blob: 34039ee5901b760ac92d30285b842c0d116103aa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
/*
* This snippet can be included from a i.MX flash header configuration
* file for generating signed images. The necessary keys/certificates
* are expected in these config variables:
*
* CONFIG_HABV4_TABLE_BIN
* CONFIG_HABV4_CSF_CRT_PEM
* CONFIG_HABV4_IMG_CRT_PEM
*/
#if defined(CONFIG_HABV4) && defined(CONFIG_CPU_64)
hab [Header]
hab Version = 4.3
hab Hash Algorithm = sha256
hab Engine Configuration = 0
hab Certificate Format = X509
hab Signature Format = CMS
hab Engine = CAAM
hab [Install SRK]
hab File = CONFIG_HABV4_TABLE_BIN
hab # SRK index within SRK-Table 0..3
hab Source index = 0
hab [Install CSFK]
/* target key index in keystore 1 */
hab File = CONFIG_HABV4_CSF_CRT_PEM
hab [Authenticate CSF]
hab [Unlock]
hab Engine = CAAM
hab Features = RNG
hab [Install Key]
/* verification key index in key store (0, 2...4) */
hab Verification index = 0
/* target key index in key store (2...4) */
hab Target index = 2
hab File = CONFIG_HABV4_IMG_CRT_PEM
hab [Authenticate Data]
/* verification key index in key store (2...4) */
hab Verification index = 2
hab_blocks
hab_encrypt [Install Secret Key]
hab_encrypt Verification index = 0
hab_encrypt Target index = 0
hab_encrypt_key
hab_encrypt_key_length 256
hab_encrypt_blob_address
hab_encrypt [Decrypt Data]
hab_encrypt Verification index = 0
hab_encrypt Mac Bytes = 16
hab_encrypt_blocks
#endif
|