FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

User Defined Hash Key Generation.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

User Defined Hash Key Generation.

Jump to solution
‎02-22-2016 03:14 AM
735 Views
pranavmadhu
Contributor IV

Hi,

I'm having an LS1021A-IOT rev2 board. I've fused wrong hash-key (It is not matching with the generated using cst tool) on to SRKHR0-SRKHR7 register by mistake. Is there a way to generate key hash according to the value read from the SRKHR registers?

Can anybody help me in solving these issue?

Thanking You in advance,

Pranav

0 Kudos
Reply
1 Solution

Jump to solution
‎02-23-2016 02:44 AM
572 Views
bpe
NXP Employee
NXP Employee

The value stored in SRKHR is a hash of your public key, it is not the

key itself. If you lost the key, and know only it's hash, it is

practically not possible to reconstruct the key by definition of the

hash:

https://en.wikipedia.org/wiki/Cryptographic_hash_function

Furthermore, if you only have the public half of the key, there is no

known way to reconstruct the private half. That  is why RSA is secure:

https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29

If, however, you do have the private and public keys that correspond

to your SRK hash, and they are valid RSA public and private key pair,

you can use them to sign and verify your boot images, just use the

appropriate key files.


Have a great day,
Platon

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
1 Reply

Jump to solution
‎02-23-2016 02:44 AM
573 Views
bpe
NXP Employee
NXP Employee

The value stored in SRKHR is a hash of your public key, it is not the

key itself. If you lost the key, and know only it's hash, it is

practically not possible to reconstruct the key by definition of the

hash:

https://en.wikipedia.org/wiki/Cryptographic_hash_function

Furthermore, if you only have the public half of the key, there is no

known way to reconstruct the private half. That  is why RSA is secure:

https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29

If, however, you do have the private and public keys that correspond

to your SRK hash, and they are valid RSA public and private key pair,

you can use them to sign and verify your boot images, just use the

appropriate key files.


Have a great day,
Platon

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply