Is it possible to use the HAB interface to verify signature of non-image data such as boot-script? I noticed this being referenced in the Digi board ccimx6sbc UBoot code to check signature of a boot-script using HAB interface before running it. I'd also like to verify other binary data that I would sign using same PKI tree for images.
Seems like all I would need to do would be to perform all the padding and add a fake IVT data region before signing it using the CST tool (similar to how a kernel image gets signed). The IVT can be fake since I'm not expecting to execute as an image (calling the HAB ROM interface directly, hab_rvt::authenticate_image()).