FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

imx 93 Win10 IoT: Securing UEFI and Windows

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

imx 93 Win10 IoT: Securing UEFI and Windows

‎11-19-2023 09:40 PM
301 Views
aditya_h
Contributor II

I am currently exploring secure boot for imx93. I was able to enable secure boot up to UEFI stage using steps given in user guide (User Guide) . But steps for securing UEFI and windows image is not clearly described. For securing UEFI we need PK,KEK and databases. Do I need to create all the variables or it should be already present? If it is already present how do I enable it?

Labels (1)
Labels
0 Kudos
Reply
2 Replies

‎11-26-2023 11:28 PM
244 Views
Naveen_V_M
Contributor I

Do we need to create the Signature Database and forbidden signature database explicitly or are they part of UEFI infrastructure?

0 Kudos
Reply

‎11-21-2023 05:03 AM
275 Views
Harvey021
NXP TechSupport
NXP TechSupport

UEFI and Windows use their own chain of trust, which is composed of Platform Key (PK), Key Exchange Key
(KEK), forbidden signature database (dbx) and valid signature database (db). Those credentials are stored as
UEFI Secure variables. Those variables must be programmed at OEM site.

 

Regards

Harvey

0 Kudos
Reply