Encrypted + signed uImage using HAB

jdepedro — Mon, 13 Jun 2016 14:16:23 GMT

I am trying to use the i.MX6 HAB to validate and descrypt a uImage. I am using a closed device, and a signed and encrypted U-Boot which works just fine.

I have been able to use signed uImage (signing the complete range).

I now want to be able to use signed and encrypted uImages. In order to do that, the following must be taken into account:

U-Boot reads the uImage header before loading it to RAM (that is, before the uImage is descrypted). That menas the uImage header (0x40) cannot be encrypted.
According to HAB requirements, the following data must be authenticated (cannot be encrypted, as encryption and signature rangse cannot overlap):
- IVT: In my case 0x4C3000-0x4C3020
- DCD (if provided): Not provided in my case
- Boot data (initial byte if provided): Not provided in my case
- Entry point (inital word) : 0x12001000-0x12001004 in my case.

I would like to encrypt the max amount of data. Taking into account these requirements, I have created this CSF description file:

[Header]

Version = 4.1

Hash Algorithm = sha256

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM

[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

Source index = 3

[Install CSFK]

File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

Verification index = 0

Target index = 2

File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

Verification index = 2

Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

[Install Secret Key]

Verification index = 0

Target index = 0

Key = "dek.bin"

Key Length = 128

Blob address = 0x124c5020

[Decrypt Data]

Verification index = 0

Mac Bytes = 16

Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

[Decrypt Data]

Verification index = 0

Mac Bytes = 16

Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

Notice that in the last Decrpyt data block ,the size should be larger than 0x10 (should be 0x4c3000 - 0x1004 = 0x4c1ffc) which I have also tried. I used 0x10 trying to avoid the problem (didn't work).

That CSF file, generates this error:

Authenticate image from DDR location 0x12000000...

hab_rvt_entry success :smileyhappy:

ivt_offset = 0x4c3000, ivt addr = 0x124c3000

Dumping IVT

124c3000: 402000d1 12001000 00000000 00000000 .. @............

124c3010: 00000000 124c3000 124c3020 00000000 .....0L. 0L.....

Dumping CSF Header

124c3020: 415000d4 000c00be 00031703 50000000 ..PA...........P

124c3030: 020c00be 01000009 90040000 000c00ca ................

124c3040: 001dc501 e4070000 010c00be 000000bb ................

124c3050: 20504c12 001400ca 001da300 e8090000 .LP ............

--- Status before ---

Secure boot enabled

HAB Configuration: 0xcc, HAB State: 0x99

No HAB Events Found!

--- ------------- ----

Calling authenticate_image in ROM

ivt_offset = 0x4c3000

start = 0x12000000

bytes = 0x4c5020

load_addr: 0

hab_rvt_exit() success :smileyhappy:

--- status after ---

Secure boot enabled

HAB Configuration: 0xcc, HAB State: 0x99

--------- HAB Event 1 -----------------

event data:

0xdb 0x00 0x1c 0x41 0x33 0x18 0xc0 0x1d

0xca 0x00 0x14 0x00 0x00 0xa3 0x1d 0x00

0x00 0x00 0x09 0xe8 0x12 0x00 0x00 0x40

0x00 0x00 0x0f 0xc0

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_SIGNATURE (0x18)

CTX = HAB_CTX_COMMAND (0xC0)

ENG = HAB_ENG_CAAM (0x1D)

--- ------------ ---

Authenticate uImage Fail, Please check

HAB_INV_SIGNATURE means that the signature is not correct. From the HAB event we can interpret that the following block causes the error:

[Decrypt Data]

Verification index = 0

Mac Bytes = 16

Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

I have tested other configurations which worked fine:

Only signing the image (commenting the encryption blocks) works fine. That is using the following CSF:

[Header]

Version = 4.1

Hash Algorithm = sha256

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM

[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

Source index = 3

[Install CSFK]

File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

Verification index = 0

Target index = 2

File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

Verification index = 2

Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

#[Install Secret Key]

# Verification index = 0

# Target index = 0

# Key = "dek.bin"

# Key Length = 128

# Blob address = 0x124c5020

#[Decrypt Data]

# Verification index = 0

# Mac Bytes = 16

# Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

#[Decrypt Data]

# Verification index = 0

# Mac Bytes = 16

# Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

Commenting the first encryption range, also works properly, that is, using this CSF:

[Header]

Version = 4.1

Hash Algorithm = sha256

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM

[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

Source index = 3

[Install CSFK]

File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

Verification index = 0

Target index = 2

File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

Verification index = 2

Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

Verification index = 2

Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

[Install Secret Key]

Verification index = 0

Target index = 0

Key = "dek.bin"

Key Length = 128

Blob address = 0x124c5020

#[Decrypt Data]

# Verification index = 0

# Mac Bytes = 16

# Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

[Decrypt Data]

Verification index = 0

Mac Bytes = 16

Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

This menas the problem has to be with the commented Decryot data block in the CSF descrption file above. I don't see anything wrong with it, as far as I can see there are no overlap between signature and encryption ranges. I don't understand why this does not work. Could you provide some help on this?

Re: Encrypted + signed uImage using HAB

jdepedro — Thu, 16 Jun 2016 07:34:52 GMT

The problem is that the decryption block size was not a multiple of they Data Encryption Key length. Fixing that solved the problem.

i.MX Processors中的主题 Re: Encrypted + signed uImage using HAB

Encrypted + signed uImage using HAB

Re: Encrypted + signed uImage using HAB