Skip to main content
Version: Next

3.4.6.1: Auto chips HSM

1: Tips

caution

Power Writer support for the HSM function of the AC784x or AC780x security chip only enables the offline mode, meaning it is not possible to connect the programmer and the chip using the PowerWriter client software for real-time operations. Before configuring the PowerWriter HSM plugin, one needs to be proficient in the usage process and parameter configuration methods of the official development verification software ATC link tools from Auto chips. PowerWriter has reorganized the official software process and logical relationships for the offline function support of the HSM function, and the interface is more concise.

tip

The configuration property names of the Power Writer HSM plugin are basically the same as those of the official tool ATC Link Tools. Therefore, this document will not list the corresponding relationships of each parameter one by one.

2:Entry

After selecting the Auto Chips AC784x chip, you will see the image-20251210154238417 button in the toolbar. This function interface is the configuration entry for the HSM offline programming plugin of the Auto chips AC784x chip, as shown in the following figure:

image-20251210154224752

3:HSM Configure

image-20251210154317419

3.1:Root key

image-20251210154334124

Before configuring HSM, the root key usually needs to be configured first. The PowerWriter automatically enables the function of configuring the root key. Please check or adjust it according to the actual application scenario.

3.2:HSM algorithm configure

image-20251210154406266

  • OTP Key Decryption Algorithm: Sets the encryption and decryption algorithm for the HSM key (certificate) data. You can choose one of the following options:
    • AES128: Set to the AES128-CBC encryption and decryption algorithm.
    • SM4: Set to the SM4 encryption and decryption algorithm.
  • HSM Firmware Secure Boot Algorithm: Set the verification algorithm for the secure boot of the HSM firmware. It can be set to one of the following options:
    • RSA2048 (asymmetric): The public key (E(64) + N(256) = 320 bytes) is input through the interface.
    • SM2 (Asymmetric): Enter the public key on the interface (64 bytes. The first byte indicates the compression format. If the key is 65 bytes long, please remove the first byte before filling in).
    • AES128_CMAC (Symmetric): The interface accepts the original password as input, with a length of 16 bytes.
    • SM4_CMAC (Symmetric): The original password is input through the interface, with a length of 16 bytes.
  • HSM FW verification key: Sets the verification algorithm for the HSM firmware during startup. The data length is specified in the HSM firmware secure startup algorithm configuration.
  • HSM Firmware Installation and Upgrade Algorithm: Set the verification algorithm for HSM firmware installation or upgrade. The type and format of the algorithm are the same as those for the HSM firmware secure boot algorithm settings. Therefore, no further explanation is provided here.
  • HSM FW upgrade encryption key: Sets the data encryption and decryption algorithm for HSM firmware installation or upgrade. The length is 16 bytes and must comply with the following rules:
    • The encryption algorithm corresponding to the RSA signature algorithm is AES128-CBC.
    • The encryption algorithm corresponding to the SM2 signature algorithm is SM4-CBC.
    • The encryption algorithm corresponding to the signature AES128-CMAC is AES128-CBC.
    • The encryption algorithm corresponding to the signature SM4-CMAC is SM4-CBC.
  • HSM Firmware: Includes the necessary HSM security firmware required for installation or upgrade.
    • X: When the x button is clicked, the imported HSM firmware can be cleared.

3.3:Secure debug

HSM supports the setting of debugging access permissions, and can configure the debugging access authentication function of the chip, as well as the secure debugging configuration. It supports configuration and authentication. The configuration interface is as follows:

image-20251210154627626

  • Enable Security Debugging Configuration (or Authentication): Turn on the configuration or authentication switch.

  • Soc Debug Key: Set the algorithm type used for secure debugging. The following types of algorithms are supported:

    • ECC256: Configured as the ECC signature verification algorithm.
    • SM2: Set to SM2 signature verification algorithm.

  • Public Key: Set the public key required for configuring secure debugging. The length should be 64 bytes.

    tip

    The public key is used in both the configuration process and the authentication process. If the public key is left blank, even if the interface is configured to be enabled, the functions of the current module will be disabled.

  • Private Key: Set the private key required for the authentication security debugging. The length should be 32 bytes.

    caution

    When reprogramming a chip that has enabled the security debugging function, a private key must be provided; otherwise, authentication cannot be performed, resulting in failure to access the chip and thus programming failure. When the chip does not have security debugging enabled, this setting can be left blank, indicating that no authentication is required.

3.4:Soc secure boot

Soc Security Boot refers to the security boot verification function of the Soc firmware, which is used to check whether the firmware has been modified. This firmware is not the HSM firmware, but rather the user firmware. The configuration interface is as follows:

image-20251210154746053

  • Enable Secure Boot: Enable the secure boot configuration function of the SOC firmware.

  • Security Startup Algorithm: The configuration method is the same as that of the HSM verification algorithm, as described in HSM FW verify key.

  • Soc FW Verify Key:配置方法同 HSM 校验算法,见 HSM FW verify key

    tip

    Although the methods for configuring SOC secure boot and HSM secure boot are the same, they are not directly related and can be set independently.

3.4:Soc secure boot params

After enabling the SOC firmware secure boot function, it is necessary to check and set the secure boot parameters of the SOC firmware. If the parameters are not provided or the parameter settings are incorrect, when the programmer configures the target chip, it will result in the chip being unable to perform normal boot. The interface for configuring the secure boot parameters is as follows:

image-20251210154916943

  • Image verification address: Set the verification address information for the secure boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image verification size: Set the verification size for the secure boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image Signature Address: Set the signature data address for the secure boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image Signature Content: The signature data content for enabling Secure Boot in the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image Signature Public Key Address: The storage address for the public key used for signing the SOC secure boot process. Please refer to the parameter settings of the ATC Link tool.
  • Image Signature Public Key Content: The public key content used for signing the settings for Secure Boot on the SOC. Please refer to the parameter settings of the ATC Link tool.
  • Image verification header address: Set the storage address for the verification header used in the secure boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image verification header size: Set the size of the verification header for the secure boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Image verification version address: Set the storage address for the verification version of the Secure Boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
  • Boot info Address: Set the address for Boot info information of the Secure Boot of the SoC. Please refer to the parameter settings of the ATC Link tool.
caution

After enabling the Soc secure boot, please make sure to check the secure boot parameter settings. Incorrect parameter configuration will prevent the target chip from booting.

3.5:Other

During the configuration process of HSM, the key levels of relevant certificates can be set. After completing all the product configurations, the product's life cycle can also be set for life cycle management, as shown below:

image-20251210155525491

  • Key level: When setting the HSM configuration, the key level is set to Level 1 by default.
  • Set Lifecycle: Set the product's lifecycle. When this setting is enabled, PowerWriter will switch the product's lifecycle after completing all HSM configurations.