Module lpc55::secure_binary
source · [−]Expand description
Generator and parser for signed firmware and SB (secure binary) files
The format is as follows:
Sb21HeaderPart:
- Sb2Header (6 blocks, 96B)
- DigestHMAC (2 blocks, 32B = HMAC(boot tag HMAC | section HMAC))
- Keyblob (5 blocks, 80B)
- CertificateBlockHeader (2 blocks, 32B)
- Certificate length (4B)
- Certificate DER data (word-padded)
- ROT fingerprints (8 blocks, 4x32B = 128B)
- Signature (16 blocks, 256B = 2048 bits)
Sb21CommandPart:
- encrypted boot tag (16B)
- boot tag HMAC (32B = HMAC(encrypted boot tag))
- section HMAC (32B = HMAC(encrypted command section))
- encrypted command section (variable, block padded)
Key blob is the AES-keywrap (with SBKEK) of a 32B “data encryption key” (DEK) and a 32B “message authentication key” (MAC). Keywrap adds an 8B tag, which is further block padded with 8 zeros to 80B.
The RSA2k signature is over all that precedes it, in particular the HMAC of the HMACs of the command part.
Modules
Structs
Main configuration file format for chip configuration and secure/signed firmware
image/container generation.
Firmware versions and image locations.
For the proprietary use case, firmware inside the “commands” is encrypted.
This works by using a “random” encryption key and a “random” HMAC key, both of which
are AES-keywrapped with a “secure boot” key encryption key (denoted SBKEK), which
is pre-shared with devices that will receive the SB file.
ISO 8601 calendar date without timezone.
Allows for every proleptic Gregorian date
from Jan 1, 262145 BCE to Dec 31, 262143 CE.
Also supports the conversion from ISO 8601 ordinal and week date.
full size: 0x60 = 96 bytes
Version of a firmware.