how do I setup HASH_IRQHandler for skboot_authenticate on a LPC55s28 ?

andrewfisher · ‎06-01-2021

Hello,

As part of writing a second stage boot loader on a LPC55s28 project I am trying to extend the chain of trust as referred to in the LPC55s2x user manual. I have my image in FLASH ready to be checked and wish to call skboot_authenticate() as described in section 7.4.1 of the user manual.

This section says:

If a user application calls skboot_authenticate() directly or indirectly from SB file processing functions kb_init/kb_process/kb_deinit, the user HASH interrupt vector shall call the HASH_IRQHandler() function for handling of the Hash-crypt IP interrupt.

How do I do this? Are you saying I need to enable the has-crypt interrupt, hook it and call this function.Do I also have to call the default handler as well - i.e. HASHCRYPT_DriverIRQHandler() in fsl_hashcrypt.c

Is there any example code for this?

Would this work?

void (*handler)(void) = 0x13003717;

void HASHCRYPT_IRQHandler(void) {
   (*handler)();
}

void setup(void) {
   (void)EnableIRQ(HASHCRYPT_IRQn);
   
   // now I can call skboot_authenticate()

   (void)DisableIRQ(HASHCRYPT_IRQn);

  // check skboot_authenticate() status
}

Thanks...

Alice_Yang · ‎06-03-2021

Hello andrewfisher,

Please have a look at 3 IAP API Demos of ROM_API.pdf, it in UM attachment,

especially the below part:

BR

Alice

andrewfisher · ‎06-04-2021

I really cant see how the attached ROM_API.pdf document explains anything. Quite apart from the fact it keeps referring to the Niobe4mini user manual - which can be found nowhere! ROM_API.pdf is all about the boot-loader API which is quite separate from the Image Authentication API.

I currently have my signed image flashed into ROM using my own methods. I can check it visually from the debugger and it all looks good. I now want to call the API to verify the image is authentic before passing over control. Currently I am calling skboot_authenticate() on the image and it returns a fail. But I can also see that the HASCRYPT_IRQHandler never fires.

I have tried initializing HASHCRYPT manually before the call and nothing changes.

What would be actually helpful is a working example of how to use the skboot_authenticate() function call.

Thank you

Alice_Yang · ‎06-07-2021

Hello andrewfisher,

1) "Niobe4mini user manual" is UM11126, sorry for the typo in the PDF.

2) Usually this API is used by ROM during secure boot. There is no example about use this in user application so far, only can check the 7.4.1 of UM.

And as UM, it also used to verity authenticity of the SB 2.0/2.1 files, not all files. What about your file?

BR

Alice

andrewfisher · ‎06-11-2021

Wow that's about as unhelpful as it gets!

In the very first sentence of my initial post I said that I was following section 7.4.1 of the user manual. So what you are actually saying is that having chased round in a circle there actually isn't enough information to actually use the Authentication API and it is for internal ROM use only.

May I suggest you either complete OR remove section 7.4.1 from the user manual. As it stands it simply serves to wast loads of your users time.

andrewfisher · ‎02-21-2022

Sorry, no I never got this to work. nor did I get any useful help from NXP.

In the end, I have written my own secure second-stage bootloader and am not relying on anything NXP provide to do secure and authenticated firmware update. A very unsatisfactory outcome.

Sorry

abhi085 · ‎02-22-2022

@Alice_Yang

Any comment on this??

andrewfisher · ‎06-04-2021

I finally found the attachment! I'll see if it helps.

It may be useful to know that none of the pdf viewers on Mac or Linux show pdf attachments. They are only visible if you install the full adobe tool. At least as far as I can see! You may as well say see hidden attachment!

andrewfisher · ‎06-04-2021

This just gets better and better!

The attached rom_api.pdf file keeps referring to the Nibe4mini user manual.

Google thinks Nibe4mini is a fridge and both NXP and The NXp community website gives no hits.

abhi085 · ‎02-21-2022

Hi @andrewfisher ,

I am also facing the same issue on lpc55s69, in my case, skboot_authenticate() got stuck and never returns.

Are you able to find solution, if yes, then please guide through the process,

Thanks,

Abhijeet

andrewfisher · ‎02-22-2022

Sorry, no I never got this to work. nor did I get any useful help from NXP.

In the end, I have written my own secure second-stage bootloader and am not relying on anything NXP provide to do secure and authenticated firmware update. A very unsatisfactory outcome.

Sorry

abhi085 · ‎02-23-2022

Hi @andrewfisher ,

Ok, so how do you authenticate the signed image(prepared from elftosb_gui_1.0.12 nxp tool) in your secure secondary bootloader? Can you please share?

Thanks,

Abhijeet.

andrewfisher · ‎02-25-2022

Sorry, I guess I'm not being clear. I wrote my own encryption, authentication tools to package the binary in my own image format. And I also wrote my own decrypter/authenticator to run in my second stage bootloader. The only parts of NXP I used were the APIs to SHA256, AES, and CASPER for the public-private key parts.

I'm afraid this was all done as part of a commercial contract so I don't have the rights to share it.

To say I was unimpressed by the support and documentation offered by NXP is an understatement.

Also if you hunt around on the internet you will find that NXPs system has been compromised anyway.