• State TI Thinks Resolved
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 98 subscribers
  • Views 351 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

AM6421: Customized certificate can not be programmed by OTP KeyWriter

Jenny Zhou
Prodigy 230 points
Part Number: AM6421

Tool/software:

Hi TI expert,

I'm using the MCU SDK: mcu_plus_sdk_am64x_10_00_00_20. And installed the OTP KeyWriter here: ti.com/secureresources/AM64X-HS-RESTRICTED-SW?

I customized the 'smpk' and 'smek' to generate my X509 certificate, but failed to program it via OTP KeyWriter. Here's the output of the console:

'

Starting Keywriting
Start Enabled VPP
After Enabled VPP

DMSC Firmware Version 10.0.8-v10.00.08_am64x_keywrite
DMSC Firmware revision 0xa
DMSC ABI revision 4.0

keys Certificate found: 0x70018600
Keywriter Debug Response:0x80020
Error occured...

'

Error bit 19 says 'error validating SMPK singed certificate'. But I've already checked everything, any signing and encryption process looks ok.

I'm wondering what else I do? or Is there any diagnostic tools available to dig what's wrong in the x509 certificate.

I've already successfully validated the certificate by this command:

'openssl x509 -in final_certificate.bin.se -inform DER -noout -text > final_certificate.bin.se.verify.results'

  • 0
    TI__Guru 70231 points

    Hello,

    What is the OpenSSL version you are using? Can you share the command as well used to generate the certificate?

    Thanks!

  • 0 in reply to Prashant Shivhare
    Prodigy 230 points

    Hi Prashant,

    thanks for your attention.

    My OpenSSL version is: 3.2.4

    Due to the company's signature requirements, our development team cannot directly obtain the signature private key. We can only provide the fields to be signed to the company for signature and embed them into the final x509 certificate.

    Here's the command:

    ./gen_keywr_cert.sh -t tifek/ti_fek_public.pem --msv 0xC0FFE -a keys_devel/aes256.key --smpk-def --smek keys_devel/aes256.key --keycnt 1 --keyrev 1

    and changes made into 'gen_keywr_cert.sh':

    'aes256.key.hash.sigraw' is the signed aes256.key.hash.

    'keys_devel/ARK_AM64_ROT.pubkey' is the public key.

    This command will generate a x509 certificate, but it's signed with default SMPK key. So, afterward, we'll extract the TBS field, and signed by our company, and replace corresponding signature field. 

  • 0 in reply to Jenny Zhou
    TI__Guru 70231 points

    Thanks for the clarification, Jenny! I will get back to you by today EOD.

  • 0 in reply to Prashant Shivhare
    Prodigy 230 points

    Hi Prashant,

    thanks for your attention, I though I've root cuase the issue. There's difference between 'keys_devel/ARK_AM64_ROT.pubkey' and publicKey required by 'gen_keywr_cert.sh'.

    Specifically, there's an extra 'rsaEncryptionDes' entry need to be added.

    With this change, OTP KeyWriter can succeed to program the OPT. I'll try to secure boot sbl today.

  • 0 in reply to Jenny Zhou
    TI__Guru 70231 points
    Jenny Zhou said:
    With this change, OTP KeyWriter can succeed to program the OPT. I'll try to secure boot sbl today.

    That is good. Let me know if you need any help with the secure boot.

  • 0 in reply to Prashant Shivhare
    Prodigy 230 points

    Hi Prashant,

    I did need your help for secure boot sbl.

    I tried to modify the 'publicKey' and 'tbs's signature' within SBL's x509, but I failed to boot the device. 

    Here's the output of 'parse_uart_boot_socid.py', which I suppose OPT has been program successfully, since 'Sec Cust MPK Hash' matches my customer hash.

    $ python parse_uart_boot_socid.py socid.txt
    -----------------------
    SoC ID Header Info:
    -----------------------
    NumBlocks : 2
    -----------------------
    SoC ID Public ROM Info:
    -----------------------
    SubBlockId : 1
    SubBlockSize : 26
    DeviceName : am64x
    DeviceType : HSSE
    DMSC ROM Version : [0, 2, 0, 0]
    R5 ROM Version : [0, 2, 0, 0]
    -----------------------
    SoC ID Secure ROM Info:
    -----------------------
    Sec SubBlockId : 2
    Sec SubBlockSize : 166
    Sec Prime : 0
    Sec Key Revision : 1
    Sec Key Count : 1
    Sec TI MPK Hash : b018658ad99dc903c8c9bfb27b12751099920a042ad1dfea7b7ba57369f15546de285edde6a7b39a8bdc40a27b237f8fb1e57f245e80b929c1e28b024aa2ecc6
    Sec Cust MPK Hash : d248d61ff31637daa7e8053e83ea3a868c39319783620af7b0dd74c8ef5c97d2e0df51c12b0654a56dfca1a565b1601492f16c759527800293e59a722c67aee3
    Sec Unique ID : 13f8f762ee412cd0d0c741127b1bf893c841afe076755aee1b6c5bf40040374c

    I replace the public key by "dd if=./ARK_AM64_ROT.pubkey of=sbl_qspi.Debug.hs.tiimage bs=1 seek=376 count=550 conv=notrunc"

    and after signed the extracted TBS area, I replace the TBS signature by "dd if=sbl_tbs_certificate.bin.hash.sigraw of=sbl_qspi.Debug.hs.tiimage bs=1 seek=1588 count=512 conv=notrunc"

    I uploaded the essential files including, would you please help to review if there's anything wrong?

    sbl_qspi.Debug.hs.tiimage.before_customized -- sbl built by TI-Dummy MPK

    sbl_qspi.Debug.hs.tiimage  ----------------------------sbl modified by me

    temp_cert739 ----------------------------------------------x509 certificate config

    ARK_AM64_ROT.pubkey-------------------------------my public key

    Is there a way to know why RBL can not boot SBL?

    Debug_for_sbl_secure_boot.zip

  • 0 in reply to Jenny Zhou
    TI__Guru 70231 points

    If you are only manipulating the certificate then the sizes should not differ.

    ❯ /usr/bin/ls -l sbl_qspi.Debug.hs.tiimage*
-rw-r--r-- 1 p-shivhare p-shivhare 388552 Apr 25 17:46 sbl_qspi.Debug.hs.tiimage
-rw-r--r-- 1 p-shivhare p-shivhare 383208 Apr 25 17:43 sbl_qspi.Debug.hs.tiimage.bk

    The size difference seems to be because of an extra certificate appended at the very last of your own key signed SBL.

    ❯ binwalk sbl_qspi.Debug.hs.tiimage

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             Certificate in DER format (x509 v3), header length: 4, sequence length: 2012
383208        0x5D8E8         Certificate in DER format (x509 v3), header length: 4, sequence length: 1680

❯ binwalk sbl_qspi.Debug.hs.tiimage.bk

DECIMAL       HEXADECIMAL     DESCRIPTION
--------------------------------------------------------------------------------
0             0x0             Certificate in DER format (x509 v3), header length: 4, sequence length: 2012

    Can you please remove this extra certificate and try booting?

    Also, instead of directly manipulating the certificate bytes, you should create the OpenSSL config file and sign it.

  • 0 in reply to Prashant Shivhare
    Prodigy 230 points

    Hi Prashant,

    thanks a lot for your help, After I fixed the extra certificate problem, SBL can ben booted.