In the device, the BootROM verifies the FSBL, and either the FSBL or U-Boot verifies the subsequent partitions using the Public key.
- Verify PPK: This step establishes the authenticity of primary key, which is
used to authenticate secondary key.
- PPK is read from AC in boot image
- Generate PPK hash
- Hashed PPK is compared with the PPK hash retrieved from eFUSE
- If same, then primary key is trusted, else secure boot fail
- Verify secondary keys: This step establishes the authenticity of secondary
key, which is used to authenticate the partitions.
- SPK is read from AC in boot image
- Generate SPK hashed
- Get the SPK hash, by verifying the SPK signature stored in AC, using PPK
- Compare hashes from step (b) and step (c)
- If same, then secondary key is trusted, else secure boot fail.
- Verify partitions: This step establishes the authenticity of partition which
is being booted.
- Partition is read from the boot image.
- Generate hash of the partition.
- Get the partition hash, by verifying the Partition signature stored in AC, using SPK.
- Compare the hashes from step (b) and step (c)
- If same, then partition is trusted, else secure boot fail
Figure 1. Verification Flow Diagram
Bootgen can create a authentication certificate in two ways:
- Supply the PSK and SSK. The SPK signature is calculated on-the-fly using these two inputs.
- Supply the PPK and SSK and the SPK signature as inputs. This is used in cases where the PSK is not known.