FAQ_MA35D1_Build and Enable Secure Boot Image

Post Reply
ytliu6
Posts: 79
Joined: 08 Nov 2022, 10:28

03 Jan 2023, 14:11

First, you need to write the public and private key to OTP
Refer to UM_EN_MA35D1_NuWriter for writing key to OTP

Buildroot:

1. Enable MA35D1 Secure Boot and enter the key you want

Code: Select all

$ make menuconfig

Bootloaders --->
   [*] MA35D1 Secure Boot
   () AES Key
   () ECDSA Key
2. Rebuild the Image

Code: Select all

$ make
3. The otp_key.json will be generated in the folder below

Code: Select all

/buildroot/output/images/nuwriter/otp_key.json
4. Write the three keys to MA35D1 OTP by NuWriter
publicx, publicy, aeskey
5. Program the Image to the target board
6. Remember switch PG0 ON to enable secure boot

Yocto:

1. Edit the target board configuration

Code: Select all

$ ~/yocto/source/meta-ma35d1/conf/machine/numaker-som-ma35d1681.conf

...
AES_KEY = “ ”
ECDSA_KEY = “ ”
...
2. Rebuild the Image

Code: Select all

$ bitbake nvt-image-qt5
3. The otp_key_sdcard.json will be generated in the folder below

Code: Select all

~/shared/yocto/build/tmp-glibc/deploy/images/numaker-som-ma35d16a81/nuwriter/otp_key_sdcard.json
4. Write the three keys to MA35D1 OTP by NuWriter
publicx, publicy, aeskey
5. Program the Image to the target board
6. Remember switch PG0 ON to enable secure boot
Top
Post Reply

Return to “FAQ”



  • Information

  • Who is online

    Users browsing this forum: No registered users and 7 guests