i.MX8X permanently revoke a SRK key

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

i.MX8X permanently revoke a SRK key

跳至解决方案
2,554 次查看
gonzalo_ruiz
Contributor II

Hello,

on AN12312 is specified that an SRK key can be revoked by a combination of CST and SCU API.

I was able to set the Revocations parameter in the CST [Install SRK] command and I verified it is not able to authenticate using the SRK keys specified in the Revocations parameter. For example:

[Install SRK]
...
# bitmask of the revoked SRKs
Revocations = 0x2

 

With this command I am not able to boot images signed with SRK1 on a closed device.

However, If the Revocations value is change back to 0:

 

[Install SRK]
...
# bitmask of the revoked SRKs
Revocations = 0x0

 

I am able to boot images signed with SRK1 again, which is not really safe considering that SRK set should not be valid anymore.

Is there a way to make this revocation permanent in the device? I saw references to sending the COMMIT command, but there is no instructions or guide on how to do that. Can you provide more information?

 

Thank you,

Gonzalo

0 项奖励
回复
1 解答
2,550 次查看
marouene_boubakri
NXP Employee
NXP Employee

Hi @gonzalo_ruiz ,

Following is an SRK revocation example:


The validation test scenario is under assumption “SRK1 and SRK2 public key hacked and must replace to SRK3”.

1) You can fuse these two bits at a time, that is to set Revocations in CSF file to 0x3, the updated csf script is like below:

[Install SRK]
# SRK table generated by srktool
File = "../../crts/SRK1234table.bin"
# Public key certificate in PEM format
Source = "../../crts/SRK3_sha384_secp384r1_v3_usr_crt.pem"
# Index of the public key certificate within the SRK table (0 .. 3)
Source index = 2
# Type of SRK set (NXP or OEM)
Source set = OEM
# bitmask of the revoked SRKs
Revocations = 0x3

2) Use this updated csf script to sign the boot image containers, then write the signed-flash.bin to sdcard to confirm that AHAB boots successfully with new signed image by SRK3.

$ dd if=signed-flash.bin of=/dev/sdx bs=1k seek=32; sync

3) After the system boot up, stop it at uboot. Input below commands in scu serial port to revoke corresponding bits.

>seco commit 0x10
Confirm commit 0x00000010 [y/n]: y
Committed: 0x08X

4) In A core serial port, input below to check if the fuse SRK_REVOKE_CONTROL is revoked.

=> fuse read 0 11
Reading bank 0:
Word 0x0000000b: 00000300

5) You can resign the flash.bin by SRK2 or SRK1, the AHAB boot fails.

 

Regards

Maro

在原帖中查看解决方案

5 回复数
2,551 次查看
marouene_boubakri
NXP Employee
NXP Employee

Hi @gonzalo_ruiz ,

Following is an SRK revocation example:


The validation test scenario is under assumption “SRK1 and SRK2 public key hacked and must replace to SRK3”.

1) You can fuse these two bits at a time, that is to set Revocations in CSF file to 0x3, the updated csf script is like below:

[Install SRK]
# SRK table generated by srktool
File = "../../crts/SRK1234table.bin"
# Public key certificate in PEM format
Source = "../../crts/SRK3_sha384_secp384r1_v3_usr_crt.pem"
# Index of the public key certificate within the SRK table (0 .. 3)
Source index = 2
# Type of SRK set (NXP or OEM)
Source set = OEM
# bitmask of the revoked SRKs
Revocations = 0x3

2) Use this updated csf script to sign the boot image containers, then write the signed-flash.bin to sdcard to confirm that AHAB boots successfully with new signed image by SRK3.

$ dd if=signed-flash.bin of=/dev/sdx bs=1k seek=32; sync

3) After the system boot up, stop it at uboot. Input below commands in scu serial port to revoke corresponding bits.

>seco commit 0x10
Confirm commit 0x00000010 [y/n]: y
Committed: 0x08X

4) In A core serial port, input below to check if the fuse SRK_REVOKE_CONTROL is revoked.

=> fuse read 0 11
Reading bank 0:
Word 0x0000000b: 00000300

5) You can resign the flash.bin by SRK2 or SRK1, the AHAB boot fails.

 

Regards

Maro

2,546 次查看
gonzalo_ruiz
Contributor II

Hi Maro,

Is there a way to run the equivalent to the 'seco commit' command from U-Boot via the SCU API? I don't have access to the SCU serial port by default.

Also, how is that command built? Should we use the same argument regardless of the specific SRK keys that are being revoked?

 

Regards,

Gonzalo

0 项奖励
回复
2,532 次查看
marouene_boubakri
NXP Employee
NXP Employee

Hi @gonzalo_ruiz,

 

System Controller Firmware provides API functions, you are more interested in commit SRK you can use the sc_seco_commit() API  and for reading/writing fuse you can use sc_misc_otp_fuse_read() and sc_misc_otp_fuse_write() You can find details in "System Controller Firmware Porting Guide"

Regards

Maro

0 项奖励
回复
2,529 次查看
gonzalo_ruiz
Contributor II

Hi @marouene_boubakri ,

Thanks for the information. I am also trying to locate a certain "SECO API Reference Guide" to get more information about the arguments.

Can you tell me where I can find it?

Regards,

Gonzalo

0 项奖励
回复
2,527 次查看
marouene_boubakri
NXP Employee
NXP Employee

Hi @gonzalo_ruiz,

Currently, the document is under moderated release by Marketing team only.

Please send a request to marketing to get the document.

Regards
Maro

0 项奖励
回复