00:00 <cottsay> xdarklight: thank you! thank you!

09:50 <repk> ccaione: I may be wrong, I quickly step through aml_encrypt_g12a with gdb, I don't see no call to any rsa_* function. And dumping the header of output bl31.img.enc the key seems to be all null.

09:51 <repk> the header format did change though

09:53 <ccaione> @repk maybe you can pass the signature as parameter? Need to look better into that. And yes, the header changed

09:58 <repk> ccaione: yes there is an option to pass the signature as a parameter but I follow that https://patchwork.ozlabs.org/patch/1083476/ and it seems to not be used. My guess is that it is only used on board that has been fused

10:00 <ccaione> well, that would be good indeed

15:10 <repk> ccaione: here is what I found while quickly disassembling aml_encrypt_g12a. The BL3* images are formed with a first Header an empty key a second header holding a sha256 hash of the bl3* binary then the sha256 of this second header then the bl3* binary data itself.

15:12 <repk> I need to guess the meaning of some of this header fields but it should be not that difficult to do. Also bl33 is LZ4 compressed

16:38 <ccaione> @repk yes, basically IV + 128 bytes header + 512 signature. BL30 seems different though? Is it signed twice?