HAB authentication succeeds with WARNING (Unsupported Engine – DCP) on i.MX RT dual image setup1050 Hi, I am working on a secure boot implementation for the i.MX RT1050 MCU and would like to achieve dual image authentication — one for the second-stage bootloader and another for the application image, both located in external flash. Setup Overview SRK, IMG, and CSF certificates are generated using the NXP Secure Provisioning Tool (SPT). The second-stage bootloader is signed and authenticated by the ROM using HAB. The application image is stored after the bootloader in external flash and can be updated independently (e.g., via USB or OTA). The second state bootloader calls the ROM HAB API to authenticate the application image before execution. Implementation Details Both images (bootloader + app) are signed with the same SRK/CSF key set. Inside the second-stage bootloader, I invoke HAB authentication as follows: load_addr = (uint32_t)hab_authenticate_image_no_dcd(1, ivt_offset, image_start, bytes); hab_image_entry_f hab_authenticate_image_no_dcd(uint8_t cid, uint32_t ivt_offset, uint32_t start, size_t bytes) { return g_habrvtTree->authenticate_image_no_dcd(cid, ivt_offset, (void **)&start, (size_t *)&bytes, NULL); } The authentication works — the function returns a valid reset handler address, confirming that the image is successfully verified. Issue: HAB WARNING (Unsupported Engine – DCP) After successful authentication, I query the HAB status and event log using hab_rvt_report_status() and hab_rvt_report_event(). Although authentication passes, I consistently receive a HAB WARNING instead of HAB_SUCCESS. Example output: Hab rvt report status = 0x69, config = 0xcc, status = 0x99 Report event #0 -> 0xf0 [HAB EVENT #0] (44 bytes): DB 00 2C 43 69 0A C0 00 CA 00 24 00 02 C5 1B 00 ... When decoding this event per the HAB4 documentation, it indicates: 0x69 → Warning 0x0A → Unsupported Engine 0xC0 → Event logged in hab_rvt.run_csf() The sequence 02 C5 1B 00 maps to: Image key verification index Protocol: HAB_PCL_CMS Engine: DCP Default configuration From this, I understand that the ROM reports a Warning because it tries to use the DCP engine during CSF execution, but DCP is not properly initialized or available in my second-stage bootloader context. What I’ve Tried I’ve manually initialized DCP using the SDK driver: DCP_Init(DCP, &config); (with all channels enabled and default settings) However, the warning persists — authentication succeeds, but the event log still reports an Unsupported Engine (DCP). Questions How does the ROM initialize and use the DCP during the primary HAB authentication SSB process ? Is this WARNING expected or benign when calling HAB ROM APIs manually? Is it possible to invoke the ROM HAB authentication API from a custom bootloader and achieve HAB_SUCCESS (no warnings), or is this warning expected when using the ROM HAB API outside of the initial boot context? Re: HAB authentication succeeds with WARNING (Unsupported Engine – DCP) on i.MX RT dual image setup1 Hi @BiHDeveloper
Thank you for reaching out!
Before diving further, could you manually modify the BD files to have the Header_Engine as any? Then let me know your results
Edit: after you update the bd file, as shown above, build the image again, beware of the SPT auto generating BD files when build image button. To avoid this you can run manually the build_image script from the project workspace. Then write the new image into the processor.
Please let me know if you see any changes.
Diego
查看全文