Hello,
I am trying to setup the HAB secure boot and am having an issue running the srktool.
I seem to be able to generate the keys using the hab4_pki_tree scripts (both on windows and linux)
But when I try to generate the fuse map using srktool I get the following error:
"srktool: Error - Error! Failed to read certificate data from ..\..\keys\SRK1_sha256_2048_65537_v3_ca_key.pem"
I have tried it both on linux and windows with the same error/issue.
I have tried using the .per instead of the .pem file, but got the same result
Can anyone provide some help here?
Regards,
Cyrille
Hello,
I have solved my initial problem. It was my fault as I was in the keys directory instead of the crts one :-(
However, I am now stuck at the next stage. Generating the certification file to add to the image.
I am working on an i.MX6ULL and doing bare metal software (actually FreeRTOS)...
When running: cst.exe -o csf.bin -i run.csf
I get the following error: "Invalid Block arguments, Blocks start offset and length together exceed file size in command AuthenticateData"
I think that my problem stems from not giving the right arguements to the [Authenticate Data] / Blocks command.
imgutils.exe returns the following:
Info for CSF file generation
--------------------------------------
ivt_addr = 0x80000400, ivt_offset = 0x00000400
app_addr = 0x80002000, app_offset = 0x00002000, app_size = 0x00043c60
--------------------------------------
Which of these 5 numbers do I need to use for the Blocks command? app_size is prety obvious, but what about load address and offset. Should I use ivt_addr and ivt_offset or app_addr and app_offset ???
Cyrille
Hi Cyrille
please follow AN4581 Secure Boot on i.MX50, i.MX53, and i.MX 6 Series
https://www.nxp.com/docs/en/application-note/AN4581.pdf
Best regards
igor
-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------