Not exactly, the Raspberry Pi public key is still in the chip ROM and the customer key is stored in the EEPROM with they key hash in OTP as before.Interesting. So there is enough room in the EEPROM to hold 2 public keys, the dev key and the production key.Hey there am actually bit new to secure boot , Recently i have saw this
https://github.com/raspberrypi/usbboot/ ... /README.md repository and i tried it in raspberry pi.
I was able to set secure boot on pi 5 ,
Now i i want to use operating system on sd card how can i do it?
Please can anyone guide me to how to flash a operating system with private key to the sd card ?
Thank you.
The significant change is that the bootROM request that the firmware is signed both the RPi key AND the customer key. So there are now two signatures for the firwmare i.e. once the customer key hash is programmed the firmware MUST be counter signed.
The firmware binaries and rpiboot tools are now published in order to support the development of higher level tools (e.g. CMPROVISION) which will make this much easier to use for non-experts. Whilst functional this should be consider public BETA and for information only.
Statistics: Posted by timg236 — Thu May 02, 2024 11:39 am
