26 Jun, 2013
2 commits
-
While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).Add support for signing of FIT configurations using the libfdt's region
support.Please see doc/uImage.FIT/signature.txt for more information.
Signed-off-by: Simon Glass
-
Add a structure to describe an algorithm which can sign and (later) verify
images.Signed-off-by: Simon Glass
