Hi Igor,
Thank you, I have managed to revoke SRK0 and my boot process is unsuccessful. However, I changed my csf file but I am still unable to secure boot using other 3 remaining keys. Below is my CSF file. May I know what exactly is going wrong?
CSF File
[Header]
Version = 4.0
Hash Algorithm = sha256
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS
Engine = ANY
[Install SRK]
File = "../../crts/SRK_1_2_3_4_table.bin"
Source index = 0
[Install CSFK]
File = "../../crts/CSF2_1_sha256_2048_65537_v3_usr_crt.pem"
[Authenticate CSF]
#Left blank because by doing so configuration is set to default
[Unlock]
Engine=CAAM
Features=RNG
[Unlock]
Engine = OCOTP
Features = SRK Revoke
[Install Key]
#authenticates and installs a public key for use in Authenticate Data command
Verification index = 0
Target index = 2
File = "../../crts/IMG2_1_sha256_2048_65537_v3_usr_crt.pem"
# Sign padded u-boot starting at the IVT through to the end with
# length = 0x2F000 (padded u-boot length) - 0x400 (IVT offset) = 0x2EC00
# This covers the essential parts: IVT, boot data and DCD.
# Blocks have the following definition:
# Image block start address on i.MX, Offset from start of image file,
# Length of block in bytes, image data file
[Authenticate Data]
Verification index = 2
Blocks = 0x877ff400 0x00000000 0x0006fc00 "../../../u-boot-imx6-boundary-v2017.07/u-boot.imx"
Regards,
Dheeraj
