Error at Verifying HAB events of fitImage

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

Error at Verifying HAB events of fitImage

1,178 次查看
gthorat149
Contributor I
cat fitImage-image | hexdump -C | more
00000000  d0 0d fe ed 02 45 bb b4  00 00 00 38 02 45 b8 10  |.....E.....8.E..|
00000010  00 00 00 28 00 00 00 11  00 00 00 10 00 00 00 00  |...(............|
00000020  00 00 00 74 02 45 b7 d8  00 00 00 00 00 00 00 00  |...t.E..........|
00000030  00 00 00 00 00 00 00 00  00 00 00 01 00 00 00 00  |................|
00000040  00 00 00 03 00 00 00 04  00 00 00 64 61 dd 92 01  |...........da...|
00000050  00 00 00 03 00 00 00 3a  00 00 00 00 55 2d 42 6f  |.......:....U-Bo|
00000060  6f 74 20 66 69 74 49 6d  61 67 65 20 66 6f 72 20  |ot fitImage for |
00000070  4e 58 50 20 69 2e 4d 58  20 52 65 6c 65 61 73 65  |NXP i.MX Release|
00000080  20 44 69 73 74 72 6f 2f  35 2e 34 2f 77 61 62 63  | Distro/5.4/wabc|

BOLD = SIZE of FIt-Image

Process of generation of Image-signed.bin
SIZE of FIT-Image =0x0245bbb4
 
Extracting size from Image header...
SIZE= "0x`od -t x4 -j 0x4 -N 0x4 --endian=big fitImage-image | head -n1 | awk '{print $2}'`"
IVTOFFSET=SIZE
IVTSIZE="0x20"
CSFOFFSET  = ((IVTOFFSET + IVTSIZE))
 
Padding Image file...
objcopy -I binary -O binary --pad-to=$SIZE --gap-fill=0x00 fitImage-image Image-pad.bin
 
genIVT.pl is copied bellow 
chmod +x genIVT.pl
./genIVT.pl
cat Image-pad.bin ivt.bin > Image-pad-ivt.bin
 
Generating CSF binary...
csf_image.txt is copied bellow
 
./cst -i csf_image.txt -o csf_image.bin
 
# copy signatures into binary
cat Image-pad-ivt.bin csf_image.bin > Image-signed.bin
rm Image-pad*
 
"Image-signed.bin is ready!"
 
 
 
cat csf_image.txt
[Header]
    Version = 4.3
    Hash Algorithm = sha256
    Engine = CAAM
    Engine Configuration = 0
    Certificate Format = X509
    Signature Format = CMS
 
[Install SRK]
    # Index of the key location in the SRK table to be installed
    File = "../../crts/SRK_1_2_3_4_table.bin"
    Source index = 0
 
[Install CSFK]
    # Key used to authenticate the CSF data
    File = "../../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"
 
[Authenticate CSF]
 
[Install Key]
    # Key slot index used to authenticate the key to be installed
    Verification index = 0
    # Target key slot in HAB key store where key will be installed
    Target index = 2
    # Key to install
    File = "../../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"
 
[Authenticate Data]
    # Key slot index used to authenticate the image data
    Verification index = 2
    # Authenticate Start Address, Offset, Length and file
    Blocks = 0x44000000 0x0 0x245bbd4 "Image-pad-ivt.bin"
 
cat genIVT.pl
#! /usr/bin/perl -w
use strict;
open(my $out, '>:raw', 'ivt.bin') or die "Unable to open: $!";
print $out pack("V", 0x412000D1); # IVT Header
print $out pack("V", 0x44000000); # Jump Location
print $out pack("V", 0x0); # Reserved
print $out pack("V", 0x0); # DCD pointer
print $out pack("V", 0x0); # Boot Data
print $out pack("V", 0x4645bbb4); # Self Pointer
print $out pack("V", 0x4645bbd4); # CSF Pointer
print $out pack("V", 0x0); # Reserved
close($out);
 
Like this way I generated Image-signed.bin from FIT-IMAGE
 

wccu=> hab_auth_img 0x44000000 0x0245C7E8 0x0245C7C8
hab fuse not enabled

 

Authenticate image from DDR location 0x44000000...
bad magic magic=0x32 length=0xa35b version=0x98
bad length magic=0x32 length=0xa35b version=0x98
bad version magic=0x32 length=0xa35b version=0x98
Error: Invalid IVT structure

 

Allowed IVT structure:
IVT HDR = 0x4X2000D1
IVT ENTRY = 0xXXXXXXXX
IVT RSV1 = 0x0
IVT DCD = 0x0
IVT BOOT_DATA = 0xXXXXXXXX
IVT SELF = 0xXXXXXXXX
IVT CSF = 0xXXXXXXXX
IVT RSV2 = 0x0
wccu=> hab_auth_img 0x44000000 0x245BBD4 0x0245bbb4
hab fuse not enabled

 

Authenticate image from DDR location 0x44000000...
Error: Invalid IVT structure

 

Allowed IVT structure:
IVT HDR = 0x4X2000D1
IVT ENTRY = 0xXXXXXXXX
IVT RSV1 = 0x0
IVT DCD = 0x0
IVT BOOT_DATA = 0xXXXXXXXX
IVT SELF = 0xXXXXXXXX
IVT CSF = 0xXXXXXXXX
IVT RSV2 = 0x0

hab_auth_img 0x44000000 0x0245C7E8 0x0245C7C8
In this command how i select last two argument so my error will gone.
标签 (1)
0 项奖励
0 回复数