cse secureboot mpc5777C

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

cse secureboot mpc5777C

3,035 Views
Othmane1
Contributor II

Hi,

I need someone to explain to me how exactly the secureboot command will be executed during reset as it was mentioned in the datasheet:

Othmane1_0-1708700433201.png

from what i understand through going though the reference manual + some application notes:

  • the secureboot command can be executed by the BAM right?Othmane1_1-1708700601228.png
  • the DCF records for the secureboot configuration is done in the factory and cannot be changed right?Othmane1_5-1708700747043.png

     

     

  • When i try to view the UTEST area i couldn't find any Record for that secureboot configuration Othmane1_6-1708700850077.png

     

  • what should i do if i want the secureboot command to be executed automatically after every reset ?

 

 

 

0 Kudos
Reply
4 Replies

3,011 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Othmane1 

Secure boot is enabled on all production devices. And parallel boot mode is selected. This is configured in NXP factory by DCF record and it cannot be changed. The DCF record is not visible in the memory map, it's hidden for user.

The device is configured in a way that SECURE_BOOT command is always executed by CSE during reset. If the BOOT_MAC_KEY is empty that nothing will happen and the process is just finished.

To make it working:
1. It is necessary to program DCF records to define start address and size for secure boot:

lukaszadrapa_0-1709036133430.png

 

This DCF configurator could help:
https://community.nxp.com/t5/MPC5xxx-Knowledge-Base/MPC5777C-DCF-Configurator/ta-p/1104470

2. Load MASTER_ECU_KEY and BOOT_MAC_KEY by using LOAD_KEY command

3. Power cycle the device. The CSE will automatically calculate MAC of defined area and it will be stored automatically to BOOT_MAC slot. Afte next reset, you can just check CSE status register if secure boot was successful or not.


And notice that there's following erratum which is important in case you want to calculate the BOOT_MAC by yourself:

lukaszadrapa_1-1709036152674.png


https://www.nxp.com/docs/en/errata/MPC5777C_3N45H.pdf


Regards,
Lukas

0 Kudos
Reply

2,444 Views
Othmane1
Contributor II

can you please further explain the erratum?

does it mean that the GENERATE_MAC command that I can use to calculate the MAC of the software doesn't work?

0 Kudos
Reply

2,427 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Othmane1 

GENERATE_MAC command works as expected.

The erratum says that CSE does not calculate correctly only the BOOT_MAC. SHE specification requires to calculate the BOOT_MAC like:

CMAC( BOOT_MAC_KEY (“0...0“ 96 | SIZE | DATA))

However, CSE is doing only (CMAC( BOOT_MAC_KEY (DATA)))

If you calculate BOOT_MAC offline by some external tools, it's necessary to take this into account.

Regards,

Lukas

0 Kudos
Reply

2,422 Views
Othmane1
Contributor II

Now i understand.

i have other questions:

1.the official way to do secureboot on cse is to first flash the UTEST (DCF) address and length of the code then load the boot_mac_key right?

2.Does the previous method apply to the HSM too?

3.I saw in some old documentation of CSE that we can specify the address and length by following this table attached, is both method for secure boot can be used?

4.if I don't want to erase the keys every time I update the software (due to the secure boot failing for mismatch of boot_mac) can I just use the function 

SECURITY_GenerateMac to calculate the new MAC then load it using LOAD_key function then flash the new software?
 
5.I saw that the driver of the case provide  the CSE_DRV_SecureBoot function which I don't know when can it be used? since the secure boot is always done after POR!! or is there another scenario where it can be used?SECBOOT.PNG
 

 

0 Kudos
Reply