Home
last modified time | relevance | path

Searched refs:key (Results 1 – 25 of 101) sorted by relevance

12345

/rk3399_ARM-atf/tools/cert_create/src/
H A Dkey.c37 int key_new(cert_key_t *key) in key_new() argument
40 key->key = EVP_PKEY_new(); in key_new()
41 if (key->key == NULL) { in key_new()
49 static int key_create_rsa(cert_key_t *key, int key_bits) in key_create_rsa() argument
57 key->key = rsa; in key_create_rsa()
85 if (!EVP_PKEY_assign_RSA(key->key, rsa)) { in key_create_rsa()
103 static int key_create_ecdsa(cert_key_t *key, int key_bits, const char *curve) in key_create_ecdsa() argument
111 key->key = ec; in key_create_ecdsa()
115 static int key_create_ecdsa_nist(cert_key_t *key, int key_bits) in key_create_ecdsa_nist() argument
118 return key_create_ecdsa(key, key_bits, "secp384r1"); in key_create_ecdsa_nist()
[all …]
H A Dmain.c173 cert_key_t *key; in check_cmd_params() local
227 key = &keys[ext->attr.key]; in check_cmd_params()
228 if (!new_keys && key->fn == NULL) { in check_cmd_params()
230 "specified\n", key->desc, in check_cmd_params()
298 cert_key_t *key; in main() local
394 key = key_get_by_opt(cur_opt); in main()
395 key->fn = strdup(optarg); in main()
536 EXT_CRIT, keys[ext->attr.key].key)); in main()
/rk3399_ARM-atf/make_helpers/tbbr/
H A Dtbbr_tools.mk58 $(eval $(call TOOL_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert))
62 $(eval $(call TOOL_ADD_PAYLOAD,${BUILD_PLAT}/plat-key.crt,--plat-key-cert))
73 $(if ${KEY_ALG},$(eval $(call CERT_ADD_CMD_OPT,${KEY_ALG},--key-alg)))
74 $(if ${KEY_ALG},$(eval $(call CERT_ADD_CMD_OPT,${KEY_ALG},--key-alg,FWU_)))
75 $(if ${KEY_ALG},$(eval $(call CERT_ADD_CMD_OPT,${KEY_ALG},--key-alg,BL2_)))
76 $(if ${KEY_SIZE},$(eval $(call CERT_ADD_CMD_OPT,${KEY_SIZE},--key-size)))
77 $(if ${KEY_SIZE},$(eval $(call CERT_ADD_CMD_OPT,${KEY_SIZE},--key-size,FWU_)))
78 $(if ${KEY_SIZE},$(eval $(call CERT_ADD_CMD_OPT,${KEY_SIZE},--key-size,BL2_)))
82 $(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key)))
83 $(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key,FWU_)))
[all …]
/rk3399_ARM-atf/plat/rockchip/rk3399/drivers/dp/
H A Dcdn_dp.c28 static struct cdn_dp_hdcp_key_1x key; variable
30 int hdcp_handler(struct cdn_dp_hdcp_key_1x *key);
36 memset(&key, 0x00, sizeof(key)); in dp_hdcp_ctrl()
37 hdcp_key_pdata = (uint64_t *)&key; in dp_hdcp_ctrl()
40 if (hdcp_key_pdata == (uint64_t *)(&key + 1)) in dp_hdcp_ctrl()
41 return hdcp_handler(&key); in dp_hdcp_ctrl()
57 if (hdcp_key_pdata < (uint64_t *)&key || in dp_hdcp_store_key()
58 hdcp_key_pdata + 6 > (uint64_t *)(&key + 1)) in dp_hdcp_store_key()
/rk3399_ARM-atf/tools/marvell/doimage/secure/
H A Dsec_img_8K.cfg3 kak_key_file = "tools/doimage/secure/kak_priv_pem.key";
6 # Only a key with csk_key_index will be used for signing the image
7 # use "*" string instead of file name for specifying an empty key
