FIT signature security flay
Sean Anderson
sean.anderson at seco.com
Mon Oct 14 16:23:48 CEST 2024
Hi Lev,
On 10/14/24 04:42, Lev R. Oshvang wrote:
> Hi Sean,
>
> I am looking for help with Uboot FIT signatures problem
>
>
>
> I started to work with FIT image (u-boot 2024) and managed to sign
> kernel and load this image with Uboot using 'required' property in
> signature as :
>
> signature-1 {
>
> algo = "sha1,rsa2048";
>
> key-name-hint = "dev_key";
>
> sign-images="kernel";
>
> required="conf";
>
> {
>
> Iminfo reports"
>
> ## Checking hash(es) for FIT Image at 01000000 ...
>
> Hash(es) for Image 0 (kernel-1): sha256+ sha256,rsa2048:dev_key-
>
>
>
> To test the procedure, I generated another private key and signed
> another kernel with this new key on another Linux host.
>
>
>
>
>
> I expected bootm to fail, but it just happily loads this image!!!
>
> Even an image without a signature but with a valid hash is not
> rejected against my expectations.
>
> In this case iminfo report only hash is OK
Did you embed the public key into your U-Boot devicetree with `mkimage -K` ?
--Sean
More information about the U-Boot
mailing list