Add note on writing OTP to enc bootloader #553
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lurch
reviewed
Sep 25, 2024
|
Would it be sensible for this README to refer people to chapter 10 of https://datasheets.raspberrypi.com/rp2350/rp2350-datasheet.pdf for more information about secure boot ? |
|
Maybe chapter 5.10.1 instead, as that has more details on how to actually sign binaries? Or could point to both chapters |
I'll leave that decision entirely up to you, as you understand all of this much better than I do! |
will-v-pi
commented
Sep 25, 2024
kilograham
reviewed
Nov 19, 2024
bootloaders/encrypted/README.md
Outdated
| @@ -4,12 +4,19 @@ Replace private.pem and privateaes.bin with your own keys - your signing key mus | |||
| openssl ecparam -name secp256k1 -genkey -out private.pem | |||
| ``` | |||
|
|
|||
| The AES key is just be a 32 byte binary file - you can create one with | |||
| The AES key is just a 32 byte binary file - you can create one with | |||
kilograham
reviewed
Nov 19, 2024
bootloaders/encrypted/README.md
Outdated
|
|
||
| ```bash | ||
| dd if=/dev/urandom of=privateaes.bin bs=1 count=32 | ||
| ``` | ||
|
|
||
| You will need to program your OTP using the generated `otp.json` file in the build folder. Note that this will enable secure boot on your device, so only signed binaries can run, and will also lock down the OTP page the AES key is stored in. If you wish to test without enabling secure boot then you can load the `otp.json` file in the source folder, which will just program the AES key and lock down that OTP page. |
There was a problem hiding this comment.
is it clear what "the source folder" and "the build folder" are?
There was a problem hiding this comment.
I wonder if it's worth adding a note telling the user that it's important that they don't lose the private.pem and privateaes.bin files?
will-v-pi
added a commit
that referenced
this pull request
Feb 26, 2025
This includes the changes from #553
|
Superseded by #619 |
will-v-pi
added a commit
that referenced
this pull request
Mar 26, 2025
This includes the changes from #553
will-v-pi
added a commit
that referenced
this pull request
Mar 26, 2025
This includes the changes from #553
kilograham
pushed a commit
that referenced
this pull request
May 29, 2025
* Use key share for AES file Update CMake tooling to use 128 byte key files (a 4-way share of the 32 byte key). Also temporarily update the enc_bootloader to deshare this key - the actual fix will need to be in aes.S. * Improve checking for malicious flash data Add data_max_size to prevent overwriting the bootloader with data from flash * Incorporate latest changes to aes.S Also shrink the space allocated for the bootloader to 32K (plus 8K scratch) * Encorporated latest encryption code with 4-way shares Also switch to random default key * Apply encrypted-example 6de8084b6eda * Add hello_encrypted example * Use new `enable_interrupts` function * Remove update-key.cmake This is not necessary anymore, now picotool writes the AES key to otp json files Fixes #613 * Add hello_encrypted to readme * Update enc_bootloader with latest aes.S (picotool 333d571c) CK_JITTER is removed as the enc_bootloader runs from XOSC not ROSC * Add IV salts * Update with latest aes.S * Update readmes This includes the changes from #553 * Add secret file to print out This is useful for testing decryption with large files * Add notes about unique AES keys, and not losing keys/salts * Update readmes * Fix enc_bootloader example OTP output * Remove OTP key locking functionality from encrypted examples * Improve TBYB sequence Add self check (1 == 1), which is only performed on first boot * Review fixups Comments and readme * Add MbedTLS self-decrypting example
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add a note on how to write the AES key to OTP to the encrypted bootloader readme - prompted by #552