This is on an i.MX7D, related to manufacturing protection
I have a message that when I sign it, I'm unable to verify it. The message is 220 bytes long. If I truncate it to 219 bytes or extend it to 221 bytes and sign it, I can verify the signature. If I try a different 220 byte message, that works also. The behavior I'm seeing seems to related to the particular data I'm trying to sign.
For signing, I'm using u-boot's mfgprot command. For verification, I'm using a tool I wrote. If you need the source, I can provide it.
I've include the output of signing the message as 219, 220, and 221 bytes long. I've also included the output of my verification tool. As you can see, the hashes reported by u-boot match the ones I calculated during verification.
Edited to add:
It's giving me some invalid HTML error, so I'm just attaching the data as a text file.
