High Assurance Boot(cst-2.3.3)中的CSF文件中的address、offset、length是根据哪些信息获取的?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

High Assurance Boot(cst-2.3.3)中的CSF文件中的address、offset、length是根据哪些信息获取的?

1,111 Views
hertzzhang
Contributor I
uboot.csf : 
[Header]
Version = 4.1
Security Configuration = Open
Hash Algorithm = sha256
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS
Engine = CAAM
[Install SRK]
File = "../crts/SRK_1_2_3_4_table.bin"
Source index = 0
[Install CSFK]
File = "../crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem"
[Authenticate CSF]
[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Key to install
Target index = 2
File = "../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem"
[Authenticate Data]
Verification index = 2
Blocks = 0x177ff400 0x0 0xc10 "u-boot.imx"
[Install Secret Key]
Verification index = 0
Target index = 0
Key = "dek.bin"
Key Length = 128
#0x177ff400+0x83c00+0x2000
Blob address = 0x17885000
[Decrypt Data]
Verification index = 0
Mac Bytes = 16
Blocks = 0x17800010 0x00000C10 0x00082ff0 "u-boot.imx"

   以上是csf文本,不知道红色字体的各种数据如何得到。目前只知道在make编译uboot的时候可以获取到uboot的加载地址,其他的信息就都不是很明白该如何得到,文档中也没有详细说明或示例。

   获取uboot的信息:

make V=1 // 打开详细信息显示
make -f ./scripts/Makefile.build obj=arch/arm/imx-common u-boot.imx
mkdir -p board/freescale/mx6sabresd/
./tools/mkimage -n board/freescale/mx6sabresd/mx6dlsabresd.cfg.cfgtmp -T imximage -e 0x17800000 -d u-boot.bin u-boot.imx
Image Type: Freescale IMX Boot Image
Image Ver: 2 (i.MX53/6/7 compatible)
Mode: DCD
Data Size: 557056 Bytes = 544.00 kB = 0.53 MB
Load Address: 177ff420
Entry Point: 17800000
HAB Blocks: 177ff400 00000000 00083c00
/home/aplex/sbc7819/toolchain/gcc-linaro-6.3.1-2017.05-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-objcopy --gap-fill=0xff -j .text -j .secure_text -j .rodata -j .hash -j .data -j .got -j .got.plt -j .u_boot_list -j .rel.dyn -O srec u-boot u-boot.srec
/home/aplex/sbc7819/toolchain/gcc-linaro-6.3.1-2017.05-x86_64_arm-linux-gnueabihf/bin/arm-linux-gnueabihf-objdump -t u-boot > u-boot.sym
0 Kudos
2 Replies

808 Views
igorpadykov
NXP Employee
NXP Employee

Hi Hertz

please check Table 10. Authenticate Data arguments, Table 11. Install Secret Key arguments

HABCST_UG.pdf document included in cst package (/docs folder).

Best regards
igor
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos

808 Views
hertzzhang
Contributor I

Hi igorpadykov

   I had read it before I asked this question but I still didn't know what below mean.How do I get the specific value?Please tell me the specific steps.Thanks a lot!

         • starting load address in memory--address: 32-bit unsigned integer
         • starting offset within the source file--offset: 0, ..., size of file
         • length (in bytes)--length: 0, ..., size of file - offset

0 Kudos