[processor-sdk/pdk.git] / packages / ti / drv / sciclient / docs / system-firmware-public-documentation / _sources / 6_topic_user_guides / secure_boot_signing.rst.txt
1 ==================================
2 Signing binaries for Secure Boot
3 ==================================
5 This document describes the various steps in signing binaries for secure boot.
6 Usecases are listed in order of increasing complexity.
8 1. :ref:`pub_sign_unencrypted_mpk`
9 2. :ref:`pub_sign_encrypted_mek`
11 .. _pub_sign_unencrypted_mpk:
13 Signing an unencrypted binary for secure boot
14 ======================================================
16 1. Calculate SHA2-512 hash of the binary. Populate the :ref:`sysfw_image_integrity_ext`
17 with the calculated hash and the length of the binary.
19 2. Determine where the image needs to be loaded at runtime and populate the
20 :ref:`sysfw_load_ext`.
22 3. Populate the :ref:`sysfw_swrev_ext` with the software revision value
23 for the binary. The software revision is used to enforce rollback
24 protection.
26 4. If the binary is to be used to bring a core out of reset, populate the
27 :ref:`sysfw_boot_ext` with the appropriate values.
29 5. Choose a private key to the sign the certificate. |sysfw| only
30 supports signing a certificate with active MPK.
32 6. Sign the X509 certificate populated in steps (1)-(4).
34 7. Append the binary to the signed X509 certificate.
36 8. On the target, load the output of step (7) to a memory location. Use the memory
37 location as the payload of the :ref:`TISCI_MSG_PROC_AUTH_BOOT <proc-boot-authenticate-image-and-configure-processor>`
38 TISCI message.
41 .. _pub_sign_encrypted_mek:
43 Signing an encrypted binary for secure boot
44 ===========================================
46 Using an encrypted binary for secure boot requires minor changes to the signing
47 process described above. The binary needs to be encrypted first and used as an
48 input to the signing process described above. Some of the values populated in
49 X509 extensions are also modified. This section describes the encryption
50 operation and changes in populating the X509 extensions. First, the steps to
51 encrypt the binary are listed below.
53 1. Pad the binary with zeros until the length is a multiple of 16 bytes.
55 2. Append a 32 byte long random string to the binary output in step (1). This
56 random string is used by |sysfw| to verify successful decryption. This string
57 needs to be populated in the X509 certificate.
59 3. Choose 16 byte long random string as the initialization vector(IV) for CBC
60 encryption. This string also needs to be populated in the X509 certificate.
62 4. Choose the key to encrypt the binary. |sysfw| only supports
63 encryption with the active MEK.
65 5. Encrypt the binary output from step (2) with key chosen in step (4) in
66 AES-256-CBC mode. Use the string chosen in step (3) as the initialization
67 vector.
69 When using encryption, the X509 encryption extension needs to be populated in
70 the certificate before signing. The following changes apply to the other extensions.
72 1. The length of binary output in step (2) above needs to be populated in the
73 X509 image integrity extension.
75 2. The binary output of step (5) needs to be used when calculating the hash to be
76 populated in the X509 image integrity extension.
78 3. The binary output of step (5) must be appended to the signed X509 certificate
79 instead of the unencrypted binary.
81 Please refer to :ref:`sysfw_image_integrity_ext` and :ref:`sysfw_encryption_ext`.