sc_seco_authenticate doesn't return error, but seco events shows

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

sc_seco_authenticate doesn't return error, but seco events shows

275 Views
minsiklee
Contributor III

Dear Team,

I'm working with a AHAB using a i.MX8 chip.

upload no signed m4 image to device and program SRK fuse data.

as above title, Noticed that the following code api in debug log are always successful even the container m4 image was no signed, but seco event found 

That is, sc_seco_authenticate() succeeds even if the hash value or signature value of the signed m4 image is changed.

============================================================================

memcpy((void *)SEC_SECURE_RAM_BASE, (const void *)M4_RAM_addr, ALIGN(length, CONFIG_SYS_CACHELINE_SIZE));

err = sc_seco_authenticate(ipc, SC_MISC_AUTH_CONTAINER, M4_RAM_addr);

do_ahab_status(ipc);

--> No return error, but SECO Event Found.

     SECO Evnet List  : 1) Invalid hash value : AHAB_BAD_HASH_IND (0xF1)
                                    2) Invalid signature value : AHAB_BAD_SIGNATURE_IND (0xF0)
                                    3) No signed m4_image :  AHAB_NO_AUTHENTICATION_IND (0xEE)

========================================================================

Thus, the questions are:

  • Is it related to the fact that the device in "NXP Closed" state? 
  • Will the "sc_seco_authenticate" return the error when the device will be closed or does it just say that command passed and we should check the result with ahab_status?
  • What should I input as the 3rd parameter of sc_seco_authenticate api to verify m4 image?

 

Thanks in advance for the reply.
Best regard.

 

0 Kudos
0 Replies