| #
02ebe6f7 |
| 05-Mar-2015 |
Tom Rini <trini@konsulko.com> |
Merge branch 'master' of git://www.denx.de/git/u-boot-imx
|
| #
0200020b |
| 27-Feb-2015 |
Raul Cardenas <Ulises.Cardenas@freescale.com> |
imx6: Added DEK blob generator command
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block
imx6: Added DEK blob generator command
Freescale's SEC block has built-in Data Encryption
Key(DEK) Blob Protocol which provides a method for
protecting a DEK for non-secure memory storage.
SEC block protects data in a data structure called
a Secret Key Blob, which provides both confidentiality
and integrity protection.
Every time the blob encapsulation is executed,
a AES-256 key is randomly generated to encrypt the DEK.
This key is encrypted with the OTP Secret key
from SoC. The resulting blob consists of the encrypted
AES-256 key, the encrypted DEK, and a 16-bit MAC.
During decapsulation, the reverse process is performed
to get back the original DEK. A caveat to the blob
decapsulation process, is that the DEK is decrypted
in secure-memory and can only be read by FSL SEC HW.
The DEK is used to decrypt data during encrypted boot.
Commands added
--------------
dek_blob - encapsulating DEK as a cryptgraphic blob
Commands Syntax
---------------
dek_blob src dst len
Encapsulate and create blob of a len-bits DEK at
address src and store the result at address dst.
Signed-off-by: Raul Cardenas <Ulises.Cardenas@freescale.com>
Signed-off-by: Nitin Garg <nitin.garg@freescale.com>
Signed-off-by: Ulises Cardenas <ulises.cardenas@freescale.com>
Signed-off-by: Ulises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
show more ...
|
| #
e1cc4d31 |
| 24-Feb-2015 |
Albert ARIBAUD <albert.u.boot@aribaud.net> |
Merge remote-tracking branch 'u-boot/master' into 'u-boot-arm/master'
|
| #
e72d3443 |
| 13-Feb-2015 |
Stefano Babic <sbabic@denx.de> |
Merge branch 'master' of git://git.denx.de/u-boot
|
| #
8e3da9dd |
| 30-Jan-2015 |
Tom Rini <trini@ti.com> |
Merge branch 'master' of git://git.denx.de/u-boot-dm
|
| #
34276478 |
| 23-Jan-2015 |
Ruchika Gupta <ruchika.gupta@freescale.com> |
DM: crypto/fsl - Add Freescale rsa DM driver
Driver added for RSA Modular Exponentiation using Freescale Hardware
Accelerator CAAM. The driver uses UCLASS_MOD_EXP
Signed-off-by: Ruchika Gupta <ruch
DM: crypto/fsl - Add Freescale rsa DM driver
Driver added for RSA Modular Exponentiation using Freescale Hardware
Accelerator CAAM. The driver uses UCLASS_MOD_EXP
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
show more ...
|
| #
a84c8107 |
| 20-Oct-2014 |
Tom Rini <trini@ti.com> |
Merge branch 'master' of git://git.denx.de/u-boot-fsl-qoriq
|
| #
c5de15cb |
| 07-Oct-2014 |
Ruchika Gupta <ruchika.gupta@freescale.com> |
crypto/fsl: Add command for encapsulating/decapsulating blobs
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SE
crypto/fsl: Add command for encapsulating/decapsulating blobs
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.
Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.
During decapsulation, the reverse process is performed to get back
the original data.
Commands added
--------------
blob enc - encapsulating data as a cryptgraphic blob
blob dec - decapsulating cryptgraphic blob to get the data
Commands Syntax
---------------
blob enc src dst len km
Encapsulate and create blob of data $len bytes long
at address $src and store the result at address $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
blob dec src dst len km
Decapsulate the blob of data at address $src and
store result of $len byte at addr $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
show more ...
|
| #
b9eebfad |
| 15-Oct-2014 |
Ruchika Gupta <ruchika.gupta@freescale.com> |
fsl_sec: Add hardware accelerated SHA256 and SHA1
SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
The platform
fsl_sec: Add hardware accelerated SHA256 and SHA1
SHA-256 and SHA-1 accelerated using SEC hardware in Freescale SoC's
The driver for SEC (CAAM) IP is based on linux drivers/crypto/caam.
The platforms needto add the MACRO CONFIG_FSL_CAAM inorder to
enable initialization of this hardware IP.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
show more ...
|