AnsweredAssumed Answered

CST 2.3.2 hang

Question asked by Fangming Chai on Jun 20, 2016
Latest reply on Jun 27, 2016 by Fangming Chai

I met issue when encrypting u-boot image by using CST. When I enabling image encryption. The CST hang for about 20 minutes, at last it returned but did not generate expected CSF bin, image not encrypted either, only generated dek.bin.


Here is my CSF file content:



Version = 4.1

Hash Algorithm = SHA256

Engine Configuration = 0

Certificate Format = X509

Signature Format = CMS

Engine = CAAM


[Install SRK]

File = "../crts/SRK_1_2_3_4_table.bin"

# Index of the key location in the SRK table to be installed

Source index = 0


[Install CSFK]

# Key used to authenticate the CSF data

File = "../crts/CSF1_1_sha256_2048_65537_v3_usr_crt.pem"


[Authenticate CSF]



Engine = CAAM

Features = RNG


[Install Key]

# Key slot index used to authenticate the key to be installed

Verification Index = 0

# Key to install

Target Index = 2

File = "../crts/IMG1_1_sha256_2048_65537_v3_usr_crt.pem"


[Authenticate Data]

# Key slot index used to authenticate the image data

Verification Index = 2

#       Address   Offset        Length      Data File Path

Blocks = 0x177ff400 0x00000000 0x00000C10 "./u-boot.imx"


#Encrypt the boot image and create a DEK

[Install Secret Key]

Verification Index = 0

Target Index = 0

Key = "./dek.bin"

Key Length = 128

Blob Address = 0x1787fbb8


#Provide DEK blob location to decrypt

[Decrypt Data]

Verification Index = 0

Mac Bytes = 16

Blocks = 0x17800010 0x00000C10 0x7cff0 "./u-boot.imx"






When I remove the content after "#Encrypt the boot image and create a DEK" everything goes well.