I am currently working with my Master’s thesis on researching and implementing/testing state of the art techniques of Verified boot in embedded systems with hard real-time constraints. I thought that it was a good idea to buy a Raspberry Pi 3 (RPi3) to do some tests.
I have been searching for some dedicated cryptographic co-processors with the TPM specification implemented or just a general Hardware Security Module (HSM) for the RPi3 for the past days. One of the options is your product which seems to be a promising solution to my problem.
My question is whether or not you provide drivers or code alike to make it possible for the RPi3 to communicate with your security module during the bootup process (e.g. during the second stage bootloader or earlier)? And if so, are there guides?. Because I would like to verify the integrity of certain stages during the boot process by comparing the hash values or signatures (depending on the technique I use) of images containing the code for the different bootup stages. So basically my plan is to implement a simple Chain of Trust (CoT) concept to provide a Verified boot process.
As far as I understood, the Zymbit security module is (only?) accessible after a fully successful bootup (from the application layer), which in that case would be pointless for me to purchase.
Thanks in advance,