Castles Technology Co., Ltd.
Confidential • All Right Reserved.
Pg.
31
4. Secure File Loading
Castles implemented an interface in terminal named User Loader(ULD) to provide secure file
loading to system memory. Loading of user application, kernel firmware, font and others
must use User Loader.
The loading process is secure by signing the files using ULD Key System.
4.1. ULD Key System
The ULD Key System uses two key sets for securely managing the kernel
updating and application downloading. Each key set contains two RSA key pairs.
One is used for key encryption and the other is used for signature. These two key
sets are specified as below:
ULD Manufacturer Key Set
ULD Manufacturer Key Encryption Key (RSA)
ULD Manufacturer Signature Key (RSA)
ULD User Key Set
ULD User Key Encryption Key (RSA)
ULD User Signature Key (RSA)
For VEGA5000S, the RSA key length is 2048bits.
4.1.1. ULD Manufacturer Key
The system consists of several kernel modules. These kernel modules
are provided by the Manufacturer, and released in CAP format file with
encryption and signing via ULD Manufacturer Keys.
The ULD Manufacturer keys are managed and maintained by the
manufacturer. The manufacturer uses these keys to generate kernel
CAP files for updating the system. However, the system is not permited
to be updated with these kernel CAP files directly generated by the
manufacturer. This is because only the user can have the privilege to
decide whether the system is to be updated. Therefore, before system