Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / trini / u-boot / 4d0985295bbb50a952f4312c0a818cd89b8ee7aa
commit4d0985295bbb50a952f4312c0a818cd89b8ee7aa[log] [tgz]
authorSimon Glass <sjg@chromium.org>Thu Jun 13 15:10:09 2013 -0700
committerTom Rini <trini@ti.com>Wed Jun 26 10:18:56 2013 -0400
tree44414eb8dfd6309ba56a21a8d8982a5d8f938f2b
parent3e06cd1f97792b4bc3882de1ac99f031fb0eaa80 [diff]
image: Add support for signing of FIT configurations

While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).

Add support for signing of FIT configurations using the libfdt's region
support.

Please see doc/uImage.FIT/signature.txt for more information.

Signed-off-by: Simon Glass <sjg@chromium.org>
5 files changed
tree: 44414eb8dfd6309ba56a21a8d8982a5d8f938f2b
  1. .checkpatch.conf
  2. .gitignore
  3. COPYING
  4. CREDITS
  5. MAINTAINERS
  6. MAKEALL
  7. Makefile
  8. README
  9. api/
  10. arch/
  11. board/
  12. boards.cfg
  13. common/
  14. config.mk
  15. disk/
  16. doc/
  17. drivers/
  18. dts/
  19. examples/
  20. fs/
  21. include/
  22. lib/
  23. mkconfig
  24. nand_spl/
  25. net/
  26. post/
  27. rules.mk
  28. snapshot.commit
  29. spl/
  30. test/
  31. tools/