U-Boot FIT Signature Verification
Heinrich Schuchardt
xypron.glpk at gmx.de
Wed Sep 16 01:19:03 CEST 2020
On 9/11/20 7:26 PM, Andrii Voloshyn wrote:
> Hi there,
>
> Does U-boot take into account certificate expiration date when verifying signed images in FIT? In other words, is date stored along with the public key in DTB file?
>
> Cheers,
> Andy
>
Hello Philippe,
looking at padding_pkcs_15_verify() in lib/rsa/rsa-verify.c I cannot
find a comparison of the date on which an image was signed with the
expiry date of the certificate. Shouldn't there be a check? Or did I
simply look into the wrong function?
Best regards
Heinrich
More information about the U-Boot
mailing list