I built flash.bin with parameters:
CONFIG_AHAB_BOOT=y
CONFIG_CMD_DEKBLOB=y
CONFIG_IMG_SECO_DEK_ENCAP=y
CONFIG_FAT_WRITE=y
Built an imx code signing tool with encryption support:
$ sudo apt-get install libssl-dev openssl
$ cd <CST install directory>/code/back_end/src
$ $ gcc -o css_encrypted -I ../dr -L ../../../linux 64/lib *.cl frontend -lcrypto
$ $ cp css_encrypted ../../../linux 64/bit/
Generated a PKI and tried to encrypt the image:
././release/linux 64/bit/css_encrypted -i csf_enc_boot_image.txt -open_flash.bin
Invalid argument: ImageIndexes
Then I tried to just remove this parameter, then cst gave this:
Invalid command: InstallSecretKey is illegal for given target
Can you tell me, please, where you can read more about the css file parameters and preferably encryption on imx8 in general?
