LS1046A Secure Boot Issue error 0x341

Maybe I can ask my question in a better way that would help me gain some understanding. I am struggling to figure out why I'm getting the 0x341 ERROR_HASH_COMPARE_EM signature check failure. As far as I can tell I am loading the correct SRK hash as I would expect (and do see if I have the wrong hash) 0x340. I also believe the image I am loading is correct, though in the process of validating there are no erroneous bits. At least cursory glance seems to validate that the BL2 I loaded as well as the header and signature match what was produced by the build. In other words I'm wondering what would be the next step in figuring out where this is going wrong? Thanks.

Thank you for the information. Yes I understand the Signature check is failing. Maybe you can correct my understand if it is wrong. I thought the SRK (Public Key) Hash is the hash of the public key used to generate the signature which is a hash of the image hash? The SRK Hash is the written into the SRK Mirror registers. So I'm confused what is wrong with the image hash being different than the SRK hash.

Please refer to the following update from the AE team.

Can customer confirm they only have one set of srk.pub and srk.pri in the build server to sign all the different images. If they have different set of srk.pub and srk.pri to sign different images, it will cause the 0x341 error.

Which version of LSDK customer is using?
Here is my buid log, which I don't have the "?? getopt returned character code 00 ??" issue.
#####
...
Built /home/r01360/flexbuild_lsdk2108/components/firmware/atf/build/ls1046ardb/release/bl2.bin successfully


#----------------------------------------------------#
#------- -------- -------- -------#
#------- CST (Code Signing Tool) Version 2.0 -------#
#------- -------- -------- -------#
#----------------------------------------------------#
file name is /home/r01360/flexbuild_lsdk2108/components/firmware/atf/build/ls1046ardb/release/bl2.bin
file name is /home/r01360/flexbuild_lsdk2108/components/firmware/atf/build/ls1046ardb/release/hdr_bl2

==========================================================
This tool includes software developed by OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/)
This product includes cryptographic software written by
Eric Young (eay@cryptsoft.com)
==========================================================

Input File is drivers/nxp/auth/csf_hdr_parser/input_bl2_ch2


************************************************
* Header File is with Signature appended
************************************************

Header File Created: /home/r01360/flexbuild_lsdk2108/components/firmware/atf/build/ls1046ardb/release/hdr_bl2

SRK (Public Key) Hash:
a74ad3f58c3dd9a5b715480c2f6108949500fe08e54fe2a989e85710cbc1e300
SFP SRKHR0 = a74ad3f5
SFP SRKHR1 = 8c3dd9a5
SFP SRKHR2 = b715480c
SFP SRKHR3 = 2f610894
SFP SRKHR4 = 9500fe08
SFP SRKHR5 = e54fe2a9
SFP SRKHR6 = 89e85710
SFP SRKHR7 = cbc1e300

LD byte_swap

Built byte_swap successfully

LD create_pbl

Built create_pbl successfully


Input Boot Source: SD_BOOT
Input RCW File: /home/r01360/flexbuild_lsdk2108/build/firmware/rcw/ls1046ardb/RR_FFSSPPPH_1133_5559/rcw_1800_sdboot_sben.bin
Input BL2 Binary File: /home/r01360/flexbuild_lsdk2108/components/firmware/atf/build/ls1046ardb/release/bl2.bin
Input load address for BL2 Binary File: 0x10000000
Chassis Type: 1
...
#####

Yes I did confirm that I only have one set of keys. It was a little difficult as it gets copied around a bunch. I also went as far as validating how the signature is actually getting built. I was also able to  dump the values that the hardware should be reading during the boot hold off. After dumping I calculated the sha256 hash and signature and was able to get a match. 

As far as version I'm building from https://github.com/nxp-qoriq/cst af56e6c5c66dd2bc86a83b0bee8cb61b88d2120c I'm not sure what version that corresponds to, but it looks like its later than 21.08. 

It does look like in your log you're building for the SD card and I'm building for qspi though not sure that should make a difference in how the signature is created. Would it be helpful to post up the built pbl for you to review and see if you can identify the issue there?

Interestingly I just downloaded the 21.08 sdk from nxp and built the firmware and I get this in srk_hash.txt

#----------------------------------------------------#
#------- -------- -------- -------#
#------- CST (Code Signing Tool) Version 2.0 -------#
#------- -------- -------- -------#
#----------------------------------------------------#
?? getopt returned character code 00 ??

