AnsweredAssumed Answered

Encrypted u-boot with SPL for iMX6UL

Question asked by Julien Panis on Aug 1, 2018
Latest reply on Aug 17, 2018 by Yuri Muhin

Hello,

 

I have some problems for encrypting u-boot with SPL, on iMX6UL.

 

SIGNING :

 

I have signed u-boot with SPL for iMX6UL, and it works ("No HAB events found" message). I used those 4 files :

 

//============================

// 1) SPL.log

//============================

Image Type:   Freescale IMX Boot Image
Image Ver:    2 (i.MX53/6/7 compatible)
Mode:         DCD
Data Size:    53248 Bytes = 52.00 KiB = 0.05 MiB
Load Address: 00908420
Entry Point:  00909000
HAB Blocks:   00908400 00000000 0000ac00
DCD Blocks:   00910000 0000002c 00000004

 

//============================

// 2) SPL.csf

//============================

[Header]
Version = 4.1
Hash Algorithm = sha256
Engine = ANY
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

 

[Install SRK]
File = "../../crts/SRK_1_2_3_4_table.bin"
Source index = 0    # Index of the key location in the SRK table to be installed

 

[Install CSFK]
# Key used to authenticate the CSF data
File = "../../crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate CSF]

 

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target index = 2
# Key to install
File = "../../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
#        Address      Offset     Length       Data File Path
Blocks = 0x00908400   0x00000000   0x0000ac00   "SPL"

 

[Unlock]
Engine = CAAM
Features = RNG

 

//============================

// 3) u-boot-ivt.img.log

//============================

Image Name:   U-Boot 2017.03-27251-g01c382a fo
Created:      Fri Jul 27 16:12:28 2018
Image Type:   ARM U-Boot Firmware with HABv4 IVT (uncompressed)
Data Size:    364480 Bytes = 355.94 KiB = 0.35 MiB
Load Address: 86000000
Entry Point:  00000000
HAB Blocks:   0x85ffffc0   0x0000   0x00057020

 

//============================

// 4) u-boot-ivt.img.csf

//============================

[Header]
Version = 4.1
Hash Algorithm = sha256
Engine = ANY
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

 

[Install SRK]
File = "../../crts/SRK_1_2_3_4_table.bin"
Source index = 0    # Index of the key location in the SRK table to be installed

 

[Install CSFK]
# Key used to authenticate the CSF data
File = "../../crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate CSF]

 

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target index = 2
# Key to install
File = "../../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
#        Address      Offset     Length       Data File Path
Blocks = 0x85ffffc0   0x0000   0x00057020   "u-boot-ivt.img"

 

ENCRYPTION :

 

Then, I tried to modify u-boot CSF file because I also want to encrypt u-boot. Based on the questions already asked on NXP forum and on others websites, I have tried many things for 2 days but it does NOT work. Here is what I did (in bold : added/modified parts - in red : address/length that are probably wrong) :

 

//============================

// 4) u-boot-ivt.img.csf

//============================

[Header]
Version = 4.1
Hash Algorithm = sha256
Engine = CAAM
Engine Configuration = 0
Certificate Format = X509
Signature Format = CMS

 

[Install SRK]
File = "../../crts/SRK_1_2_3_4_table.bin"
Source index = 0    # Index of the key location in the SRK table to be installed

 

[Install CSFK]
# Key used to authenticate the CSF data
File = "../../crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate CSF]

 

[Unlock]
Engine = CAAM
Features = RNG

 

[Install Key]
# Key slot index used to authenticate the key to be installed
Verification index = 0
# Target key slot in HAB key store where key will be installed
Target index = 2
# Key to install
File = "../../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem"

 

[Authenticate Data]
# Key slot index used to authenticate the image data
Verification index = 2
#        Address      Offset     Length       Data File Path
Blocks = 0x85ffffc0   0x0000   0x00000030   "u-boot-ivt.img"

Explanation : 0x30 = 0x2c + 0x4 (see "SPL.log" file)

 

#Encrypt the boot image and create a DEK
[Install Secret Key]
Verification Index = 0
Target Index = 0
Key = "dek.bin"
Key Length = 128
Blob Address = 0x86058f98

Explanation :

0x86058f98 = 0x86000000 [load address] - 0x40 [header size] + 0x57020 [uboot size] + 0x2000 [csf size] - 0x48 [blob size]

 

#Provide DEK blob location to decrypt
[Decrypt Data]
Verification Index = 0
Mac Bytes = 16
Blocks = 0x86000000 0x00000040 0x00056fe0 "u-boot-ivt.img"

Explanation :

0x86000000 is load address (see "u-boot-ivt.img.log" file)...which is not the same as entry point address (problem ?)

0x40 = 0x86000000 - 0x85ffffc0

0x56fe0 = 0x57020 - 0x40

 

This was followed by the following u-boot commands...

=> load mmc 0 0x80800000 dek.bin

=> dcache off

=> icache off

=> dek_blob 0x80800000 0x86058f98 128

=> fatwrite mmc 0 0x86058f98 dek_blob.bin 0x48

 

...and by the following host commands :

$ objcopy -I binary -O binary --pad-to=0x1fb8 --gap-fill=0x00 u-boot-ivt.img_csf.bin u-boot-ivt.img_csf.bin

$ cat u-boot-ivt.img u-boot-ivt.img_csf.bin dek_blob.bin > u-boot-ivt.img_signed_encrypted

Explanation : 0x1fb8 [padding] + 0x48 [blob size] = 0x2000 because DEK blob is supposed to be included in CSF region (which size is 0x2000)

 

REFERENCES :

 

High Assurance Boot (HAB) for dummies - Boundary Devices 

Encrypted boot loader on SabreSD i.MX6q board | NXP Community 

Encrypted U-boot Example 

Encrypted boot loader on SabreSD i.MX6q board 

u-boot/README.mxc_hab at master · theopolis/u-boot · GitHub 

https://community.nxp.com/message/845992?commentID=845992#comment-845992 

Signed and encrypted boot in i.MX6UL 

Multi-stage Secure Boot in iMX6 through SPL & u-boot.img 

 

QUESTIONS (to make u-boot encryption work) :

 

1) What value should I use for :

- authenticated data length (instead of 0x30, if it is wrong) ?

- decrypted data start address (instead of 0x86000000, if it is wrong) ?

- offset for decryption (instead of 0x40, if it is wrong) ?

- decrypted data length (instead of 0x56fe0, if it is wrong) ?

 

2) Is there anything else to modify in u-boot CSF file ?

 

3) Is there anything to modify in SPL CSF file ?

 

4) Is there anything else that I am missing ?

 

Any help will be appreciated... :-)

 

Julien

Outcomes