ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

RT6xx secure boot

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

RT6xx secure boot

‎07-31-2023 05:27 AM
893件の閲覧回数
yoeinhor
Contributor I

Hello,

 

I am working on converting RT6xx systems from normal boot to secure boot with plain signed non-XIP images in the field, and have a couple of questions:

1. OTP_MASTER_KEY: Is this OTP necessary? Why? I saw it is set by the secure provisioning tool but I don't see a reason for it.

2. Are there any implications to flashing an image with the "image_type" field set to "plain signed non-XIP (0x1)" while secure boot is not enabled in the OTP? Following the boot process diagram in the manual, it seems like the bootloader ROM will treat it the same way as non-signed images, but I need to make sure this is the case.

 

Thanks.

 

ラベル(1)
ラベル
0 件の賞賛
返信
1 返信

‎08-31-2023 11:20 PM
831件の閲覧回数
diego_charles
NXP TechSupport
NXP TechSupport

Hi @yoeinhor 

I am sorry for not getting back to you on time, but, regarding your questions. 

1 No, the OTP_MASTER_KEY is not necesary for plain signed images . Its use is described at AN12079 which is under secure access.

2 The implication that I see is that for booting a signed image, you will need to provide a ROM the keys/root certicate in the key store area, instead of the OTPs.

diego_charles_0-1693549160906.png

 

 
 

All the best, 

Diego

0 件の賞賛
返信