mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-12-30 06:53:09 +00:00
0c2c1c9415
Add HABv4 documentation extension for SPL targets covering the following topics: - How to sign an securely boot an flash.bin container image. - How to extend the root of trust for additional boot images. - Add SPL and fitImage CSF examples. - Add signature generation script example. Signed-off-by: Marek Vasut <marex@denx.de> Cc: Breno Lima <breno.lima@nxp.com> Cc: Fabio Estevam <festevam@denx.de> Cc: Heiko Schocher <hs@denx.de> Cc: Peng Fan <peng.fan@nxp.com> Cc: Stefano Babic <sbabic@denx.de> Cc: Utkarsh Gupta <utkarsh.gupta@nxp.com> Cc: Ye Li <ye.li@nxp.com>
36 lines
936 B
Text
36 lines
936 B
Text
[Header]
|
|
Version = 4.3
|
|
Hash Algorithm = sha256
|
|
Engine = CAAM
|
|
Engine Configuration = 0
|
|
Certificate Format = X509
|
|
Signature Format = CMS
|
|
|
|
[Install SRK]
|
|
# FIXME: Adjust path here
|
|
File = "/path/to/cst-3.3.1/crts/SRK_1_2_3_4_table.bin"
|
|
Source index = 0
|
|
|
|
[Install CSFK]
|
|
# FIXME: Adjust path here
|
|
File = "/path/to/cst-3.3.1/crts/CSF1_1_sha256_4096_65537_v3_usr_crt.pem"
|
|
|
|
[Authenticate CSF]
|
|
|
|
[Install Key]
|
|
Verification index = 0
|
|
Target Index = 2
|
|
# FIXME: Adjust path here
|
|
File = "/path/to/cst-3.3.1/crts/IMG1_1_sha256_4096_65537_v3_usr_crt.pem"
|
|
|
|
[Authenticate Data]
|
|
Verification index = 2
|
|
# FIXME:
|
|
# Line 1 -- fitImage tree
|
|
# Line 2 -- U-Boot u-boot-nodtb.bin blob
|
|
# Line 3 -- ATF BL31 blob
|
|
# Line 4 -- DT blob
|
|
Blocks = 0x401fcdc0 0x57c00 0xffff "flash.bin", \
|
|
0x40200000 0x62c00 0xuuuu "flash.bin", \
|
|
0x920000 0x00000 0xaaaa "flash.bin", \
|
|
0x40200000 0x00000 0xdddd "flash.bin"
|