Secure Boot for Orin NX

I’m following the guidelines here Secure Boot — Jetson Linux Developer Guide documentation for the Jetson Orin NX.
I used the template for the configuration file like this (but with my own values) to enable the Secure Boot with an ECDSA P-521 key, an SBK key, and an OemK1 key:

<genericfuse MagicId="0x45535546" version="1.0.0">
    <fuse name="PublicKeyHash" size="64" value="0x9f0ebf0aec1e2bb30c0838096a6d9de5fb86b1277f182acf135b081e345970167a88612b916128984564086129900066255a881948ab83bebf78c7d627f8fe84"/>
    <fuse name="SecureBootKey" size="32" value="0x123456789abcdef0fedcba987654321000112233445566778899aabbccddeeff"/>
    <fuse name="OemK1" size="32" value="0xf3bedbff9cea44c05b08124e8242a71ec1871d55ef4841eb4e59a56b5f88fb2b"/>
    <fuse name="BootSecurityInfo" size="4" value="0x20b"/>
    <fuse name="SecurityMode" size="4" value="0x1"/>
  • To generate an ECDSA P-521 private key:
    $ openssl ecparam -name secp521r1 -genkey -noout -out ecp521.pem

  • To generate the correspondent ECDSA P-521 public key:
    $ openssl ec -in ecp521.pem -pubout -out public-key.pem

  • Generate PublicKeyHash value from a PKC key pair
    ./ --pubkeyhash ecp521.pubkey ecp521.hash --key ecp521.pem

I also put the SBK in a separate file with the format suggested in the guideline and by saving the file as sbk.key.
I did the same step with the OemK1 key for the Key encryption/decryption phases.

During the “Burn Fuses with the Fuse Configuration file” phase, I used the following syntax:

sudo ./ --test -X fuse_config_security.xml -i 0x23 -k ecp521.pem -S sbk.key jetson-orin-nano-devkit

that basically returns “finished, completed” but if analyze the content, I saw several times the messages like

Assuming zero filled SBK key
Warning: pub_key.key is not found

Probably, something is not working. Can you please help to understand where I am wrong?

PS: If I specify also the tag --auth SBKPKC I receive an error like: Error: wrong “–auth” option is set. The board’s authentication type is: NS.

PS2: If I specify also the OemK2, should I modify also the BootSecurityInfo? How can I assign a value to that field?

For the syntax, probably since I put everything inside the XML file, it is enough to run (but I need a confirmation):

sudo ./ --test -X fuse_config_security.xml -i 0x23 jetson-orin-nano-devkit

For the PS1, I realized that I should not specify any --auth since the board is not fused already.
I have still doubts on the PS2. Further, after the test (or probably I should specify also the option --no-burn), how can I verify that the values that I specified in the XML file will be burned?

hello evilinux,

  1. yes, you should put everything inside the XML file for running fuse burning.

  2. --auth option is only the approach for offline mode fuse burning. it means you don’t need a board when running and, the following property means the current fuse type.
    for instance,
    --auth NS means your board has not fuse yet.
    --auth SBKPKC means your board has fused with PKC+SBK.

  3. please do read the developer guide, Secure Boot.
    since you’re added --test option, it’ll create the fuse blob for verification. you may removing that to actually burn the fuse.

BTW, there’re some similar topics for your reference,
you may see-also… Topic 208426, Topic 265529, and Topic 249507…etc

Ok @JerryChang, but I still have some concerns on these two questions.

  1. So basically, during the test I should not care about these erro (Assuming zero filled SBK key
    Warning: pub_key.key is not found) during the test, right?

  2. If I specify also the OemK2, should I modify also the BootSecurityInfo (I set it at 0x20b but I’m not sure)? How can I assign a value to that field?

  3. @JerryChang you can find in attach the log file after the running test

sudo ./ --test -X fuse_config_security.xml -i 0x23 jetson-orin-nano-devkit

test.log (91.2 KB)

hello evilinux,

we did see those two logs while fuse burning Orin NX.
Assuming zero filled SBK key
Warning: pub_key.key is not found

however, we’ve check and confirm fuse burning, and image flashing on Orin NX with a success.
you may check Topic 263458 for our verification results. thanks

Thanks a lot @JerryChang, but probably I missed something. I have raised 4 concerns that I would like to discuss with you.

  1. May I proceed by fusing these values since you are confirming me that it seems everything ok (even if the warnings related to the Assuming zero filled SBK key, and Warning: pub_key.key is not found)? Or do you think that we should investigate why I have these warnings before to fuse? Could be that it depends by the fact that I’m using the ECDSA P-521 key and by the end of the day it is not compatible with Orin NX?

Or I don’t know if there is a problem with the parser (I tried also without parsing the XML, but the result is the same). I’m using the last version of the JetPack 5.1.2.
Can you please advise me?

  1. The check that I did, was to extract the content of the file fuseblob.tbz2 and open the file fuse_KNKhVQ.xml and verify the matching with my values. That’s it. But I don’t know if I should verify something else.

EDIT: In the bootloader folder, I don’t see any pub_key.key. I’m not understanding what is the problem.

  1. Further, since I used ECDSA P-521 key, should I flash the board in this manner?
sudo ./ -u ecp521.pem -v sbk.key jetson-orin-nano-devkit nvme0n1

where ecp521.pem is the private key (as mentioned in first post), and sbk.key is the SBK key.

I am asking this, because in the guide it is not clear because there is written: <pkc_keyfile>` is an RSA 2K or 3K key file, and in my case it is an ECDSA P-521.

