Encrypted + signed uImage using HAB

I am trying to use the i.MX6 HAB to validate and descrypt a uImage. I am using a closed device, and a signed and encrypted U-Boot which works just fine.

I have been able to use signed uImage (signing the complete range).

I now want to be able to use signed and encrypted uImages. In order to do that, the following must be taken into account:

• U-Boot reads the uImage header before loading it to RAM (that is, before the uImage is descrypted). That menas the uImage header (0x40) cannot be encrypted.
• According to HAB requirements, the following data must be authenticated (cannot be encrypted, as encryption and signature rangse cannot overlap):
  • IVT: In my case 0x4C3000-0x4C3020
  • DCD (if provided): Not provided in my case
  • Boot data (initial byte if provided): Not provided in my case
  • Entry point (inital word) : 0x12001000-0x12001004 in my case.

I would like to encrypt the max amount of data. Taking into account these requirements, I have created this CSF description file:

[Header]

    Version = 4.1

    Hash Algorithm = sha256

    Engine Configuration = 0

    Certificate Format = X509

    Signature Format = CMS

    Engine = CAAM

[Install SRK]

    File = "../crts/SRK_1_2_3_4_table.bin"

    Source index = 3

[Install CSFK]

    File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

    Verification index = 0

    Target index = 2

    File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

[Install Secret Key]

    Verification index = 0

    Target index = 0

    Key = "dek.bin"

    Key Length = 128

    Blob address = 0x124c5020

[Decrypt Data]

    Verification index = 0

    Mac Bytes = 16

    Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

[Decrypt Data]

    Verification index = 0

    Mac Bytes = 16

    Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

Notice that in the last Decrpyt data block ,the size should be larger than 0x10 (should be 0x4c3000 - 0x1004  = 0x4c1ffc) which I have also tried. I used 0x10 trying to avoid the problem (didn't work).

That CSF file, generates this error:

Authenticate image from DDR location 0x12000000...

hab_rvt_entry success :smileyhappy:

ivt_offset = 0x4c3000, ivt addr = 0x124c3000

Dumping IVT

124c3000: 402000d1 12001000 00000000 00000000    .. @............

124c3010: 00000000 124c3000 124c3020 00000000    .....0L. 0L.....

Dumping CSF Header

124c3020: 415000d4 000c00be 00031703 50000000    ..PA...........P

124c3030: 020c00be 01000009 90040000 000c00ca    ................

124c3040: 001dc501 e4070000 010c00be 000000bb    ................

124c3050: 20504c12 001400ca 001da300 e8090000    .LP ............

--- Status before ---

Secure boot enabled

HAB Configuration: 0xcc, HAB State: 0x99

No HAB Events Found!

--- ------------- ----

Calling authenticate_image in ROM

        ivt_offset = 0x4c3000

        start = 0x12000000

        bytes = 0x4c5020

load_addr: 0

hab_rvt_exit() success :smileyhappy:

--- status after ---

Secure boot enabled

HAB Configuration: 0xcc, HAB State: 0x99

--------- HAB Event 1 -----------------

event data:

        0xdb 0x00 0x1c 0x41 0x33 0x18 0xc0 0x1d

        0xca 0x00 0x14 0x00 0x00 0xa3 0x1d 0x00

        0x00 0x00 0x09 0xe8 0x12 0x00 0x00 0x40

        0x00 0x00 0x0f 0xc0

STS = HAB_FAILURE (0x33)

RSN = HAB_INV_SIGNATURE (0x18)

CTX = HAB_CTX_COMMAND (0xC0)

ENG = HAB_ENG_CAAM (0x1D)

--- ------------ ---

Authenticate uImage Fail, Please check

HAB_INV_SIGNATURE means that the signature is not correct.  From the HAB event we can interpret that the following block causes the error:

[Decrypt Data]

    Verification index = 0

    Mac Bytes = 16

    Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

I have tested other configurations which worked fine:

• Only signing the image (commenting the encryption blocks) works fine. That is using the following CSF:

[Header]

    Version = 4.1

    Hash Algorithm = sha256

    Engine Configuration = 0

    Certificate Format = X509

    Signature Format = CMS

    Engine = CAAM

[Install SRK]

    File = "../crts/SRK_1_2_3_4_table.bin"

    Source index = 3

[Install CSFK]

    File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

    Verification index = 0

    Target index = 2

    File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

#[Install Secret Key]

#    Verification index = 0

#    Target index = 0

#    Key = "dek.bin"

#    Key Length = 128

#    Blob address = 0x124c5020

#[Decrypt Data]

#    Verification index = 0

#    Mac Bytes = 16

#    Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

#[Decrypt Data]

#    Verification index = 0

#    Mac Bytes = 16

#    Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

• Commenting the first encryption range, also works properly, that is, using this CSF:

[Header]

    Version = 4.1

    Hash Algorithm = sha256

    Engine Configuration = 0

    Certificate Format = X509

    Signature Format = CMS

    Engine = CAAM

[Install SRK]

    File = "../crts/SRK_1_2_3_4_table.bin"

    Source index = 3

[Install CSFK]

    File = "../crts/CSF4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate CSF]

[Install Key]

    Verification index = 0

    Target index = 2

    File = "../crts/IMG4_1_sha256_2048_65537_v3_usr_crt.pem"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x124c3000 0x4c3000 0x20 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12001000 0x1000 0x4 "zImage-pad-ivt.bin"

[Authenticate Data]

    Verification index = 2

    Blocks = 0x12000000 0x0 0x40 "zImage-pad-ivt.bin"

[Install Secret Key]

    Verification index = 0

    Target index = 0

    Key = "dek.bin"

    Key Length = 128

    Blob address = 0x124c5020

#[Decrypt Data]

#    Verification index = 0

#    Mac Bytes = 16

#    Blocks = 0x12000040 0x40 0xFC0 "zImage-pad-ivt.bin"

[Decrypt Data]

    Verification index = 0

    Mac Bytes = 16

    Blocks = 0x12002000 0x2000 0x10 "zImage-pad-ivt.bin"

This menas the problem has to be with the commented Decryot data block in the CSF descrption file above. I don't see anything wrong with it, as far as I can see there are no overlap between signature and encryption ranges. I don't understand why this does not work. Could you provide some help on this?