Crypto D100 Guía de usuario descargar pdf (Pagina 13)

Secure Boot with i.MX28 HAB Version 4, Rev. 1

Freescale Semiconductor 13

Designing for code signing

Figure 5. Typical memory layout of a signed image

The IVT can appear anywhere before, in between, or after Image Data but not at address 0. Otherwise *self

in IVT points to NULL and that will be interpreted by HAB library as an invalid address. Also the CSF

and associated data (SRK Table, Signatures and Certificates) need not be concatenated together but it is

the default output of the CST.

The Size field must immediately follow the IVT and it is the length of entire image data including IVT and

CSF data. See the Boot Modes chapter of the reference manual for more details.

NOTE

HAB requires that the IVT, the Size field and at minimum, the first word of

the Image Data all must be covered by a digital signature. Failure to do so

will result in HAB issuing an assertion audit log event and the ROM

refusing to launch the image.

3.2 Generating the HAB data

3.2.1 Generating the Command Sequence File data (CSF)

The CSF contains all the commands that HAB will execute during the secure boot. These commands

instruct HAB on which memory areas of the image to authenticate, which keys to install, which keys to

use for signature verification, what data to write to a particular register, and so on.

Every image including bootlets in the boot sequence must be signed. There could be a single CSF for all

the images in the boot sequence or multiple CSFs, one for each image. A single CSF is possible if images

do not overlap in memory but the examples presented in this app note use multiple CSFs as they occupy

same space in memory.

1 2 ... 8 9 10 11 12 13 14 15 16 17 18 ... 30 31

Sin comentarios

Crypto D100 Guía de usuario Pagina 13