projects / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 52300d6) | patch
MA-15142 Support secure attestation provision
authorHaoran.Wang <elven.wang@nxp.com>
Tue, 16 Jul 2019 05:12:15 +0000 (13:12 +0800)
committerJi Luo <ji.luo@nxp.com>
Thu, 25 Jul 2019 09:05:59 +0000 (17:05 +0800)
commit58965915dd69050429142d3d180c75e98ad14788
treed2ec9894d7663cf5ad01ce7ffc1a733bfabd1f76tree | snapshot
parent52300d644a275dfa4fe73ecb51601a8efaff8ab7commit | diff
MA-15142 Support secure attestation provision

In host end, need encrypt the attestation keys and certs
by manufacture protection public key though  AES-128-ECB.
Then use below 4 set of commands to provision encrypted
RSA attestation and EC attestation:
  * $fastboot stage atte_rsa_key.bin
  * $fastboot oem set-rsa-atte-key-enc
  * $fastboot stage atte_rsa_cert.bin
  * $fastboot oem append-rsa-atte-cert-enc
  * $fastboot stage atte_ec_key.bin
  * $fastboot oem set-ec-atte-key-enc
  * $fastboot stage atte_ec_cert.bin
  * $fastboot oem append-ec-atte-cert-enc

Change-Id: I8a7c64004a17f7dde89f28c3123a2e2b1a6d3346
Signed-off-by: Haoran.Wang <elven.wang@nxp.com>
drivers/fastboot/fb_fsl/fb_fsl_command.c diff | blob | history
include/fb_fsl.h diff | blob | history
include/interface/keymaster/keymaster.h diff | blob | history
lib/trusty/ql-tipc/keymaster.c diff | blob | history