Integrity Check on FLASH for Security

cancel
Showing results for 
Search instead for 
Did you mean: 

Integrity Check on FLASH for Security

Jump to solution
313 Views
nevozade
Contributor III

Hello,

I am using S32K148 for a project and I used example 'boot_protection_s32k148' project and perform a secure boot successfully. On the other hand, I want to use security with CSEc module for integrity check which I want to say that validation for any block/sector etc. on the FLASH memory. I desired a system design that checks and compares with the values (key, MAC value etc.) for that region. May you offer or reference a way to do this concept. Thanks for helping.

Best Regards.

0 Kudos
1 Solution
296 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi Nevzat,

we have an application AN4235 talking about chain of trust:

https://www.nxp.com/docs/en/application-note/AN4235.pdf

https://www.nxp.com/docs/en/application-note-software/AN4235SW.zip

https://www.nxp.com/docs/en/application-note-software/AN4235video.zip

It's application note written for MPC5646C, first device with CSE module.

Or I wrote this short description/example somewhere:

  • Let’s say the bootloader occupies area 0x0  - 0xFFF (just an example)
  • The secure boot is configured to cover this area.
  • The bootloader checks if the secure boot was successful (read if FCSESTAT[BOK]==1)
  • If the secure boot failed, do something (this is up to you)
  • If the secure boot was successful, start checking of the application – this is just calculating of the CMAC over the application image.
  • If the CMAC is correct, run BOOT_OK command which finishes the secure boot process and then it is possible to use boot protected keys. Jump to the application.
  • If the CMAC is not correct, run BOOT_FAILURE command which finishes the secure boot process and then it’s not possible to use boot protected keys. It’s up to you if you want to jump to the application or not.

Regards,

Lukas

View solution in original post

0 Kudos
1 Reply
297 Views
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi Nevzat,

we have an application AN4235 talking about chain of trust:

https://www.nxp.com/docs/en/application-note/AN4235.pdf

https://www.nxp.com/docs/en/application-note-software/AN4235SW.zip

https://www.nxp.com/docs/en/application-note-software/AN4235video.zip

It's application note written for MPC5646C, first device with CSE module.

Or I wrote this short description/example somewhere:

  • Let’s say the bootloader occupies area 0x0  - 0xFFF (just an example)
  • The secure boot is configured to cover this area.
  • The bootloader checks if the secure boot was successful (read if FCSESTAT[BOK]==1)
  • If the secure boot failed, do something (this is up to you)
  • If the secure boot was successful, start checking of the application – this is just calculating of the CMAC over the application image.
  • If the CMAC is correct, run BOOT_OK command which finishes the secure boot process and then it is possible to use boot protected keys. Jump to the application.
  • If the CMAC is not correct, run BOOT_FAILURE command which finishes the secure boot process and then it’s not possible to use boot protected keys. It’s up to you if you want to jump to the application or not.

Regards,

Lukas

0 Kudos