US 12,216,765 B2
Identity-based verification of software code layers
Mukund P. Khatri, Austin, TX (US); Eugene David Cho, Austin, TX (US); and Milton Olavo Decarvalho Taveira, Round Rock, TX (US)
Assigned to Dell Products L.P., Round Rock, TX (US)
Filed by Dell Products L.P., Round Rock, TX (US)
Filed on Oct. 26, 2022, as Appl. No. 17/973,793.
Prior Publication US 2024/0143769 A1, May 2, 2024
Int. Cl. G06F 21/57 (2013.01); G06F 21/60 (2013.01); H04L 9/32 (2006.01)
CPC G06F 21/575 (2013.01) [G06F 21/602 (2013.01); H04L 9/3247 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
obtaining, by a current layer of a plurality of layers of software code executing on a security processor of a security sub-system, in connection with a boot of the security sub-system, an identity key of the current layer of software code, wherein the identity key of the current layer of software code is based at least in part on at least one value generated during a provisioning of the security sub-system, wherein the at least one value is based at least in part on a firmware image of at least one layer of the plurality of layers of software code;
obtaining an encrypted secure boot public key of a next layer of software code;
decrypting the encrypted secure boot public key of the next layer of software code using the obtained identity key of the current layer of software code;
verifying the next layer of software code using the decrypted secure boot public key of the next layer of software code; and
initiating execution of the next layer of software code based at least in part on a result of the verifying;
wherein the method is performed by at least one processing device comprising a processor coupled to a memory.