Configuration changes required to sign uboot with a different key

rohininarasipur · ‎06-22-2017

Hi,

Even though I generated 4 different key sets using hab4_pki_tree.sh script, I am able to use only the first pair of keys for signing and verification. If I specify second, third or fourth certificate in the configuration file, HAB events (HAB_INV_SIGNATURE and HAB_INV_KEY) are generated during boot. If I choose second CSF and IMG certificate, then should I also change the source index in Install SRK section? How will HAB know which SRK to use for verifying root of trust? And what other changes should I do in my config file to use any certificate pair other than the first CSF and IMG pair?

Regards,

Rohini

Yuri · ‎06-23-2017

Hello,

Sorry, but the information you are requesting is treated as confidential info at this time and requires a signed NDA

(Non-Disclosure Agreement). Naturally, we cannot discuss this with you in public anyway, this requires to be handled

as a Service Request (SR).

Support|NXP

Have a great day,
Yuri

-------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-------------------------------------------------------------------------------

Configuration changes required to sign uboot with a different key

Configuration changes required to sign uboot with a different key

i.MX51

i.MX6DL

i.MX6Dual

i.MX6Quad

i.MX6S

i.MX6SL