8 csk_key_file = ["tools/doimage/secure/csk_priv_pem0.key",
9 "tools/doimage/secure/csk_priv_pem1.key",
10 "tools/doimage/secure/csk_priv_pem2.key",
11 "tools/doimage/secure/csk_priv_pem3.key",
14 # index of CSK key in the array. Valid range is 0 to 15
17 # AES-256 symmetric key for image encryption
H A Dsec_img_7K.cfg3 kak_key_file = "tools/doimage/secure/kak_priv_pem.key";
6 # Only a key with csk_key_index will be used for signing the image
7 # use "*" string instead of file name for specifying an empty key
8 csk_key_file = ["tools/doimage/secure/csk_priv_pem0.key",
9 "tools/doimage/secure/csk_priv_pem1.key",
10 "tools/doimage/secure/csk_priv_pem2.key",
11 "tools/doimage/secure/csk_priv_pem3.key",
14 # index of CSK key in the array. Valid range is 0 to 15
17 # AES-256 symmetric key for image encryption
/rk3399_ARM-atf/tools/cert_create/src/tbbr/
H A Dtbb_cert.c25 .key = ROT_KEY,
42 .key = ROT_KEY,
57 .key = TRUSTED_WORLD_KEY,
71 .key = SCP_FW_CONTENT_CERT_KEY,
85 .key = TRUSTED_WORLD_KEY,
99 .key = SOC_FW_CONTENT_CERT_KEY,
114 .key = TRUSTED_WORLD_KEY,
128 .key = TRUSTED_OS_FW_CONTENT_CERT_KEY,
145 .key = NON_TRUSTED_WORLD_KEY,
159 .key = NON_TRUSTED_FW_CONTENT_CERT_KEY,
[all …]
/rk3399_ARM-atf/plat/nxp/soc-lx2160a/
H A Dddr_tbbr.mk42 $(info Generating: Trusted key certificate as part of DDR cert creation)
44 $(eval $(call TOOL_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert,))
45 $(eval $(call TOOL_ADD_PAYLOAD,${TRUSTED_KEY_CERT},--trusted-key-cert,,DDR_))
47 $(info Using: Trusted key certificate as part of DDR cert creation)
48 DDR_FIP_ARGS += --trusted-key-cert ${TRUSTED_KEY_CERT}
54 $(if ${KEY_ALG},$(eval $(call CERT_ADD_CMD_OPT,${KEY_ALG},--key-alg,DDR_)))
55 $(if ${KEY_SIZE},$(eval $(call CERT_ADD_CMD_OPT,${KEY_SIZE},--key-size,DDR_)))
57 $(if ${ROT_KEY},$(eval $(call CERT_ADD_CMD_OPT,${ROT_KEY},--rot-key,DDR_)))
58 $(if ${TRUSTED_WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${TRUSTED_WORLD_KEY},--trusted-world-key,D…
59 …WORLD_KEY},$(eval $(call CERT_ADD_CMD_OPT,${NON_TRUSTED_WORLD_KEY},--non-trusted-world-key, DDR_)))
[all …]
/rk3399_ARM-atf/tools/cert_create/include/
H A Dkey.h67 EVP_PKEY *key; /* Key container */ member
74 int key_new(cert_key_t *key);
76 int key_create(cert_key_t *key, int type, int key_bits);
77 unsigned int key_load(cert_key_t *key);
78 int key_store(cert_key_t *key);
/rk3399_ARM-atf/tools/cert_create/src/dualroot/
H A Dcot.c27 .key = ROT_KEY,
44 .key = ROT_KEY,
58 .key = TRUSTED_WORLD_KEY,
72 .key = SCP_FW_CONTENT_CERT_KEY,
86 .key = TRUSTED_WORLD_KEY,
100 .key = SOC_FW_CONTENT_CERT_KEY,
115 .key = TRUSTED_WORLD_KEY,
129 .key = TRUSTED_OS_FW_CONTENT_CERT_KEY,
147 .key = TRUSTED_WORLD_KEY,
165 .key = PROT_KEY,
[all …]
/rk3399_ARM-atf/docs/design/
H A Dtrusted-board-boot.rst27 - The key provisioning scheme: which keys need to programmed into the device
30 - The key ownership model: who owns which key.
