Other Parts Discussed in Thread: SYSCONFIG
Tool/software:
Hi,
I am currently trying to implement secure boot on the AMP263P Control Card. After reading about keyrings I get the impression that I can store my application keys in that memory. I found the API call HsmClient_importKeyring() whose parameters include the location of the certificate of my keyring, and I will be calling this API from my SBL to import the keyring. However, once I've imported it into memory how do I access the keys in the keyring that are now stored in the keyring in HSM memory? What API call would enable that?
I found this document AM263Px MCU+ SDK: Enabling Secure Boot and if you scroll until you see "Keyring can be imported in SBL by using keyring import module in sysconfig.". Under there you see "Add instance of keyring import module in sysconfig." and then "load the keyring certificate header file which is generated using Keyring Cert Generation Python Script" and then "The sysconfig module auto-generates APIs for keyring import and builds SBL along with keyring certificate. For certificate generation script usage, see Keyring Cert Generation Python Script.". This confused me a bit more, should I never modify my sbl file (I'm using the example sbl_ospi_multicore_elf) and instead just change the sysconfig module to somehow generate my sbl? Should I only use the CCS ide to generate my sbl and never write my own custom one?
Thanks for the help
