24 Jul, 2013
1 commit
-
Signed-off-by: Wolfgang Denk
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini
26 Jun, 2013
2 commits
-
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).Add support for signing of FIT configurations using the libfdt's region
support.Please see doc/uImage.FIT/signature.txt for more information.
Signed-off-by: Simon Glass
-
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.Signed-off-by: Simon Glass
15 May, 2013
4 commits
-
We intend to add signatures to FITs also, so rename this function so that
it is not specific to hashing. Also rename fit_image_set_hashes() and
make it static since it is not used outside this file.Signed-off-by: Simon Glass
Reviewed-by: Marek Vasut -
This function doesn't need to be exported, and with verification
we want to use it for setting the 'value' property in any node,
so rename it.Signed-off-by: Simon Glass
Reviewed-by: Marek Vasut -
This function has become quite long and much of the body is indented quite
a bit. Move it into a separate function to make it easier to work with.Signed-off-by: Simon Glass
Acked-by: Marek Vasut -
This code is never compiled into U-Boot, so move it into a separate
file in tools/ to avoid the large #ifdef.Signed-off-by: Simon Glass
Reviewed-by: Marek Vasut