RidgeRun Platform Security Manual/Platform Security/Secure Boot: Difference between revisions

Nvidia supports '''UEFI Secure Boot''' on its Jetson Platforms, which uses RSA to validate the authenticity and integrity of the code. Private and public keys must be generated by the developer and then attached to the system in the form of an UEFI authenticated variable.

After keys have been enrolled in the target system, they must be used to sign the UEFI payloads that are going to be generated when the image is created. This payloads include the L4tLauncher, kernel, kernel-dtb with private key and flash signed images. After this, when an image is loaded into the system, the UEFI is going to verify the image signature by using the associated certificate/public key at boot time, and if there is a match the system will boot normally. This process is illustrated in figure 1.

As an example of a Secure Boot implementation, we can look at '''NXP's High Assurance Boot or HAB'''. As a first step of the implementation, a '''utility is used to generate private and public keys'''. The private key is used to encrypt the image that is being built, and as a result of this encryption, a unique identifier certificate is obtained and attached to the image along with the public key. The hash of the obtained public key is also burned to chip. This process is illustrated in Figure 1 and the process of obtaining the private key certificate is illustrated in Figure 2.

When an image is loaded into the board, the public key decrypts the certificate. After this, the obtained certificate is compared with the image to ensure they match. If the match is successful, the image can be trusted, and the system will boot as normal. However, the image is deemed unsafe if a match is not obtained, and the system won't boot. A correct certificate can only be obtained if a user has access to the private key. This process is illustrated in Figure 3.