S32K312 SECURE BOOT

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

S32K312 SECURE BOOT

783 次查看
Benz_G
Contributor I

Hi:

While looking at the sample code, there is a question. In the example code, the authentication label of an active partition is stored in a passive partition, and the authentication label of the passive partition is stored in an active partition. When implementing secure boot with ab _ awap firmware, do the active block and the passive block applications have to be exactly the same?

 

Thanks & Best Regards!

标记 (1)
0 项奖励
回复
2 回复数

744 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @Benz_G 

I guess we are talking about example from Secure Boot Application Note:
https://www.nxp.com/products/processors-and-microcontrollers/s32-automotive-platform/s32k-auto-gener...
Application note can be found here:
Documentation -> Secure Files -> Secure Boot Application note v0.1.1.0 (AN744511)
Associated demo project can be downloaded here:
Design Resources -> Software -> Secure Files -> SecureBootAppNoteDemo (SW745310)

Section "7.3 Implement secure boot" explains how to enable the secure boot. It's not necessary to have the same App in passive and active partition but it's the simplest method how to configure the secure boot. You probably won't have two applications right at the beginning.

Regards,
Lukas

0 项奖励
回复

742 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

... and comment about "the authentication label of an active partition is stored in a passive partition, and the authentication label of the passive partition is stored in an active partition":

No, take a look at step 3 and 5. Cfg_v1 calculates AuthTag of App_v2 and then it's stored to passive block (to App_v2). In step 5, Cfg_v2 calculates AuthTag of App_v1 and then it's stored to passive block (to App_v1).

0 项奖励
回复