[U-Boot] arm: am33xx: security: adds auth support for encrypted images
Tom Rini
trini at konsulko.com
Fri Sep 29 20:26:13 UTC 2017
On Wed, Sep 20, 2017 at 02:37:36PM -0500, Andrew F. Davis wrote:
> From: Madan Srinivas <madans at ti.com>
>
> This patch adds support for authentication of both plain
> text and encrypted binaries. A new SECDEV package is needed
> to enable encryption of binaries by default for AM3x.
>
> The ROM authentication API detects encrypted images at
> runtime and automatically decrypts the image if the
> signature verification passes.
>
> Addition of encryption on AM3x results in a change in the
> image format. On AM4x, AM5x and, on AM3x devices signing
> clear test images, the signature is appended to the end of the
> binary.
>
> On AM3x, when the SECDEV package is used to create signed
> and encrypted images, the signature is added as a header
> to the start of the binary. So the binary size calculation
> has been updated to reflect this change.
>
> The signing tools and encrypted image format for AM3x
> cannot be changed to behave like AM4x and AM5x to
> maintain backward compatibility with older Sitara
> M-Shield releases.
>
> Signed-off-by: Madan Srinivas <madans at ti.com>
> Signed-off-by: Andrew F. Davis <afd at ti.com>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20170929/9739878f/attachment.sig>
More information about the U-Boot
mailing list