Hi Team,
We have an IMX8M Nano board. We have successfully enabled the HABv4 feature on this board and also signed the bootloader kernel and DTB file using the NXP code signing tool & below. bin and keys.
SRK_1_2_3_4_table.bin
CSF1_1_sha256_2048_65537_v3_usr_crt.pem
IMG1_1_sha256_2048_65537_v3_usr_crt.pem
It is working fine.
In kernel signing, we have used the below keys:
SRK_1_2_3_4_table.bin
CSF2_1_sha256_2048_65537_v3_usr_crt.pem
IMG2_1_sha256_2048_65537_v3_usr_crt.pem
Below HAB events occur,
Authenticate image from DDR location 0x40480000...
Secure boot disabled
HAB Configuration: 0xf0, HAB State: 0x66
--------- HAB Event 1 -----------------
event data:
0xdb 0x00 0x14 0x45 0x33 0x0f 0xc0 0x00
0xbe 0x00 0x0c 0x00 0x03 0x17 0x01 0x00
0x00 0x00 0x00 0x38
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_INDEX (0x0F)
CTX = HAB_CTX_COMMAND (0xC0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 2 -----------------
event data:
0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x41 0x53 0x00 0x00
0x00 0x00 0x00 0x20
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
--------- HAB Event 3 -----------------
event data:
0xdb 0x00 0x14 0x45 0x33 0x0c 0xa0 0x00
0x00 0x00 0x00 0x00 0x40 0x48 0x00 0x00
0x00 0x00 0x00 0x04
STS = HAB_FAILURE (0x33)
RSN = HAB_INV_ASSERTION (0x0C)
CTX = HAB_CTX_ASSERT (0xA0)
ENG = HAB_ENG_ANY (0x00)
NOTE: We have referred to the CST User Manual to update keys and source index, as well as the verification index, but it still occurs HAB events.
Please find the working csf.txt and non-working csf.txt files for your reference.
Kindly help us.
Thanks,
