FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX8M Nano Secure Boot (HABv4) Compliance

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

i.MX8M Nano Secure Boot (HABv4) Compliance

Jump to solution
‎06-17-2024 12:50 AM
451 Views
Nethaji1510
Contributor II

Hello Team,

            We have an IMX8MNano board. We have successfully enabled the HABv4 feature on this board and also signed the bootloader kernel and DTB file using the NXP code signing tool.


Our queries,
           Our understanding is that NXP supplied the "hab4_pki_tree.sh" script and the code signing tool for HABv4. The PKI keys were created using this "hab4_pki_tree.sh" script, and the image signatures were done using CST. But as per our cyber team compliance, we can't access the private key (it will reside in a secure server) in this case we cant use CST which require the private key. Can you provide us a solution for this?

0 Kudos
Reply
1 Solution

Jump to solution
‎06-20-2024 04:39 AM
384 Views
Nethaji1510
Contributor II

Ok. Thanks for your quick support @Harvey021

Hi @Harvey021,

Kindly share the NXP CST tool 3.3.1 source code package.

View solution in original post

Tags (1)
0 Kudos
Reply
2 Replies

Jump to solution
‎06-17-2024 08:04 AM
416 Views
Harvey021
NXP TechSupport
NXP TechSupport

Hi,

You can refer to the section <Using Code-Signing Tool with Hardware Security Module> CST User guide 

IMX_CST_TOOL_NEW 

 

Regards

Harvey

0 Kudos
Reply

Jump to solution
‎06-20-2024 04:39 AM
385 Views
Nethaji1510
Contributor II

Ok. Thanks for your quick support @Harvey021

Hi @Harvey021,

Kindly share the NXP CST tool 3.3.1 source code package.

Tags (1)
0 Kudos
Reply