sign-configs.its - OpenGrok history log for /rk3399_rockchip-uboot/doc/uImage.FIT/sign-configs.its

Revision		Date	Author	Comments
# 4d098529		13-Jun-2013	Simon Glass <sjg@chromium.org>	image: Add support for signing of FIT configurations While signing images is useful, it does not provide complete protection against several types of attack. For example, it it possible to create a image: Add support for signing of FIT configurations While signing images is useful, it does not provide complete protection against several types of attack. For example, it it possible to create a FIT with the same signed images, but with the configuration changed such that a different one is selected (mix and match attack). It is also possible to substitute a signed image from an older FIT version into a newer FIT (roll-back attack). Add support for signing of FIT configurations using the libfdt's region support. Please see doc/uImage.FIT/signature.txt for more information. Signed-off-by: Simon Glass <sjg@chromium.org> show more ...

Revision

Date

Author

Comments

# 4d098529

13-Jun-2013

Simon Glass <sjg@chromium.org>

image: Add support for signing of FIT configurations

While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a

image: Add support for signing of FIT configurations

While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).

Add support for signing of FIT configurations using the libfdt's region
support.

Please see doc/uImage.FIT/signature.txt for more information.

Signed-off-by: Simon Glass <sjg@chromium.org>