  1. In your cited post, ERROR: might be timeout in USB write after Fuse burning - #8 by JerryChang I didn’t get what are the PscOdmStatic, Kdk0 and the EndorseKey. So, I tried to search, but I did not find any information about it.

If it can be useful, I am suing a seeed studio reComputer J401.

@JerryChang I just realized that I’m working with Jetson Orin NX + Xavier NX Devkit (NVMe), i.e. the configuration is the following one:

Jetson Orin NX (P3767-0000), Production, Jetson Xavier NX reference carrier board (P3509-0000), p3509-a02+p3767-000

So, probably I should proceed in a different manner, by working with RSA 3K, but having the same chip_id (0x23) and by using the script.

hello evilinux,

please double confirm the board configuration,
it is p3509-a02+p3767-0000 if you’re using Orin NX + Xavier NX carrier.

please use RSA-3K Key for fuse burning since I see a note mentioned… Jetson Orin series targets support RSA-3K key only.
let me double confirm internally about using ECDSA P-256 Key.

please refer to below for more details of fuse configuration.

  • PscOdmStatic
    Set the value of it to 0x60. This defines the purpose of OEM_K1 to “encrypt” and OEM_K2 to “KDK(key derive)”. The UEFI encryption feature requires the purpose of OEM_K2 to be kdk.
  • EndorseKey
    This is an asymmetric key which can be burned by users, however, we’ve not fully support it yet, so, you don’t have to bother it.
  • KDK0
    This is a symmetric key which can be burned by users. L4T currently uses it for fTPM. so, we recommend to burn it.
  • SBK
    To enable the encryption of the boot images.

Thanks a lot for your support @JerryChang. I will try and I will let you know. But before to do that, I need to inform you that I switched to JetPack 5.1 for other purposes and I think that I should follow this guide.

However, since I’m using Orin NX + Xavier NX carrier, should I take into account the Orin Reference Fuse Configuration File, right? (I replaced my values with 0xFF

<genericfuse MagicId="0x45535546" version="1.0.0">
    <fuse name="PscOdmStatic" size="4" value="0x60"/>
    <fuse name="BootSecurityInfo" size="4" value="0xFFFFFFFF"/>
    <fuse name="SecurityMode" size="4" value="0x1"/>

As second question, can you please let me know if I need to specify the value of the BootSecurityInfo at this stage? If yes, which value should I put? And why?

However, I tried to test with:

sudo ./ --test -X fuse_config_security.xml -i 0x23 p3509-a02+p3767-0000

In attach the log file of the test (of course the board is in recovery mode). I used the RSA 3K. But as usual I have the same warnings such as:

Assuming zero filled SBK key
Warning: pub_key.key is not found

test.log (85.2 KB) (Please note that I replaced the real values of the keys with the example values).

I tried also the --noburn option (in attach the log):

sudo ./ --noburn -X fuse_config_security.xml -i 0x23 p3509-a02+p3767-0000

noburn.log (48.9 KB)

Can you please advise me?

PS: I also investigated a bit on the forum, and it seems that this user here has the same output and the same warnings.

please check Jetson AGX Orin Fuse Specification for fuse name, FUSE_BOOT_SECURITY_INFO_0 for more details.

1 Like

Yes but it is not clear. So by reading the document, it seems that I should put 001b, but I’m not sure.

Further, I am really confused about the warnings that I mentioned you before and this stuff related to the BootSecurityInfo field. I am afraid to proceed and damage the board since it is the only one that I have in my hands.

Basically, I am stuck here to understand what should I do to solve these issues.

yeah… let me consult with expertise for these two warning messages internally.

1 Like

hello evilinux,

here’s an explanation to ignore these two messages.
Assuming zero filled SBK key
Warning: pub_key.key is not found

as you can see,
it’s calling, for example, --key None .. --pubkeyhash pub_key.key

because it’s command with a None key, --key None and, pub_key.key were passed in as zero by default.

1 Like

Thanks a lot for the investigation @JerryChang.
However, still it is not clear which kind of value I should put for the BootSecurityInfo field.

I read the guide that you linked, but for me it is not clear which kind of value I should use for this particular configuration where I defined also other keys.

If you have some hints on how to calculate, or if there is a standard value for my configuration, or if I can leave blank that field, please let me know.

had you check [Jetson Orin Fuse Specification] as mentioned in comment #13?

Yes @JerryChang, I had a check on that file, but for me it is not clear, because I have:
PublicKeyHash (RSA 3K), SecureBootKey (SBK), Kdk0, OemK1 and OemK2.

Considering the first 16 bits

[BIT]  15 14 13 12 11 10 09 08 07 06 05 04 03 02 01 00
[VAL]   0  0  0  0  0  0  1  0  0  0  0  1  1  0  0  1

in this case:

  • 00 bit is 1 because I’m using the RSA 3K
  • 03 bit is 1 because I’m using the SBK
  • 04 bit is 1 because I think that I should enable the ODM FEK usage enable (but I’m not sure)
  • 09 bit is 1 for the ODM Key Valid

but what about the Kdk0, OemK1 and OemK2? Here I’m confused.

So basically the value that I got in binary is: 0000001000011001 that in HEX is 0x219.
So, is it correct, or I should disable the bit 04?

hello evilinux,

those were all correct besides bit-4.
bit-4 should NOT be enabled because that is for fuse encryption.

we recommend to burn bit-11 and bit-13 as well, so that when someday you needs DICE or fTPM support, you don’t have to burn BootSecurityInfo again.

1 Like

Ok @JerryChang, so basically the BootSecurityInfo value that I should use is the 0X2A09. I will update you in these days or as soon as I plan to proceed by fusing the board. I will proceed as you suggested by ignoring the warning messages, since I will use only the XML file.