Hi forum,
I am referring to the document Enable Secure Boot and Image Encryption on QCA402x (CDB2x), where the secure boot for QCA4020 is explained.
I stumbled upon the PK_HASH value for OTP fuses that is mentioned in the document. The document describes PK_HASH to be the SHA256 hash of the users root certificate. In the following it seems that this hash is related to a root certificate located in the SDK, qpsa_rootca.cer
What I don't understand is, if this is a user specific certificate, how does the secure boot loader know from the hash the accompanying users certificate to verfiy the secure image? I do not see where the user certificate is loaded into the QCA4020 for this verification.
If it is always the qpsa_rootca.cer and the hash for that certificate, then everyone having the SDK and that cert can sign an image and run it on the SoC.
Maybe I do not understand everything correctly here. Can someone explain how this works with a user specific certificate, and what the secure bootloader is actually verifiying?
Thanks and best regards
Andreas
Andreas
By curiosity, did you figure it out how to validate a user cetificate? I have an updated module that I would like to load to a Qualcomm CV2X Platform (APQ8096AU). The generic SDK signs the Kernel Module with a X509/private key pair which it is not valid on the target platform.
Any suggestions/ideas how to add/include the SDK key pair into the secure boot?
Do you know where the certificates are stored?
Any way to disable secure boot maybe?
Thanks