[U-Boot] RSA in U-Boot
AKASHI Takahiro
takahiro.akashi at linaro.org
Tue Aug 27 23:55:15 UTC 2019
Hi Grant,
On Tue, Aug 27, 2019 at 10:35:37AM +0000, Grant Likely wrote:
> Hi Takahiro,
>
> On 17/05/2019 01:12, AKASHI Takahiro wrote:
> [...]
> > In fact, I have already imported relevant kernel code into U-Boot
> > and it now works perfectly with my experimental UEFI secure boot patch,
>
> Speaking of which, where can I find the experimental UEFI secure boot
> patches? I've not been able to find any recent postings.
Here's my repository:
https://git.linaro.org/people/takahiro.akashi/u-boot.git efi/secboot
But it's quite old and not ready for public review, yet it works in some way.
Since then, I've done
- implementing image authentication as close to EDK2's semantics as possible,
including timestamp-based revocation
- improving portability of linux-kernel-based pkcs7/x509 parsers
- reworking the code in general for better maintainability
- adding initial automated testing of image/variable authentication
based on pytest framework
On the other hand, Sughosh and Pipat are working on integrating
StMM-based UEFI variables/secure storage into U-Boot.
As far as my part is concerned, my plan is that I will focus on developing
more test cases and verifying the authentication code. Once I have some good
confidence, I'd like to submit the patch set.
It will be around the next Connect, I guess?
Thanks,
-Takahiro Akashi
> Thanks,
> g.
More information about the U-Boot
mailing list