Enable Secure Boot for Pre-UEFI Phases
You can enable end-to-end secure boot for your production NVIDIA IGX device. For an overview, see Secure Boot for IGX.
Secure boot for pre-UEFI phases uses the NVIDIA SoC fuses stored root of trust to authenticate boot codes from Orin power-up to the code end before UEFI.
To enable secure boot for pre-UEFI phases, do the following steps:
To request the Factory Secure Key Provisioning (FSKP) expansion keys, contact your NVIDIA representative. Your representative also provides you with the FSKP Expansion Key Provisioning and Fuse Burning Toolkit Deployment Guide.
To generate the encrypted and signed blob, do the following steps:
A. Generate the 3 PKC Asymmetric Key Pairs
IGX Orin’s fuse supports three types of public key cryptography (PKC) keys: RSA 3K, ECDSA P-256, and ECDSA P-521. The fuse can store only store three hashed keys. Each of the three keys must use the same type of cryptography.
The following example generates keys by using RSA 3K.
To generate the PKC private keys
rsa3k-0.pem
,rsa3k-1.pem
, andrsa3k-2.pem
, run the following code.openssl genrsa -out rsa3k-0.pem 3072 openssl genrsa -out rsa3k-1.pem 3072 openssl genrsa -out rsa3k-2.pem 3072
To generate the public key hash values from the PKC private keys, run the following code.
./tegrasign_v3.py --pubkeyhash rsa3k-0.pubkey rsa3k-0.hash --key rsa3k-0.pem ./tegrasign_v3.py --pubkeyhash rsa3k-1.pubkey rsa3k-1.hash --key rsa3k-1.pem ./tegrasign_v3.py --pubkeyhash rsa3k-2.pubkey rsa3k-2.hash --key rsa3k-2.pem
Later you add the hashes to the fuse configuration file.
Guard your private keys. The security of your IGX device depends on the security of your private keys.
B. (Optional) Generate an SBK Symmetric Key
To further enhance secure boot, you can optionally encrypt bootloader components.
You can’t encrypt bootloader components if secure boot is not enabled.
To encyrpt bootloader components, you use a symmetric SBK key fused to the IGX’s SoC. The SBK key is used as an encryption key when the bootloader components are generated. The SBK key is used as a decryption key when the IGX Orin is booted.
The IGX Orin SoC requires an SBK key of eight 32-bit words (32 bytes) in length. To generate a 32-byte SBK key, run the following code.
openssl rand -rand /dev/urandom -hex 32 2>&1 |tee sbk.key
Later you add the key to the fuse configuration file.
We recommend that you use the Hardware Security Module (HSM) to generate a truly random number for an SBK key.
Guard your private key. The security of your IGX device depends on the security of your private key.
C. Prepare the K1 and K2 keys
The K1 (OemK1) and K2 (OemK2) keys are pre-fused 256b symmetry keys which you can use for other security applications, such as encrypted keyblob generation or device provisioning. The K1 key is reserved for generating the new EKB. You must prepare these two keys, and other ODM fuse bits, as described in the documentation for the other security application.
For IGX Orin, the fuse key names are OemK1 and OemK2, and the key length must be 32 bytes. To generate a 32-byte OemK1 key file, run the following code.
openssl rand -rand /dev/urandom -hex 32 2>&1 |tee OemK1
Later you add the key to the fuse configuration file.
We recommend that you use the Hardware Security Module (HSM) to generate a truly random number for K1/K2 keys.
Guard your private key files. The security of your IGX device depends on the security of your private key files.
D. Prepare the fuse Configuration file
The fuse configuration file contains the fuse data, a list of fuses, and the value to be burned in each fuse. The FSKP tool uses the configuration file to program the fuses.
After secure boot mode is enabled, the fuse is locked and can’t be changed.
A fuse configuration file contains a <genericfuse>
element,
and one <fuse>
element for each fuse to burn.
The three PKC keys are named PublicKeyHash
, PkcPubkeyHash1
, and PkcPubkeyHash2
,
and the names are case sensitive.
The fuse SecurityMode
must be the last element in the file.
The fuse BootSecurityInfo
contains a 4-byte value which you must set by using the following information:
Bit[0:2]: - set to
001b
for RSA 3K - set to010b
for ECDSA P-256 - set to011b
for ECDSA P-521Bit[3]: set to 1 if you are using an optional SBK key
Bit[9]: set to 1 for the OEM K1 and K2 keys
Bit[11]: set to 1
Bit[13]: set to 1
Set all other bits to 0
The following is an example of an IGX Orin fuse configuration file. The file contains three RSA 3K keys, an SBK Key, and OemK1 and OemK2 keys.
