1. 15 May, 2015 1 commit
  2. 08 Apr, 2015 1 commit
  3. 02 Mar, 2015 1 commit
    • Raul Cardenas's avatar
      imx6: Added DEK blob generator command · 0200020b
      Raul Cardenas authored
      Freescale's SEC block has built-in Data Encryption
      Key(DEK) Blob Protocol which provides a method for
      protecting a DEK for non-secure memory storage.
      SEC block protects data in a data structure called
      a Secret Key Blob, which provides both confidentiality
      and integrity protection.
      Every time the blob encapsulation is executed,
      a AES-256 key is randomly generated to encrypt the DEK.
      This key is encrypted with the OTP Secret key
      from SoC. The resulting blob consists of the encrypted
      AES-256 key, the encrypted DEK, and a 16-bit MAC.
      During decapsulation, the reverse process is performed
      to get back the original DEK. A caveat to the blob
      decapsulation process,  is that the DEK is decrypted
      in secure-memory and can only be read by FSL SEC HW.
      The DEK is used to decrypt data during encrypted boot.
      Commands added
        dek_blob - encapsulating DEK as a cryptgraphic blob
      Commands Syntax
        dek_blob src dst len
          Encapsulate and create blob of a len-bits DEK at
          address src and store the result at address dst.
      Signed-off-by: default avatarRaul Cardenas <Ulises.Cardenas@freescale.com>
      Signed-off-by: default avatarNitin Garg <nitin.garg@freescale.com>
      Signed-off-by: default avatarUlises Cardenas <ulises.cardenas@freescale.com>
      Signed-off-by: default avatarUlises Cardenas-B45798 <Ulises.Cardenas@freescale.com>
  4. 14 Oct, 2013 1 commit
  5. 31 Aug, 2013 1 commit
    • Stefano Babic's avatar
      tools: add support for setting the CSF into imximage · 0187c985
      Stefano Babic authored
      Add support for setting the CSF (Command Sequence File) pointer
      which is used for HAB (High Assurance Boot) in the imximage by
      adding e.g.
      CSF 0x2000
      in the imximage.cfg file.
      This will set the CSF pointer accordingly just after the padded
      data image area. The boot_data.length is adjusted with the
      value from the imximage.cfg config file.
      The resulting u-boot.imx can be signed with the FSL HAB tooling.
      The generated CSF block needs to be appended to the u-boot.imx.
      Signed-off-by: default avatarStefano Babic <sbabic@denx.de>