Tool/software:
Dear Ti staff,
We have successfully burnt the eFuse with custom keys, which are generated by "gen_keywr_cert.sh -g".
Currently we have some question about how to apply the keys:
1. I copied smpk.pem into u-boot/board/ti/keys as custMpk.pem and custMpk.key, then I use "openssl req -batch -new -x509 -key custMpk.key -out custMpk.crt" to generate the crt file.
Somehow the size of the crt file is different:(.bk files are the original files in the SDK) Is this normal?
As for building the u-boot, the binman process seems to take care of the details so I just need to collect these files, right?
2. For MCU+SDK, again I copied smpk.pem and smek.key into mcu+sdk/tools/boot/signing as custMpk_am62ax.pem and custMek_am63ax.txt. Again the size and encoding of the smek is different:
The smek, as I recall should be a 256-bit random number. I don't know why the default custMek_am62ax.txt.bk is 64 bytes.
And for building and collecting the outputs, after modifying the devconfig.mak, I'm planning to make all in the root of MCU+SDK, then generate HSM.appimage.hs and linux.appimage.hs. Is this approach correct?
Regards,
Huang Jingjie
