i.MX ProcessorsのトピックRe: i.MX6DL - HAB4 doesn't verify signature in 'open' configuration?

i.MX6DL - HAB4 doesn't verify signature in 'open' configuration?

christian_neuwi — Tue, 29 Aug 2017 16:52:12 GMT

Hi,

I've been working for the last couple of weeks to get secure boot in U-Boot operational on our own hardware based on the i.MX6DL. Everything seemed to work fine and according to expectations until I ran some final tests before 'closing' the device, i.e. blowing the fuse SEC_CONFIG.

It seems that the HAB4 does determine 'tampering' with a signed image as expected, but it does not determine when an image was signed with a different set of keys.

In other words:

I created a set of keys using CST 2.3.2 and flashed the fuses in the i.MX6 accordingly.
Booting seems to work fine, i.e. 'hab_status' reports no events.
I signed an arbitrary image with the keys created in step #1.
I downloaded that image to the board and it was authenticated successfully by 'hab_auth_img'.
I 'tampered' with the downloaded image and authentication failed, i.e. 'hab_auth_img' and 'hab_status' report HAB events.
I created a different set of keys using CST 2.3.2.
I signed the same image that was used in step #3 with the keys created in step #6.
I downloaded that image to the board and it was still authenticated successfully by 'hab_auth_img'.

Note that I patched authenticate_image() in <U-Boot Root>/arch/arm/imx-common/hab.c a bit so that an image is authenticated also when the SEC_CONFIG fuse is not blown.

I'm really confused by this behavior.

Does 'full' authentication work only when the device is 'closed'?

Or do you have another explanation?

Best regard,
Chris.

Re: i.MX6DL - HAB4 doesn't verify signature in 'open' configuration?

Yuri — Wed, 30 Aug 2017 03:43:32 GMT

Hello,

There is a feature regarding SRK checking, that was described in app note AN4581, Rev. 0, 10/2012.

(The recent app note release does not mention it.)

"There is a known limitation about the verification of the SRK table in the ROM of i.MX 6 Series devices.
In these devices, the intent was to only verify the SRK table hash, when the SRK fuse field was non-zero
for Open configuration. However, for i.MX 6 Series in Open configuration, the HAB always skips the
verification of the SRK table, regardless of whether the SRK fuse field has been provisioned or not.
This means that it is necessary to ensure that the SRK field is correctly programmed, prior to moving the
i.MX 6 Series security configuration to Closed."

This feature can produce the issue, You described, since SRK is not really verified.

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

Re: i.MX6DL - HAB4 doesn't verify signature in 'open' configuration?

christian_neuwi — Wed, 30 Aug 2017 07:57:03 GMT

Thanks for the quick reply, Yuri!