Hello, I need to encrypt and authenticate my Linux image to boot it on a iMX8M Plus board. My goal is to be sure nothing that does not provide from me is executed in the board. I already have SPL and U-boot signed with HABv4. The question is that I need to sign the Linux image to reach my goal but I also need to encrypt the content because of the sensitive data. Regarding to CSF User Guide:
This command (Decrypt Data) is applicable from HAB4.1 onwards. Each instance generates a CSF command to decrypt and authenticate a list of code/data blocks using secret key stored in the secret key store.
Code-Signing Tool User’s Guide, Rev. 3.4.0
A-49 NXP
CST will generate a corresponding AUT_DAT command. CST will encrypt the data blocks in-place in the given files using a secret key and generate MAC data which is appended to the CSF.
It is also explained in the HABv4 API Refence Manual that the Image is encrypted using AES-CCM, an algo that encrypts the content and uses the private key of the board with a MAC-CBC algo to authenticate the image. So the question is... Is it safe to authenticate the image that way or should I use public key signing better?
