_gen script uses #BOOTIMAGE_CERT_KEY=$(MCU_PLUS_SDK_PATH)/tools/boot/signing/mcu_gpkey.pem and BOOTIMAGE_CERT_GEN_CMD=$(PYTHON) $(MCU_PLUS_SDK_PATH)/tools/boot/signing/mcu_rom_image_gen.py to generate and append the X509Certificate.
I generated my own key using genrsa -out key.pem 4096 and updated makefile_ccs_bootimage_gen script to use the key.pem file and generate sbl_qspi_am263x-lp_r5fss0-0_nortos_ti-arm-clang.tiimage. After programming the newly generated SBL and example application ("Hello Word), I am able to see "Hello World" on the terminal. I was expecting SBL validation failure because if incorrect key.
I wanted to understand the X509Certificate validation by HSM. Not sure why HSM successfully validated the SBL I created using the key.pem file. Please let me know the document where I get information about this.
Please let me know the procedure to create my own key file and how I share my key information to HSM for SBL validation.
Regards,
Vishwas HC
