User Defined Hash Key Generation.

cancel
Showing results for 
Search instead for 
Did you mean: 

User Defined Hash Key Generation.

Jump to solution
282 Views
pranavmadhu
Contributor IV

Hi,

I'm having an LS1021A-IOT rev2 board. I've fused wrong hash-key (It is not matching with the generated using cst tool) on to SRKHR0-SRKHR7 register by mistake. Is there a way to generate key hash according to the value read from the SRKHR registers?

Can anybody help me in solving these issue?

Thanking You in advance,

Pranav

0 Kudos
1 Solution
119 Views
bpe
NXP TechSupport
NXP TechSupport

The value stored in SRKHR is a hash of your public key, it is not the

key itself. If you lost the key, and know only it's hash, it is

practically not possible to reconstruct the key by definition of the

hash:

https://en.wikipedia.org/wiki/Cryptographic_hash_function

Furthermore, if you only have the public half of the key, there is no

known way to reconstruct the private half. That  is why RSA is secure:

https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29

If, however, you do have the private and public keys that correspond

to your SRK hash, and they are valid RSA public and private key pair,

you can use them to sign and verify your boot images, just use the

appropriate key files.


Have a great day,
Platon

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos
1 Reply
120 Views
bpe
NXP TechSupport
NXP TechSupport

The value stored in SRKHR is a hash of your public key, it is not the

key itself. If you lost the key, and know only it's hash, it is

practically not possible to reconstruct the key by definition of the

hash:

https://en.wikipedia.org/wiki/Cryptographic_hash_function

Furthermore, if you only have the public half of the key, there is no

known way to reconstruct the private half. That  is why RSA is secure:

https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29

If, however, you do have the private and public keys that correspond

to your SRK hash, and they are valid RSA public and private key pair,

you can use them to sign and verify your boot images, just use the

appropriate key files.


Have a great day,
Platon

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos