High Assurance Boot MX8 Sections

From Variscite Wiki
Revision as of 15:40, 18 October 2023 by Nate (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Code signing step by step instructions

Code signing step by step instructions i.MX8M

NXP Provides documentation for enabling HAB for the i.MX8M Family. The information in this wiki is derived from NXP's documentation.

The U-Boot source code provides a directory with documentation and examples: /blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/habv4/

The following documentation is helpful to review:

  • U-Boot [/blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/habv4/introduction_habv4.txt doc/imx/habv4/introduction_habv4.txt]
  • U-Boot [/blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/habv4/guides/mx8m_secure_boot.txt doc/imx/habv4/guides/mx8m_secure_boot.txt]
  • NXP AN12263 HABv4 RVT Guidelines and Recommendations


Code signing step by step instructions i.MX8

NXP Provides documentation for enabling AHAB for the i.MX8 Family. The information in this wiki is derived from NXP's documentation.

The U-Boot source code provides a directory with documentation and examples: /blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/ahab/

The following documentation is helpful to review:

  • U-Boot [/blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/ahab/introduction_ahab.txt doc/imx/ahab/introduction_ahab.txt]
  • U-Boot [/blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/ahab/guides/mx8_mx8x_spl_secure_boot.txt doc/imx/ahab/guides/mx8_mx8x_spl_secure_boot.txt]
  • U-Boot [/blob/imx_v2020.04_5.4.70_2.3.2_var01/doc/imx/ahab/guides/mx8_mx8x_secure_boot.txt doc/imx/ahab/guides/mx8_mx8x_secure_boot.txt]
  • NXP AN12312 Secure Boot on i.MX 8 and i.MX 8X Families using AHAB


Generate PKI

Generate PKI i.MX8M

$ ./hab4_pki_tree.sh

And complete the interactive questions. For example:

Do you want to use an existing CA key (y/n)?: n
Do you want to use Elliptic Curve Cryptography (y/n)?: n
Enter key length in bits for PKI tree: 4096
Enter PKI tree duration (years): 20
How many Super Root Keys should be generated? 4
Do you want the SRK certificates to have the CA flag set? (y/n)?: y

Generate Super Root Key (SRK) table

$ cd ../crts/
$ ../linux64/bin/srktool -h 4 -t SRK_1_2_3_4_table.bin -e SRK_1_2_3_4_fuse.bin -d sha256 -c ./SRK1_sha256_4096_65537_v3_ca_crt.pem,./SRK2_sha256_4096_65537_v3_ca_crt.pem,./SRK3_sha256_4096_65537_v3_ca_crt.pem,./SRK4_sha256_4096_65537_v3_ca_crt.pem -f 1


Generate PKI i.MX8

$ ./ahab_pki_tree.sh

And complete the interactive questions. For example:

Do you want to use an existing CA key (y/n)?: n
Do you want to use Elliptic Curve Cryptography (y/n)?: n
Enter key length in bits for PKI tree: 4096
Enter the digest algorithm to use: sha384
Enter PKI tree duration (years): 20
Do you want the SRK certificates to have the CA flag set? (y/n)?: n

Generate Super Root Key (SRK) table

$ cd ../crts/
$ ../linux64/bin/srktool -a -s sha384 -t SRK1234table.bin -e SRK1234fuse.bin -f 1 -c SRK1_sha384_4096_65537_v3_usr_crt.pem,SRK2_sha384_4096_65537_v3_usr_crt.pem,SRK3_sha384_4096_65537_v3_usr_crt.pem,SRK4_sha384_4096_65537_v3_usr_crt.pem
$ ll SRK1234*
-rw-rw-r-- 1 nate nate   64 Sep 15 14:47 SRK1234fuse.bin
-rw-rw-r-- 1 nate nate 2112 Sep 15 14:47 SRK1234table.bin


Program the SRK (public keys) to the SOC e-fuses

Program the SRK (public keys) to the SOC e-fuses i.MX8M

SRK_1_2_3_4_fuse.bin.u-boot-cmds:

$ cat build_xwayland/tmp/deploy/images//SRK_1_2_3_4_fuse.bin.u-boot-cmds
# Note: These are One-Time Programmable e-fuses. Once you write them you can't go back, so get it right the first time.

fuse prog -y 6 0 0xDA6B9ADB
fuse prog -y 6 1 0xDC9B55A1
fuse prog -y 6 2 0x93D10134
fuse prog -y 6 3 0x5CDC8DA3
fuse prog -y 7 0 0x143709F8
fuse prog -y 7 1 0xC6E305A7
fuse prog -y 7 2 0x3E718DA2
fuse prog -y 7 3 0xC6AC85B6

# After the device successfully boots a signed image without generating any HAB events, it is safe to secure, or 'close', the device.
# This is the last step in the process. Once the fuse is blown, the chip does not load an image that has not been signed using the correct PKI tree.
# Important notes:
# - This is again a One-Time Programmable e-fuse. Once you write it you can't go back, so get it right the first time.
# - If anything in the previous steps wasn't done correctly, the SOM will not boot after writing this bit.

fuse prog 1 3 0x02000000


Program the SRK (public keys) to the SOC e-fuses i.MX8QM

SRK1234fuse.bin.u-boot-cmds:

$ cat build_xwayland/tmp/deploy/images//SRK1234fuse.bin.u-boot-cmds
# Note: These are One-Time Programmable e-fuses. Once you write them you can't go back, so get it right the first time.

fuse prog -y 0 722 0xC7CD8343
fuse prog -y 0 723 0x9DAD444
fuse prog -y 0 724 0xCA69438A
fuse prog -y 0 725 0xF58BCA5A
fuse prog -y 0 726 0xD9B0C333
fuse prog -y 0 727 0xFB085CFC
fuse prog -y 0 728 0xAC6977BD
fuse prog -y 0 729 0x547DD584
fuse prog -y 0 730 0xD7D99422
fuse prog -y 0 731 0x8DD76A21
fuse prog -y 0 732 0xA4BFC709
fuse prog -y 0 733 0x176D4CB9
fuse prog -y 0 734 0x29432F99
fuse prog -y 0 735 0xF5DA795E
fuse prog -y 0 736 0xD7A20D12
fuse prog -y 0 737 0x73CA2F0C

# After the device successfully boots a signed image without generating any HAB events, it is safe to secure, or 'close', the device.
# This is the last step in the process. Once the fuse is blown, the chip does not load an image that has not been signed using the correct PKI tree.
# Important notes:
# - This is again a One-Time Programmable e-fuse. Once you write it you can't go back, so get it right the first time.
# - If anything in the previous steps wasn't done correctly, the SOM will not boot after writing this bit.

ahab_close


Program the SRK (public keys) to the SOC e-fuses i.MX8QXP

SRK1234fuse.bin.u-boot-cmds:

$ cat build_xwayland/tmp/deploy/images//SRK1234fuse.bin.u-boot-cmds
# Note: These are One-Time Programmable e-fuses. Once you write them you can't go back, so get it right the first time.

fuse prog -y 0 730 0xC7CD8343
fuse prog -y 0 731 0x9DAD444
fuse prog -y 0 732 0xCA69438A
fuse prog -y 0 733 0xF58BCA5A
fuse prog -y 0 734 0xD9B0C333
fuse prog -y 0 735 0xFB085CFC
fuse prog -y 0 736 0xAC6977BD
fuse prog -y 0 737 0x547DD584
fuse prog -y 0 738 0xD7D99422
fuse prog -y 0 739 0x8DD76A21
fuse prog -y 0 740 0xA4BFC709
fuse prog -y 0 741 0x176D4CB9
fuse prog -y 0 742 0x29432F99
fuse prog -y 0 743 0xF5DA795E
fuse prog -y 0 744 0xD7A20D12
fuse prog -y 0 745 0x73CA2F0C

fuse read 0 730 16
Reading bank 0:

Word 0x000002da: c7cd8343 09dad444 ca69438a f58bca5a
Word 0x000002de: d9b0c333 fb085cfc ac6977bd 547dd584
Word 0x000002e2: d7d99422 8dd76a21 a4bfc709 176d4cb9
Word 0x000002e6: 29432f99 f5da795e d7a20d12 73ca2f0c

# After the device successfully boots a signed image without generating any HAB events, it is safe to secure, or 'close', the device.
# This is the last step in the process. Once the fuse is blown, the chip does not load an image that has not been signed using the correct PKI tree.
# Important notes:
# - This is again a One-Time Programmable e-fuse. Once you write it you can't go back, so get it right the first time.
# - If anything in the previous steps wasn't done correctly, the SOM will not boot after writing this bit.

ahab_close


HAB Status

HAB Status i.MX8M

Secure boot disabled

HAB Configuration: 0xf0, HAB State: 0x66
No HAB Events Found!


HAB Status i.MX8

Lifecycle: 0x0020, NXP closed

No SECO Events Found!


Secure Device

Secure Device i.MX8M

After the device successfully boots a signed image without generating any events, it is safe to secure, or "close", the device.
This is the last step in the process, and is completed by blowing the SEC_CONFIG[1] fuse bit.
Once the fuse is blown, the chip does not load an image that has not been signed using the correct PKI tree.
Important notes:
- This is again a One-Time Programmable e-fuse. Once you write it you can't go back, so get it right the first time.
- If anything in the previous steps wasn't done correctly, the SOM will not boot after writing this bit.

fuse prog 1 3 0x2000000


Secure Device i.MX8

After the device successfully boots a signed image without generating any events, it is safe to secure, or "close", the device.
This is the last step in the process, and is completed by blowing a fuse.
Once the fuse is blown, the chip does not load an image that has not been signed using the correct PKI tree.
Important notes:
- This is again a One-Time Programmable e-fuse. Once you write it you can't go back, so get it right the first time.
- If anything in the previous steps wasn't done correctly, the SOM will not boot after running this command.

ahab_close