Jump to content

RidgeRun Platform Security Manual/Platform Security/Secure Boot: Difference between revisions

RidgeRun Platform Security Manual/Platform Security/Secure Boot (view source)

Revision as of 22:45, 22 January 2025

737 bytes added ,  22 January
no edit summary
VisualWikitext
No edit summary
No edit summary
Line 30: Line 30:


[[File:HAB certificate generation.png|650px|thumb|center|Fig 2. HAB certificate generation. Extracted from [https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/60046/1/i.MX_6_Linux_High_Assurance_Boot_(HAB)_User%2527s_Guide.pdf link]]]
[[File:HAB certificate generation.png|650px|thumb|center|Fig 2. HAB certificate generation. Extracted from [https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/60046/1/i.MX_6_Linux_High_Assurance_Boot_(HAB)_User%2527s_Guide.pdf link]]]
When an image is loaded into the board, the public key is used to decrypt the certificate. After this, the obtained certificate is compared with the image to ensure that they match. If the match is successful, the image can be trusted can the system will boot as normal, but if a match was not obtained the image is deemed unsafe and the system won't boot. A correct certificate can only be obtained if an user has access to the private key. This process is illustrated in Figure 3.
[[File:HAB authentication.png|650px|thumb|center|Fig 2. HAB authentication process. Extracted from [https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/60046/1/i.MX_6_Linux_High_Assurance_Boot_(HAB)_User%2527s_Guide.pdf link]]]


<noinclude>
<noinclude>
Cjimenez
298

edits

Retrieved from "https://developer.ridgerun.com/wiki/index.php/Special:MobileDiff/64000"
Cookies help us deliver our services. By using our services, you agree to our use of cookies.