diff options
author | Rouven Czerwinski <r.czerwinski@pengutronix.de> | 2019-08-06 07:11:04 +0200 |
---|---|---|
committer | Sascha Hauer <s.hauer@pengutronix.de> | 2019-08-07 09:42:15 +0200 |
commit | 85c41c884807cfedda585d5022726e4d73277cdd (patch) | |
tree | 7e33d591940a8a6f3e6fcfe59661c2ca3c868b8b /arch | |
parent | a0dbc68b50a288853e647e868117ba62d2d3aac7 (diff) | |
download | barebox-85c41c884807cfedda585d5022726e4d73277cdd.tar.gz barebox-85c41c884807cfedda585d5022726e4d73277cdd.tar.xz |
mach-imx: add gencsf header for i.MX8MQ
Add the required gencsf header for i.MX8MQ.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'arch')
-rw-r--r-- | arch/arm/mach-imx/include/mach/habv4-imx8-gencsf.h | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/arch/arm/mach-imx/include/mach/habv4-imx8-gencsf.h b/arch/arm/mach-imx/include/mach/habv4-imx8-gencsf.h new file mode 100644 index 0000000000..34039ee590 --- /dev/null +++ b/arch/arm/mach-imx/include/mach/habv4-imx8-gencsf.h @@ -0,0 +1,59 @@ +/* + * This snippet can be included from a i.MX flash header configuration + * file for generating signed images. The necessary keys/certificates + * are expected in these config variables: + * + * CONFIG_HABV4_TABLE_BIN + * CONFIG_HABV4_CSF_CRT_PEM + * CONFIG_HABV4_IMG_CRT_PEM + */ +#if defined(CONFIG_HABV4) && defined(CONFIG_CPU_64) +hab [Header] +hab Version = 4.3 +hab Hash Algorithm = sha256 +hab Engine Configuration = 0 +hab Certificate Format = X509 +hab Signature Format = CMS +hab Engine = CAAM + +hab [Install SRK] +hab File = CONFIG_HABV4_TABLE_BIN +hab # SRK index within SRK-Table 0..3 +hab Source index = 0 + +hab [Install CSFK] +/* target key index in keystore 1 */ +hab File = CONFIG_HABV4_CSF_CRT_PEM + +hab [Authenticate CSF] + +hab [Unlock] +hab Engine = CAAM +hab Features = RNG + +hab [Install Key] +/* verification key index in key store (0, 2...4) */ +hab Verification index = 0 +/* target key index in key store (2...4) */ +hab Target index = 2 +hab File = CONFIG_HABV4_IMG_CRT_PEM + +hab [Authenticate Data] +/* verification key index in key store (2...4) */ +hab Verification index = 2 + +hab_blocks + +hab_encrypt [Install Secret Key] +hab_encrypt Verification index = 0 +hab_encrypt Target index = 0 +hab_encrypt_key +hab_encrypt_key_length 256 +hab_encrypt_blob_address + +hab_encrypt [Decrypt Data] +hab_encrypt Verification index = 0 +hab_encrypt Mac Bytes = 16 + +hab_encrypt_blocks +#endif |