Hello.
I have been studying 'Secure Boot' in csec.
In AN5401, Page 20
==========================================================================
If the secure boot process is successful and CMD_BOOT_OK is executed, keys marked as Boot Protected (BOOT_PROT) can
be used by the application code. Otherwise boot protected keys remain locked for application use.
==========================================================================
So my application is checking the secure boot status through "FTFC->FCSESTAT" .
and when boot mac verifying is succeeded, the application calls "CSEC_DRV_BootOK()".
And I tested boot protection flag key.
But, regardless of calling "CSEC_DRV_BootOK()", I could use the boot protection flag key,
As long as, the boot mac verifying is succeeded.
Do i misunderstand AN5401?
Thanks
Best regards
Phillip
Solved! Go to Solution.
Hi Phillip,
I got very fast feedback which confirmed my thoughts. CMD_BOOT_OK is not needed to use boot protected keys and it meets the SHE spec. The sentence in the app note will be updated.
Thanks for pointing this out.
Regards,
Lukas
Hi Phillip,
I got very fast feedback which confirmed my thoughts. CMD_BOOT_OK is not needed to use boot protected keys and it meets the SHE spec. The sentence in the app note will be updated.
Thanks for pointing this out.
Regards,
Lukas
Hi Phillip,
I can see that SHE specification does not explicitly say that CMD_BOOT_OK is needed to unprotect boot protected keys. It is used rather to lock CMD_BOOT_FAILURE command. In my opinion, the behavior you can see complies with the spec and the sentence in the AN is wrong.
But let me double check this. Notice that it will probably take a couple of days.
Regards,
Lukas