Tool/software:
Hi,
I am currently trying to implement secure boot on the AM263p Control Card and had a question about application image authentication being done in the SBL.
In this doc: AM263Px MCU+ SDK: Enabling Secure Boot is written the following: "The SBL doesn't have innate abilities to do the image integrity check, or verify the hash of the application image. It relies on the HSMRt for this. The image is stored in a readable memory and a pointer to the start of the image is passed to the HSMRt with other details like load address, type of authentication etc.".
I am assuming this means we must make API calls from within the sbl that tell the HSMRt to verify and do image integrity checks on our application image. I am using sbl_ospi_multicore_elf in example/drivers/boot in the SDK as a template and am modifying it to implement secure boot. If I added in the API call: HsmClient_procAuthBoot(timeout, HsmClient, cert, cert_size) to my sbl, would this tell the HSMRt to authenticate my application image?
Also if the public key for my signed application image is stored in the keyring, how do I tell HSMRt where to look for that public key?
Thanks for the help
