AnsweredAssumed Answered

Signed and encrypted boot in i.MX6UL

Question asked by Robert Lubas on May 31, 2016
Latest reply on Mar 7, 2018 by huzaifi



I am trying to completely secure boot on i.MX6UL (provide encrypted nad signed u-boot (boot loader second stage) image).


Signing is working. The SPL is authenticate and hab_status do not report any events.


To sign and encrypt SPL (without IVT and DCD and Boot data) I use following CSF file:


Version = 4.2

Security Configuration = Open

Hash Algorithm = sha256

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM


[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

Source index = 0


[Install CSFK]

File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"


[Install Key]

Verification index = 0

Target Index = 2

File= "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"



[Authenticate Data]

Verification index = 2

Blocks = 0x00907400 0x00000000 0x00008c00 "./SPL"

#0x00907400 - start of area in RAM to be authenticate

#0x00000000 - start of area in SPL to sign

#0x00008c00 - size of area in SPL to sign (include IVT and DCD)


If the CSF file ends here the signing is working


#Encrypt the boot image and create a DEK

[Install Secret Key]

Verification Index = 0

#Master KEK index - 0 = OTPMK fuses

Target Index = 2

Key = "./dek.bin"

Key Length = 192

Blob Address = 0x00911fb0

How to calculate this blob address?


[Decrypt Data]

Verification Index = 2

Mac Bytes = 16

#The CST encrypts only image data of SPL.

Blocks = 0x00907400 0x1174 0x7a8c "./SPL"

What should contain Blocks?


When the CSF file ends here the evk do not boot from sd card.


Next step (in theory) is to boot signed image + DEK and run dek_blob 0x82000000 0x83000000 192 to generate dek blob.


If I run above command in u-boot which is only signed I get:


Encapsulating provided DEK to form blob 0x82000000

Error in SEC deq

Error in Encapsulation -1

Command failed, result=-1


I think that in section [Install Secret Key] and [Decrypt Data] Block address and Block could be incorrect. 


What is the structure of signed and encrypted image? (IVT, Boot data, DCD, u-boot, HAB data, DEK). What are the offsets of each parts in SPL?


Does anyone had run signed and encrypted SPL on i.MX6UL?