Hi
Sorry in advance if this is a dumb question about signed firmware.
I've read the Secure Boot AN and the LPC55 user manual, but there is something i'm missing
The secure boot firmware contains the signing public key (in the certificate(s)), and is signed with it if it got it correctly.
So far so good.
The part i dont understand is how a LPC55 is pinned to a certificate or a set of certificates ?
i.e. how can i prevent a completely valid secure firmware e. signed by somebody else to be used ?
There is something in the PFR to deal with that i guess, but i could not figure it out.
I expected the root public key somewhere there, so that i could be used to validate the whole chain, and reject every signature not coming from MY certificate chain but i didnt find it.
If someone could kindly redirect me to the relevant part of the doc /and or shed some light that would be appreciated
Thank you in advance
Tc
Solved! Go to Solution.
Hello Tres,
Yes, pay attention in "5.5CMPA page preparation" of secure boot AN, program RKTH
to chip, this hash is generated from certificates during signing process. So it corresponding to your private key and certificate.
Regards,
Alice
Hello again
Maybe just the hash of the root certificate is stored in the PFR and is checked against the one in the firmware image ?
So only firmware(s) with the right root certificate hash are accepted ?
Thanks
Tc
Hello Tres,
Yes, pay attention in "5.5CMPA page preparation" of secure boot AN, program RKTH
to chip, this hash is generated from certificates during signing process. So it corresponding to your private key and certificate.
Regards,
Alice
Thanks a lot !
Best Regards
Tres