https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448792#M69382 <HTML><HEAD></HEAD><BODY><P>I am using CST to generate encrypted image. I am setting MAC = 16 bytes in my CSF. However, I see 32 bytes of MAC being generated in the CSF output. I see a constant 4 byte pattern and the rest 28 bytes of random data. Any idea where the MAC data is put in these bytes, and what the extra bytes are?</P></BODY></HTML> Wed, 01 Jul 2015 16:15:28 GMT sara 2015-07-01T16:15:28Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448792#M69382 <HTML><HEAD></HEAD><BODY><P>I am using CST to generate encrypted image. I am setting MAC = 16 bytes in my CSF. However, I see 32 bytes of MAC being generated in the CSF output. I see a constant 4 byte pattern and the rest 28 bytes of random data. Any idea where the MAC data is put in these bytes, and what the extra bytes are?</P></BODY></HTML> Wed, 01 Jul 2015 16:15:28 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448792#M69382 sara 2015-07-01T16:15:28Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448793#M69383 <HTML><HEAD></HEAD><BODY><P>Hi Sara,</P><P></P><P>I am assuming that you are referring to csf.bin.&nbsp; And that the [Decrypt Data] command is the last command on your CSF.</P><P></P><P>When in the presence of [Decrypt Data], CST will encrypt the data blocks in-place(data blocks in the input file are replaced by their encrypted version), using the data encryption key. And it also generates a MAC tag of the file and appends it to the CSF.</P><P></P><P>However, at boot time HAB&nbsp; needs to know what algorithm and what size use to authenticate the MAC.&nbsp; Let's take the following example of&nbsp; csf.bin:</P><P></P><P><STRONG>AC 00 24 41&nbsp; 00 0C 00 10&nbsp; 54 46 4E 21 27 6D C9 16&nbsp; CA A0 BE 70&nbsp; 11 DE 64 1A&nbsp; F2 20 D4 93&nbsp; B1 DB C3 75&nbsp; 98 72 E5 F3</STRONG></P><P></P><P>If we parse the HAB data structure, it would be like this:</P><P><STRONG>AC 00 24 41</STRONG></P><P>[HAB_TAG_MAC] [LENGTH][VERSION]</P><P>HAB_TAG_MAC =<STRONG> 0xAC</STRONG></P><P>length = <STRONG>0x0024</STRONG></P><P>version = <STRONG>0x41</STRONG></P><P>So this part of the structure is the 4 byte pattern that you probably are looking at.</P><P></P><P>HAB uses CBC-MAC, therefore a nonce and a length are required .Then the next word is divded in two.</P><P><STRONG>00 0C 00 10</STRONG></P><P>[NONCE LENGTH][MAC LENGTH]</P><P>NONCE LENGTH = <STRONG>0x000C</STRONG></P><P>MAC LENGTH =<STRONG> 0x0010</STRONG></P><P></P><P>Then by intuition, we can tell that the nonce is:</P><P><STRONG><STRONG>54 46 4E 21 27 6D C9 16&nbsp; CA A0 BE 70</STRONG></STRONG></P><P>and that the mac is</P><P><STRONG>11 DE 64 1A&nbsp; F2 20 D4 93&nbsp; B1 DB C3 75&nbsp; 98 72 E5 F3</STRONG></P><P></P><P>if you need more information about on the parameters and algorithms. I would read the Security Reference manual for your target board</P><P></P><P>Regards,</P><P>Ulises Cardenas</P></BODY></HTML> Mon, 06 Jul 2015 18:26:18 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448793#M69383 raulcardenas-b4 2015-07-06T18:26:18Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448794#M69384 <HTML><HEAD></HEAD><BODY><P>Hi Ulises,</P><P>Thank you so much for the response. That clears up my question.</P><P></P><P>Regards,</P><P></P><P>Sara Gurunathan</P><P>Senior Software Engineer</P><P>SRI International/Sarnoff</P><P>Products &amp; Services</P><P>201 Washington Road</P><P>Princeton NJ 08540</P><P>609-734-3191</P></BODY></HTML> Tue, 07 Jul 2015 11:00:39 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-boot/m-p/448794#M69384 sara 2015-07-07T11:00:39Z