Hello,
I am currently trying to implement Secure Boot functionality on a LPC55XpressoS16 eval board. My plan was to use the Secure ROM API function skboot_status_t skboot_authenticate(const uint8_t *imageStartAddr, secure_bool_t *isSignVerified) for the image verification.
I managed to access it using the necessary function pointers to the ROM API table. The image itself is signed according to the SPSDK documentation (Link to documentation). I also tried the whole thing using an image that was signed via the NXP Secure Provisioning GUI tool.
My problem now is that the function always returns kStatus_SKBOOT_InvalidArgument. I am actually pretty certain that the imageStartAddr parameter is correct (0x00000000) and that this is not the cause of this.
UM11295 states that this is exactly the same function that the already by NXP implemented secure boot functionality in ROM uses. When I then enabled that secure boot in addition to my own, the one by NXP passed and verified the image (the device booted normally and jumped to the reset handler) but my function again returned "invalid argument". Even though allegedly the same function is used.
Is there something I am overlooking or is there some additional documentation for that function (I already checked the appeneded Rom_API.pdf of the UM11295)?
