i am working on IMX6Q processor. I have burned fuses, following https://www.nxp.com/docs/en/application-note/AN4581.pdf. I have not closed fuses yet.
A strange thing happens if, I sign my SPL with keys generated against "A" password and sign bootloader with keys generated against "B" password. i.e. both SPL and bootloader are signed with different keys, then HAB generates events only when authenticating bootloader. SPL authentication generates no events.
NOTE: I have a customized SPL and bootloader. SPL is authenticated by boot ROM code on POR. And to authenticate bootloader, I am using HAB library. Fuses burned(and not closed) are corresponding to key generated against "A" password.
CASE1: both SPL and bootloader signed with keys generated by "A". Code boots successfully without any HAB events.
CASE2: both SPL and bootlaoder signed with keys generated by password "B". Still boot process completes successfully. keeping in mind that fuses blown on hardware were corresponding to password "A".
CASE 3: both SPL and bootlader signed with different keys i.e. one with "A" and other with "B". In this case boot ROM code authenticates SPL without any HAB events, but when SPL call HAB library functions to authenticate bootloader, HAB events are generated and authentication fails.
Can you summarize when HAB events are generated for the case when fuses are blown but not closed? and when fuses are blown and closed?