<genericfuse MagicId="0x45535546" version="1.0.0">
<fuse name="PscOdmStatic" size="4" value="0x00000060"/>
<fuse name="Kdk0" size="32" value="0x6208e3cd81ed0cd77b214db0c875ade40c26bca09382ad82cd0e24046cc8c64e"/>
<fuse name="PublicKeyHash" size="64" value="0xad2474627c14e3f7f4944a832bd15d0640938a3dc162f558692458f3d12f9453e11bea2ec75df3f83e8b29c47fc3d2483d528d3e94a5469c4ba1ec61f1584b23"/>
<fuse name="PkcPubkeyHash1" size="64" value="0xd87796fb510d79738f8509c98511be0bb79dcc17d204a2f0f0bea9680b91bd1273ee2ae7a8a6bdb8b95deb0f421e72404939ae20d12c82649712283027201f39"/>
<fuse name="PkcPubkeyHash2" size="64" value="0x99a5b6eac64dfb29698cb684165529e5d8650c1aab0e18b677c5d5f0998af53f8a8a1f09ad1d79368bc500e57eb199e9108fc7b1499995d869b028fec3f367db"/>
<fuse name="SecureBootKey" size="32" value="0x123456789abcdef0fedcba9876543210 00112233445566778899aabbccddeeff"/>
<fuse name="OemK1" size="32" value="0xf3bedbff9cea44c05b08124e8242a71ec1871d55ef4841eb4e59a56b5f88fb2b"/>
<fuse name="OemK2" size="32" value="0x76d723099bc81a39cfc8bd109deb7ef39aa1d0f5ab4658180ad33e1d983a2e84"/>
<fuse name="OptInEnable" size="4" value="0x1"/>
<fuse name="BootSecurityInfo" size="4" value="0x2a09"/>
<fuse name="ArmJtagDisable" size="4" value="0x1"/>
<fuse name="SecurityMode" size="4" value="0x1"/>
</genericfuse>
Although the fuse configuration file contains XML, it does not need the <?xml ?>
prolog defined by the XML standard. If you want to run general purpose XML utilities on your configuration file, you can add a prolog.
E. Generate the Encrypted and Signed Blob
To generate the encrypted and signed blob
with the with the Factory Secure Key Provisioning (FSKP) expansion keys, run the following code.
Replace fuseblob.xml
with the name of your fuse configuration file.
sudo ./fskp_fuseburn.py --board-spec igx-board-spec.txt -f fuseblob.xml -i 62 -b \
--key-exp fskp_ak.bin fskp_ek.bin --fskpcfg fskp_conf.txt -g out/ -c 0x23 -B <top>/igx-orin-devkit.conf
To burn the fuses, run the following code.
sudo ./fskp_fuseburn.py --board-spec igx-board-spec.txt -P ./out -c 0x23 -B <top> /igx-orin-devkit.conf
To read the fuse values through the Linux kernel, use the script /usr/sbin/nv_fuse_read.sh
.
To list the supported fuses, run the following code.
sudo nv_fuse_read.sh -l
To read the value of a fuse, run the following code.
sudo nv_fuse_read.sh <fuse name>
For example, use the following code to get the exclusive chip identification (ECID) of the IGX board.
sudo nv_fuse_read.sh ecid
To read all fuse values, run the following code.
sudo nv_fuse_read.sh
To generate the encrypted and signed blob, do the following steps:
A. Generate a New EKB File
Generate the EKB file after you program the IGX fuse, and before you flash the QSPI image.
There are four keys included in the EKB file.
The OemK1 key is fused to IGX fuse.
The other three keys are generated by the NVIDIA-provided script example.sh
.
Any time you sign and flash the QSPI image, copy the eks_t234.img
file to the <Linux_fo_Tegra>/bootloader
directory.
You need the following prerequisites:
Python 3.9 or newer
pip3 install cryptography
pip3 install pycryptodome
Download
public_sources.tbz2
from the IGX Download Center.wget https://developer.nvidia.com/downloads/igx/v1.0.0/public_sources.tbz2
Untar
public_source.tbz2
, change to the folderLinux_for_Tegra/source
, untar nvidia-jetson-optee-source.tbz2.tar -xvf public_source.tbz2 cd Linux_for_Tegra/source tar -xvf nvidia-jetson-optee-source.tbz2
Change to the folder optee/samples/hwkey-agent/host/tool/gen_ekb/.
cd ./optee/samples/hwkey-agent/host/tool/gen_ekb/
Open the file
example.sh
with your text editor and make the following changes to the file.Go to the [T194 example] section and comment out the python gen_ekb.py. This section should not be run.
Go to the [T234 example] section and uncomment
#echo "0000000000000000000000000000000000000000000000000000000000000000" > oem_k1.key
.Replace
0000000000000000000000000000000000000000000000000000000000000000
with your fused Oem K1 key.Uncomment the following lines.
# openssl rand -rand /dev/urandom -hex 32 > sym_t234.key # openssl rand -rand /dev/urandom -hex 16 > sym2_t234.key # openssl rand -rand /dev/urandom -hex 16 > auth_t234.key
Save your changes to
example.sh
and exit the file.Run ./example.sh. The file
eks_t234.img
is generated.Copy
eks_t234.img
to the folder<Linux_for_Tegra>/bootloader
.
B. Flash QSPI
We recommend that you enable UEFI secure boot with QSPI secure boot at the same time. For details, see Enable UEFI Secure Boot at Flash Time.
If you want to enable QSPI secure boot only, use the following procedure.
Navigate to the directory where you installed Jetson BSP.
Put the IGX device into recovery mode. For details, see Put the system into recovery mode.
To sign QSPI with the
rsak3k-0.pem
key, run the following code. To optionally encrypt the payload with an SBK key, include the-v
option and thesbk.key
file argument.sudo ./flash.sh p3740-0002-p3701-0008-qspi external -u rsa3k-0.pem — Or — sudo ./flash.sh p3740-0002-p3701-0008-qspi external -u rsa3k-0.pem -v sbk.key
After you complete the steps in this documentation, see Enable Secure Boot for UEFI.