==========================================================
This tool includes software developed by OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/)
This product includes cryptographic software written by
Eric Young (eay@cryptsoft.com)
==========================================================

Input File is input_files/uni_sign/ls104x_1012/input_bootscript_secure

SRK (Public Key) Hash:
caa8738d62fb29b9d671a8f8c51f01bd8f1f12bb9b778fd5c9f010b176057a77
SFP SRKHR0 = caa8738d
SFP SRKHR1 = 62fb29b9
SFP SRKHR2 = d671a8f8
SFP SRKHR3 = c51f01bd
SFP SRKHR4 = 8f1f12bb
SFP SRKHR5 = 9b778fd5
SFP SRKHR6 = c9f010b1
SFP SRKHR7 = 76057a77

so thinking the getopt return code thing is a red herring.

As in the LSDK UG, error code 0x341 has the following ISBC error definition:
RSA signature check failure. Signature provided by you in the header doesn’t match with the signature of the ESBC image generated by ISBC. The ESBC image loaded by you may be different than the image used while generating the signature(using CST)

What it is complain about is the "signature" of your signed image in flash media, does not match the run time calculation of the image you are trying to boot. As you can see in
https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-4D5D0916-29CC-4E11-B...
The CSF header contains:
0x0c RSA signature offset
This field contains an offset (in bytes) of the RSA signature from the start of the CSF header. Using this offset and the signature length, the RSA signature is read. The RSA signature is calculated over CSF header, SG table, and ESBC images.
0x10 RSA signature length in bytes.

The RSA signature does not match the run time calculation.
i.e.
https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-0D3D0BD8-45E2-4D2D-B...
#####
Assuming that the device is configured to perform secure boot, the digital signature validation routine performs following steps (as shown at the right side of the figure).
The routine locates and parses the CSF header to determine the size and location of the image, public keys, and digital signature.
It hashes the public key and compares it to the hash of the public key or key list stored in the SRKH register in SFP. If the hash comparison fails, secure boot fails.
It uses the validated public key to decrypt the digital signature, recovering the hash of the header + image + public keys.
The routine then calculates hash over the header + image (ESBC/Trusted Firmware) + public keys and compares the decrypted hash to the calculated hash. If the hash comparison fails, the secure boot fails.
#####

The ISBC uses the validated public key to decrypt the digital signature, recovering the hash of the header + image + public keys. The ISBC then calculates a hash over the header + image (ESBC/Trusted Firmware) + public keys and compares the decrypted hash to the calculated hash. If the hash comparison fails, secure boot fails.
The ISBC is using a SHA256 to calculate the signature. Can you check your CSF header (or provide the CSF to us to investigation)0x0C and 0x10 pointer has the correct information in the LS1046A? Also the CSF header "0x04 Public key offset" points to a corrected public key?

Lastly, what flash media you are using for secure boot (i.e. NOR, NAND, SD)? How you build the signed image?
Have you tried LSDK2108, "bld -m ls1046ardb -b sd -s" to build? i.e. "-s" option for secure boot.

So we're booting off qspi on an ls1046ardb, so my understanding is that is a nor flash chip hooked up to that but i'm not 100% sure on that.  I'm building with the following:

[root@fbubuntu flexbuild_lsdk2108_github]$ flex-builder -i mkfw -m ls1046ardb -b qspi -s
MACHINE: ls1046ardb
BOOTTYPE: qspi
SECURE: y
Writing 0x00000000 <---> firmware/atf/ls1046ardb/bl2_qspi.pbl
Writing 0x00900000 <---> firmware/fm_ucode/fsl_fman_ucode_ls1046_r1.0_106_4_18.bin
Writing 0x00940000 <---> firmware/qe_ucode/iram_Type_A_LS1021a_r1.0.bin
Writing 0x00980000 <---> firmware/phy_cortina/cs4315-cs4340-PHY-ucode.txt
Writing 0x009C0000 <---> images/flash_images.scr
Writing 0x00F00000 <---> linux/kernel/arm64/LS/fsl-ls1046a-rdb-sdk.dtb
Writing 0x01000000 <---> images/lsdk2108_yocto_tiny_LS_arm64.itb
/home/dmerrill/flexbuild_lsdk2108_github/build/images/firmware_ls1046ardb_qspiboot.img [Done]

