• State TI Thinks Resolved
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 31 subscribers
  • Views 141 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

LP-AM261: LP-AM261: Secure Boot support

DP14
Prodigy 10 points

Part Number: LP-AM261

Hi,

I want to implement the secure boot functionality (device should boot only with valid signed application firmware image).

For this I have generated the public-private key pair as follows:

# Generate RSA-2048 signing key (store in secure location)
openssl genrsa -out /secure/keys/prod_signing_key.pem 2048

# Generate AES-256 encryption key (optional)
openssl rand -hex 32 > /secure/keys/prod_encryption_key.pem

#Extract public key from the private key
openssl rsa -in prod_signing_key.pem -pubout -out publickey.pem

Added the private key paths and secure boot related configurations as follows in the makefile_ccs_bootimage_gen file:

# Default secure boot/signing settings (can be overridden through command line)
DEVICE_TYPE ?= HS
ENC_ENABLED ?= no
RSASSAPSS_ENABLED ?= no
APP_SIGNING_KEY ?= $(abspath keys/private_key.pem)
APP_SIGNING_KEY_KEYRING_ID ?= 0
APP_SIGNING_HASH_ALGO ?= sha256
APP_ENCRYPTION_KEY ?= $(abspath keys/private_encryption_key.pem)
APP_ENCRYPTION_KEY_KEYRING_ID ?= 0
KD_SALT ?= 0x12345678

And build the firmware using the following commad

make -f makefile_ccs_bootimage_gen OUTNAME=gpio_input_interrupt PROFILE=Release MCU_PLUS_SDK_PATH=C:/ti/mcu_plus_sdk_am261x_26_00_00_01 CG_TOOL_ROOT=C:/ti/ccs2050/ccs/tools/compiler/ti-cgt-armllvm_4.0.4.LTS CCS_INSTALL_DIR=C:\ti\ccs2050\ccs\ CCS_IDE_MODE=desktop DEVICE=am261x DEVICE_TYPE=HS

These steps generated the secure .mcelf.hs image.

Are the above mentioned stepts correct for secure application image generation? If no, provide me with the correct way. If yes, I want to flash this firmware on the device. But my question is how the device will know the public key for validating the firmware? 

Do I need to provide the public key in SBL? If yes, please explain, how? If no, provide the correct way for this.

Because what I understood from the documentation is, 

1. On AM261x, the SBL does NOT store the public key and does NOT perform signature verification of the application image.
2. Verification is done by the HSM ROM. It validates the SBL itself, not the application. The ROM verifies:
The X.509 certificate
The RSA‑4096 signature
The SHA‑512 integrity hash
Optional AES‑256 encryption

3. Public key is stored inside the X.509 certificate. But, "How to store Public key inside the X.509 certificate?"

4. Only after SBL authentication, execution proceed

5. After boot, SBL may optionally validate the application, but this is not part of TI’s secure boot ROM flow.

6. If I want application-level authentication, I have to

1. Embedding your own public key into SBL
2. Signing the application image (similar to SBL)
3. Having SBL verify the signature before loading the app

Is my understanding correct? If no, please correct me. If yes, kindly clarify my doubts listed below.
1. For application-level authentication, how to embedd the public key into SBL?
2. What changed I shall need to do for having SBL to verify the secure application image before loading?

  • 0
    TI__Guru* 89171 points

    Hi,

    A quick clarification before answering the above queries and a bit of background on the secure boot in AM261 device.

    1. The boot flow of the device is as follows 

    On R5 -  :  R5 ROM    -> SBL -> App
    On HSM : HSM ROM -> HSMRT (runtime firmware)

    2. SBL is authenticated and decrypted by HSM ROM, where the R5 ROM sends the SBL (certificate and image) to HSM ROM, which validates the same

    3. Next, the SBL sends the HSMRT from external world to HSM ROM, for its validation.

    4. In the above usecases, the key used is "only" the Root of Trust keys (i.e. Your keys flashed in efuse during conversion of the device to HS-SE )

    5. The next step in the application (mcelf.hs) loading by SBL. Here the SBL sends the image certificate and image content to HSMRT, which authenticates (and decrypts) the same

    6. The key used here could be of 2 ways

        a. Sign and Encrypt using the Root of trust keys which the HSMRT already have access to.

        b. Sign and Encrypt using a set of Auxillary Keys (i.e. Keys other than Root of Trust keys (i.e. not present in eFuse). In this case, the HSMRT does not have these keys by default, so you should follow a process called Keyring import, which imports a set of keys to HSM Firmware from SBL, and you can choose which key will be signing the application image based on the key index. The full process is explained below

    Key Ring Service in AM26x devices

    With the above information, could you please recheck if clarification for any part has been missed .

    Hope this helps,

    Thanks and Regards,

    Nikhil Dasan