RidgeRun Platform Security Manual/Platform Security/Secure Boot: Difference between revisions

RidgeRun Platform Security Manual/Platform Security/Secure Boot (view source)

Revision as of 22:27, 22 January 2025

344 bytes added , 22 January

no edit summary

Cjimenez

298

edits

❯

@@ Line 25: / Line 25: @@
 <br>
-As an example of a Secure Boot implementation we can look at NXP's High Assurance Boot or HAB. As a first step of the implementation, an utility is used to generate private and public keys. The private key is used to an encryption of the image that is being build and as a result of this encryption a unique identifier certificate is obtained and attached to the image along with the public key. The hash of the obtained public key is also burned to chip. This process is illustrated in Figure 1.
+As an example of a Secure Boot implementation we can look at NXP's High Assurance Boot or HAB. As a first step of the implementation, an utility is used to generate private and public keys. The private key is used to an encryption of the image that is being build and as a result of this encryption a unique identifier certificate is obtained and attached to the image along with the public key. The hash of the obtained public key is also burned to chip. This process is illustrated in Figure 1 and the process of obtaining the private key certificate is illustrated in Figure 2.
 [[File:HAB key generation.png|650px|thumb|center|Fig 1. HAB key generation. Extracted from [https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/60046/1/i.MX_6_Linux_High_Assurance_Boot_(HAB)_User%2527s_Guide.pdf link]]]
+[[File:HAB certificate generation.png|650px|thumb|center|Fig 2. HAB certificate generation. Extracted from [https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/60046/1/i.MX_6_Linux_High_Assurance_Boot_(HAB)_User%2527s_Guide.pdf link]]]
 <noinclude>