projects / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7320c7c) | patch
MA-15142 Support secure attestation provision
authorHaoran.Wang <elven.wang@nxp.com>
Tue, 16 Jul 2019 05:12:15 +0000 (13:12 +0800)
committerJi Luo <ji.luo@nxp.com>
Thu, 13 May 2021 01:49:17 +0000 (09:49 +0800)
commit55669422dc8e2094f95d92075b69fc2f0a3b409c
tree15b94294c3df5e55d29cce647e4767843d02e0d8tree | snapshot
parent7320c7c0efacfb7706e85bfe82d11ac6c2e5b61fcommit | diff
MA-15142 Support secure attestation provision

In host end, need encrypt the attestation keys and certs
by manufacture protection public key though  AES-128-ECB.
Then use below 4 set of commands to provision encrypted
RSA attestation and EC attestation:
  * $fastboot stage atte_rsa_key.bin
  * $fastboot oem set-rsa-atte-key-enc
  * $fastboot stage atte_rsa_cert.bin
  * $fastboot oem append-rsa-atte-cert-enc
  * $fastboot stage atte_ec_key.bin
  * $fastboot oem set-ec-atte-key-enc
  * $fastboot stage atte_ec_cert.bin
  * $fastboot oem append-ec-atte-cert-enc

Change-Id: I8a7c64004a17f7dde89f28c3123a2e2b1a6d3346
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
(cherry picked from commit 58965915dd69050429142d3d180c75e98ad14788)
drivers/fastboot/fb_fsl/fb_fsl_command.c diff | blob | history
include/fb_fsl.h diff | blob | history
include/interface/keymaster/keymaster.h diff | blob | history
lib/trusty/ql-tipc/keymaster.c diff | blob | history