Skip to main content
AVazquez
AVazquez
Associate III
September 21, 2020
Solved

[Secure boot] Is it possible to add kernel authentication?

  • September 21, 2020
  • 2 replies
  • 762 views

Hi,all!

In the wiki about secure boot, only FSBL and SSBL files are signed and authenticated.

It would be very interesting and useful if you could also sign and authenticate the kernel and increase security.

Is this possible?

This topic has been closed for replies.
Best answer by Olivier GALLIEN

Hi @AVazquez​ ,

It's possible to authenticate any level of application code but ST only provide complete support/guideline for Secure Boot part.

Authentication of kernel and upper layer can be done using standard community methodology.

2 Kbytes in the OTP register are available to store extra keys.

Olivier

2 replies

Olivier GALLIEN
Olivier GALLIENBest answer
Technical Moderator
September 25, 2020

Hi @AVazquez​ ,

It's possible to authenticate any level of application code but ST only provide complete support/guideline for Secure Boot part.

Authentication of kernel and upper layer can be done using standard community methodology.

2 Kbytes in the OTP register are available to store extra keys.

Olivier

Olivier GALLIEN In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
AVazquez
AVazquezAuthor
Associate III
September 26, 2020

Perfect!

Thanks!

Terms & ConditionsAccessibility statement