Writing 0x00000000 <---> firmware/atf/ls1046ardb/bl2_qspi_sec.pbl
Writing 0x00100000 <---> firmware/atf/ls1046ardb/fip_uboot_sec.bin
Writing 0x00600000 <---> firmware/secboot_hdrs/ls1046ardb/secboot_hdrs_qspiboot.bin
Writing 0x00900000 <---> firmware/fm_ucode/fsl_fman_ucode_ls1046_r1.0_106_4_18.bin
Writing 0x00940000 <---> firmware/qe_ucode/iram_Type_A_LS1021a_r1.0.bin
Writing 0x00980000 <---> firmware/phy_cortina/cs4315-cs4340-PHY-ucode.txt
Writing 0x009C0000 <---> images/flash_images.scr
Writing 0x00F00000 <---> linux/kernel/arm64/LS/fsl-ls1046a-rdb-sdk.dtb
Writing 0x01000000 <---> images/lsdk2108_yocto_tiny_LS_arm64.itb
/home/dmerrill/flexbuild_lsdk2108_github/build/images/firmware_ls1046ardb_qspiboot_secure.img [Done]

Writing 0x00000000 <---> firmware/atf/ls1046ardb/bl2_qspi.pbl
Writing 0x00100000 <---> firmware/atf/ls1046ardb/fip_uefi.bin
Writing 0x00500000 <---> firmware/uefi/ls1046ardb/LS1046ARDBNV_EFI_QSPIBOOT.fd
Writing 0x00900000 <---> firmware/fm_ucode/fsl_fman_ucode_ls1046_r1.0_106_4_18.bin
Writing 0x00940000 <---> firmware/qe_ucode/iram_Type_A_LS1021a_r1.0.bin
Writing 0x00980000 <---> firmware/phy_cortina/cs4315-cs4340-PHY-ucode.txt
Writing 0x009C0000 <---> images/flash_images.scr
Writing 0x00F00000 <---> linux/kernel/arm64/LS/fsl-ls1046a-rdb-sdk.dtb
Writing 0x01000000 <---> images/lsdk2108_yocto_tiny_LS_arm64.itb
/home/dmerrill/flexbuild_lsdk2108_github/build/images/firmware_ls1046ardb_qspiboot_uefi.img [Done]

This ends up with the same 0x341 error. Please advise.

Can you try
flex-builder -m ls1046ardb -b qspi -s
or
bld -m ls1046ardb -b qspi -s
and load the into QSPI and boot again? The "mkfw" option may have use different key to sign the image.
If this does not resolve the issue, please provide the build log so we can check the CST signing log for the name and location of the srk.pub and srk.pri that sign the software images.

One more note.
Please refers to
https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-D9A90107-3335-4BDB-8...
Note that customer also needs to put the correct "secure boot header" in 0x00600000 for QSPI
Secure boot headers 128KiB 0x00600000 0x60600000 0x64600000 0x580600000 0x584600000 0x03000

Interesting about the secure boot headers? Can you help me understand what that is referring to?

So another datapoint that hopefully will help. I went ahead and followed the steps for flashing from here https://docs.nxp.com/bundle/GUID-487B2E69-BB19-42CB-AC38-7EF18C0FE3AE/page/GUID-853E743B-D814-4DBF-B... using 

firmware_ls1046ardb_qspiboot_secure.img

instead of the non secure like the docs suggest. I reboot to the alt flash bank and attach and set my srkh mirror registers and still end up with the 0x341 error code and non-secure. So seems this isn't an issue with my build since its happening with a build directly from nxp as well? Thoughts?

If you are using a pre-built image from us. you have to use our SRKH value. how do you program that? Can you share your CCS console log?

additional info using pre-build image.
In the pre-build image, there should be a srk_hash.txt.
For example:
#----------------------------------------------------#
#------- -------- -------- -------#
#------- CST (Code Signing Tool) Version 2.0 -------#
#------- -------- -------- -------#
#----------------------------------------------------#
?? getopt returned character code 00 ??

==========================================================
This tool includes software developed by OpenSSL Project
for use in the OpenSSL Toolkit (http://www.openssl.org/)
This product includes cryptographic software written by
Eric Young (eay@cryptsoft.com)
==========================================================

Input File is input_files/uni_sign/lx2160/input_bootscript_secure


SRK (Public Key) Hash:
2ff8750dee453269d43bfc6ca38ec315468e2fad73f157f21b383707a8c48e0e
SFP SRKHR0 = 2ff8750d
SFP SRKHR1 = ee453269
SFP SRKHR2 = d43bfc6c
SFP SRKHR3 = a38ec315
SFP SRKHR4 = 468e2fad
SFP SRKHR5 = 73f157f2
SFP SRKHR6 = 1b383707
SFP SRKHR7 = a8c48e0e

If they are using CWTap to write to the SRKH mirror register, there is no need to do endianess swap for the above value.

Additionally I installed the qspi_boot_sec.pbl that was generated by the lsdk using flex-builder -i mkfw -m ls1046ardb -b qspi -s and inputing the hash into the srkh registers and I still get 0x341 signature error.