44 trusted root-key storage registers. Alternatively, a development ROTPK might
81 vendor owns the ROTPK, the Trusted key and the Non-Trusted Key. Thus, this vendor
86 - **Root of trust key**
88 The private part of this key is used to sign the trusted boot firmware
89 certificate and the trusted key certificate. The public part is the ROTPK.
91 - **Trusted world key**
93 The private part is used to sign the key certificates corresponding to the
95 one of the extension fields in the trusted key certificate.
[all …]
H A Dtrusted-board-boot-build.rst50 root-key storage registers present in the platform. On Juno, these
55 key hash, whose private part is not currently available.
58 RSA public key corresponding to the private key specified by
59 ``ROT_KEY``. If ``ROT_KEY`` is not specified, the private key is
60 the development key ``plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem``.
66 ECDSA public key corresponding to the private key specified by
67 ``ROT_KEY``. If ``ROT_KEY`` is not specified, the private key is
68 the development key ``plat/arm/board/common/rotpk/arm_rotprivk_ecdsa.pem`` by default,
69 a 384 bit key ``plat/arm/board/common/rotpk/arm_rotprivk_ecdsa_secp384r1.pem`` also exists,
74 RSA public key corresponding to the private key specified by ``ROT_KEY``.
[all …]
/rk3399_ARM-atf/drivers/nxp/auth/csf_hdr_parser/
H A Dinput_bl2_ch221 # The number of files and key select should lie between 1 and 4 for 1040 and C290.
22 # For rest of the platforms only one key is required and key select should not be provided.
27 # PRI_KEY (Default private key :srk.pri) - [Optional]
29 # PUB_KEY (Default public key :srk.pub) - [Optional]
67 # Specify the signature size.It is mandatory when neither public key nor private key is specified.
68 # Signature size would be [0x80 for 1k key, 0x100 for 2k key, and 0x200 for 4k key].
H A Dcsf_hdr_parser.c209 static int32_t get_key(struct csf_hdr *hdr, uint8_t **key, uint32_t *len, in get_key() argument
282 *key = (uint8_t *)&(srktbl[key_num - 1].pkey); in get_key()
305 uint8_t *key; in validate_esbc_header() local
314 ret = get_key(hdr, &key, &klen, algo); in validate_esbc_header()
335 if ((key[0] & 0x80) == 0U) { in validate_esbc_header()
341 if ((key[klen / 2 - 1] & 0x1) == 0U) { in validate_esbc_header()
349 if (!(memcmp(s, key, hdr->sign_len) < 0)) { in validate_esbc_header()
360 *img_key = (uint8_t *)key; in validate_esbc_header()
/rk3399_ARM-atf/docs/resources/diagrams/plantuml/
H A Drse_attestation_flow.puml20 Rnote over DelegAttest: Compute input\n\ for key derivation\n\ (hash of measurements)
22 Rnote over DelegAttest: Compute public key\n\ hash with **hash_algo**.
26 Rnote over RMM: Only private key\n\ is returned. Public\n\ key and its hash\n\ must be computed.\n\
27 Public key is included\n\ in the realm token.\n\ Its hash is the input\n\ for get_platform_token
30 Rnote over DelegAttest: Check **pub_key_hash**\n\ against derived key.
/rk3399_ARM-atf/tools/cert_create/src/cca/
H A Dcot.c27 .key = ROT_KEY,
47 .key = SWD_ROT_KEY,
62 .key = CORE_SWD_KEY,
77 .key = CORE_SWD_KEY,
94 .key = PROT_KEY,
109 .key = PLAT_KEY,
126 .key = PLAT_KEY,
213 .attr.key = SWD_ROT_KEY
222 .attr.key = CORE_SWD_KEY
324 .attr.key = PROT_KEY
[all …]
/rk3399_ARM-atf/plat/arm/board/common/protpk/
H A DREADME2 root-of-trust key.
4 * arm_protprivk_rsa.pem is a 2K RSA private key in PEM format. It has been
9 * arm_protprivk_ecdsa.pem is a P-256 ECSA private key in PEM format. It has been
14 * arm_protprivk_ecdsa_secp384r1.pem is a P-384 ECSA private key in PEM format. It has been
/rk3399_ARM-atf/docs/components/
H A Dcot-binding.rst45 using root of trust public key.
