- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX フォーラム
- :
- i.MXプロセッサ
- :
- Using cst-3.1.0 with i.MX6ULL
Using cst-3.1.0 with i.MX6ULL
- RSS フィードを購読する
- トピックを新着としてマーク
- トピックを既読としてマーク
- このトピックを現在のユーザーにフロートします
- ブックマーク
- 購読
- ミュート
- 印刷用ページ
Using cst-3.1.0 with i.MX6ULL
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Is this the current i.MX6 Linux High Assurance Boot (HAB) User's Guide?
The doc is labeled:
Document Number: IMX6HABUG
Rev L3.10.53_1.1.0-ga, 01/2015
In the document is a link, which caused me to download cst-3.1.0.
Now in the document they say how to answer questions from hab4_pki_tree.sh.
In hab4_pki_tree.sh, it asks if I want to use elliptical curve cryptography. Is this compatible with the current i.MX6ULL? In the document from 2015 it says:
• For question prompt, enter "n", "2048", "10", "4" one by one.
This must be out of date, since cst-3.1.0 says it is from September 2018 in the release notes.
The elliptical curve cryptography possibilities are:
Possible values p256, p384, p521:
I notice the release notes in cst-3.1.0 do not discuss Elliptical curve cryptography, nor does the 2015 HAB User Guide.
Also, is there a discussion of how the HAB layout is affected by NAND flash? How does it fit with the U-Boot NANDBCB command with the FCB and DBBT's? NANDBCB in U-Boot is writing two uImages, four FCB's and four DBBT's.
igorpadykov
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
Hi John
from team:
-----------------
please download the latest CST from nxp.com for latest documentation and enablement.
I am not sure I understand the NAND question, the HAB supported image looks the similar to regular NAND image except that the IVT is modified to have a CSF pointer in it, and the image is extended to add the certs and signature information in it.
-----------------
Best regards
igor
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
How does one get the latest cst? I am assuming this is how one gets it (from a 2015 Freescale i.MX 6 Linux High Assurance Boot (HAB) User's Guide):
"https://www.freescale.com/webapp/sps/download/license.jsp?colCode=IMX_CST_TOOL"
Do you know if there is one after 3.1.0?
Also, is there an up to date document to replace the 2015 Freescale i.MX 6 Linux High Assurance Boot (HAB) User's Guide?
It has been suggested to use:
https://boundarydevices.com/high-assurance-boot-hab-dummies/
If I follow this, I see that Elliptical is turned off. The answer to question:
Enter key length in bits for PKI tree: 4096Is this correct for the i.MX6?
I see the following in section 8 of i.MX6 ULL Applications Processor Reference Manual pg 333:
The RSA key sizes supported are 1024, 2048, and 3072 bits.
But in the HAB Code Signing Tool User's Guide (3.1.0) it says:
For HAB4 1024, 2048, 3072 and 4096-bit RSA keys are supported.
Is the i.MX6 ULL HAB 4, and does it implement 4096 bit RSA codes?
What I am seeing when I follow Boundary Devices HAB for Dummies instructions is the same as here:
https://community.nxp.com/t5/i-MX-Processors/iMX6-HAB-Problem/m-p/357380
But I am answering 'y' to the question mentioned in the post:
Do you want the SRK certificates to have the CA flag set? (y/n)?: y- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
one can look at "Code Signing Tools" on link:
https://www.nxp.com/design/software/embedded-software/i-mx-software:IMX-SW
For "Boundary Devices HAB for Dummies instructions" issues suggest to create new thread
with full description of problem.
Best regards
igor
- 新着としてマーク
- ブックマーク
- 購読
- ミュート
- RSS フィードを購読する
- ハイライト
- 印刷
- 不適切なコンテンツを報告
That is a start. I will break this down into multiple questions.
