ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Confused about SRK

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

Confused about SRK

ソリューションへジャンプ
‎11-17-2020 01:07 AM
3,689件の閲覧回数
dlliweihua
Contributor III

Hello NXP experts,

The PKT tree generated by cst tool is as  "CA->SRK->SGK(optional)",

why the burned key into fuse OTP is not CA's public key but SRK's public key?

And in the final signed image, there is no SRK's certificate, that is to say,

the procedure of using CA's private key to sign SRK's public key is only performed

on host computer to generate SRKn_XXX_XXX_XXX_v3_XXX_crt.pem,

and the SRK's public key infos (RSA Modulus/Exponent or ECDSA X/Y)

are written into SRK record in the signed image directly.

When performing seco image verification, the CA's public key never used!

Then, what is the role of CA to the end during the whole process?

Best Regards,

liweihua

 

                   

                         

0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎11-18-2020 02:14 AM
3,645件の閲覧回数
Yuri
NXP Employee
NXP Employee

@dlliweihua 

    We do not use all trust levels (starting from CA) during
i.MX boot. Further optimization is Fast authentication.
It provides the option to use the SRK to verify the CSF data
and Image data directly, instead of using the CSF and IMG keys.
This reduces the number of key pair authentications that must
occur during boot stage. 

元の投稿で解決策を見る

返信
5 返答(返信)

ソリューションへジャンプ
‎11-17-2020 10:01 PM
3,673件の閲覧回数
Yuri
NXP Employee
NXP Employee

@dlliweihua 
Hello,

  In general, the i.MX HAB CST approach is intended for the case, when there are following
participants:
• A Certificate Authority (CA), which is responsible for protecting the top level CA key and for
certifying lower level code signing keys.
• A Signature Authority (SA), which is responsible for performing the act of code signing.
• A Manufacturer, which is responsible for requesting digital signatures across product
software

   The CST is set of command line tools residing on a host computer which serves as both the Certificate  Authority (CA) and Signature Authority (SA) allowing manufacturers to control all aspects of the HAB  code signing process.

 

Regards,
Yuri.

0 件の賞賛
返信

ソリューションへジャンプ
‎11-17-2020 10:34 PM
3,669件の閲覧回数
dlliweihua
Contributor III

@Yuri 

Since CA is used to protect SRK,

SECO should use CA's public key to decrypt and get SRK's public key from SRK's certificate.

Why dose CST not write SRK's certificate into the signed image?

Why the burned key into fuse OTP is not CA's public key instead of  SRK's public key?

Regards,

liweihua

0 件の賞賛
返信

ソリューションへジャンプ
‎11-17-2020 11:12 PM
3,661件の閲覧回数
Yuri
NXP Employee
NXP Employee

@dlliweihua 
Hello,

  AHAB implementation may be considered as some kind of optimization.
Note, SRK fuses contain hash of SRK keys.  

 

Regards,
Yuri.

0 件の賞賛
返信

ソリューションへジャンプ
‎11-18-2020 01:57 AM
3,653件の閲覧回数
dlliweihua
Contributor III

@Yuri 

1.AHAB implementation may be considered as some kind of optimization.

Is this optimization equivalent to SRK self signature?

2.Note, SRK fuses contain hash of SRK keys.  

Yes,I have noted this point.

 

Thanks.

Regards,

liweihua

0 件の賞賛
返信

ソリューションへジャンプ
‎11-18-2020 02:14 AM
3,646件の閲覧回数
Yuri
NXP Employee
NXP Employee

@dlliweihua 

    We do not use all trust levels (starting from CA) during
i.MX boot. Further optimization is Fast authentication.
It provides the option to use the SRK to verify the CSF data
and Image data directly, instead of using the CSF and IMG keys.
This reduces the number of key pair authentications that must
occur during boot stage. 

返信