63 public key provided by platform.
67 - signing-key
71 public key node present in parent certificate node and it is
73 authenticated using public-key present in parent certificate.
78 validating using a different ROTPK, the signing-key property
99 Hash and public key information present in the certificate
102 - public key node
103 Description: Provide public key information in the certificate.
110 This property provides the Object ID of public key
[all …]
/rk3399_ARM-atf/plat/arm/board/common/swd_rotpk/
H A DREADME2 root-of-trust key used in the CCA chain of trust.
4 * swd_rotprivk_rsa.pem is a 2K RSA private key in PEM format. It has been
9 * arm_swd_rotprivk_ecdsa.pem is a P-256 ECSA private key in PEM format. It has been
14 * arm_swd_rotprivk_ecdsa_secp384r1.pem is a P-384 ECSA private key in PEM format. It has been
/rk3399_ARM-atf/plat/nxp/soc-lx2160a/lx2162aqds/cert_create_helper/src/
H A Dpdef_tbb_cert.c18 .key = TRUSTED_WORLD_KEY,
32 .key = DDR_FW_CONTENT_KEY,
49 .key = DDR_FW_CONTENT_KEY,
/rk3399_ARM-atf/include/drivers/arm/
H A Dethosn_cert.h21 .key = NON_TRUSTED_WORLD_KEY, \
36 .key = ETHOSN_NPU_FW_CONTENT_CERT_KEY, \
53 .attr.key = ETHOSN_NPU_FW_CONTENT_CERT_KEY \
/rk3399_ARM-atf/fdts/
H A Ddualroot_cot_descriptors.dts47 signing-key = <&trusted_world_pk>;
58 signing-key = <&scp_fw_content_pk>;
69 signing-key = <&trusted_world_pk>;
79 signing-key = <&soc_fw_content_pk>;
93 signing-key = <&trusted_world_pk>;
104 signing-key = <&tos_fw_content_pk>;
124 signing-key = <&prot_pk>;
139 signing-key = <&trusted_world_pk>;
159 signing-key = <&prot_pk>;
H A Dtbbr_cot_descriptors.dts55 signing-key = <&trusted_world_pk>;
66 signing-key = <&scp_fw_content_pk>;
77 signing-key = <&trusted_world_pk>;
87 signing-key = <&soc_fw_content_pk>;
101 signing-key = <&trusted_world_pk>;
112 signing-key = <&tos_fw_content_pk>;
132 signing-key = <&non_trusted_world_pk>;
143 signing-key = <&nt_fw_content_pk>;
158 signing-key = <&trusted_world_pk>;
/rk3399_ARM-atf/docs/plat/
H A Dwarp7.rst90 tools/cert_create/cert_create -n --rot-key "build/warp7/debug/rot_key.pem" \
93 --trusted-key-cert fiptool_images/trusted-key-cert.key-crt \
95 --tb-fw-cert fiptool_images/trusted-boot-fw.key-crt\
98 --tos-fw-key-cert fiptool_images/tee-header_v2.bin.key-crt \
103 --nt-fw-key-cert fiptool_images/u-boot.bin.key-crt \
112 --tos-fw-key-cert fiptool_images/tee-header_v2.bin.key-crt \
114 --nt-fw-key-cert fiptool_images/u-boot.bin.key-crt \
115 --trusted-key-cert fiptool_images/trusted-key-cert.key-crt \
116 --tb-fw-cert fiptool_images/trusted-boot-fw.key-crt warp7.fip
/rk3399_ARM-atf/drivers/renesas/common/rom/
H A Drom_api.c14 typedef uint32_t(*rom_secure_boot_api_f) (uint32_t key, uint32_t cert,
71 uint32_t rcar_rom_secure_boot_api(uint32_t key, uint32_t cert, in rcar_rom_secure_boot_api() argument
87 return secure_boot(key, cert, read_flash); in rcar_rom_secure_boot_api()

12345