SSL Boot

How can the ROM API feature be used to implement secondary stage booting? How can it be used to implement secure boot using custom keys?



tag
[edited by: lallison at 3:55 PM (GMT 0) on 3 Sep 2019]
  • +1
    •  Analog Employees 
    on Aug 21, 2019 7:41 AM over 1 year ago

    The ROM API adi_rom_Boot() can be used to invoke one of the boot modes with options different from that during POR. For example, SPI2 is the default instance for SPI master boot, however with ROM API call, SPI0 or SPI1 instance can be used. Similarily, tThe DTR modes of the OSPI do not work by default. For these modes to work, the read delay values in the controller has to be updated using the ROM API.

    ROM API can also be used to implement secure boot using custom keys. The secure keys can be passed via the hook routine.
    Hence the secure boot can be tested without/before programing the keys into the OTP locations.

    The example codes for SSL for normal boot and secure boot are given here.

    SSL.zip

  • I tried this code on a ADSP-21569 EZ-KIT as init code and it loads the init code but the call to 

    adi_rom_Boot((void *) START_ADDRESS, 0, 0, 0 ,BootCmd);

    Doesn't load the application. I added some code at the top of main to stall while the emulator connects. After calling adi_rom_Boot, I wind up back at the top of the init code. 

    I'm guessing that the flags or BootCmd arguments are not correct for the EZ-KIT but haven't been able to figure out the correct values.