fast authentication tree ( Ca flag set ) iMx8m mini

antonio_santagi · ‎03-02-2020

Hello,

I am following the CST Code Signing Tool guide paragraph 3.1.2.1 : running the hab4_pki_tree. script to create the Keys efuses bin data.

I don't know what I should answer to the question :

– Do you want the SRK certificates to have the CA Flag set?
– Answer ‘y’ for a standard tree, ‘n’ for fast authentication tree.

Is fast authentication tree supported by iMX8m mini processor ?

Is there a place where they explain what this fast authentication for PKI tree is ?

Can I answer yes even if at the beginning I answered no to the question "Do you want to use an existing CA key ?"

thank you

antonio_santagi · ‎03-03-2020

I think I found explanation here :

https://www.nxp.com/docs/en/application-note/AN4581.pdf at Appendix C.

It is a document not supposed to cover iMX8m mini but I seee it refers anyway to HABv4 so I guess the fast authentication explanation at Appendix C applies anyway.

Yuri · ‎03-10-2020

Hello,

Yes, the fast authentication is described in the Appendix C and i.MX8Mm supports

this feature.

Regards,

Yuri.

fast authentication tree ( Ca flag set ) iMx8m mini

fast authentication tree ( Ca flag set ) iMx8m mini

i.MX 8M | i.MX 8M Mini | i.MX 8M Nano