Home
last modified time | relevance | path

Searched refs:certificates (Results 1 – 22 of 22) sorted by relevance

/trusted-firmware-a-3.4.0/docs/design/
Dtrusted-board-boot.rst29 The remaining components in the CoT are either certificates or boot loader
30 images. The certificates follow the `X.509 v3`_ standard. This standard
31 enables adding custom extensions to the certificates, which are used to store
34 In the TBB CoT all certificates are self-signed. There is no need for a
37 extensions. To sign the certificates, different signature schemes are available,
40 The certificates are categorised as "Key" and "Content" certificates. Key
41 certificates are used to verify public keys which have been used to sign content
42 certificates. Content certificates are used to store the hash of a boot loader
47 extension fields in the `X.509 v3`_ certificates.
58 The private part is used to sign the key certificates corresponding to the
[all …]
Dtrusted-board-boot-build.rst70 FIP will include the certificates corresponding to the selected Chain of
71 Trust. These certificates can also be found in the output build directory.
106 Both the FIP and FWU_FIP will include the certificates corresponding to the
107 selected Chain of Trust. These certificates can also be found in the output
Dauth-framework.rst15 X.509v3 certificates to ferry Subject Public Keys, hashes and non-volatile
261 x509v3 certificates, signed ELF files or any other platform specific format).
376 PKI certificates (authentication images). It is expected that open source
640 The TBBR specifies the additional certificates that must accompany these images
645 identifiers for all the images and certificates that will be loaded during the
671 (i.e. the BL2 and Trusted Key certificates are signed with the ROT private
708 extracted from the certificates. In the case of the TBBR CoT, these parameters
/trusted-firmware-a-3.4.0/docs/components/
Dcot-binding.rst44 In other words, certificates which are validated
59 This property is required for all non-root certificates.
61 This property is not required for root-certificates
62 as root-certificates are validated using root of trust
72 non-root certificates which are authenticated using public-key
75 This property is not required for root-certificates
76 as root-certificates are validated using root of trust
84 This property is used by all certificates which are
330 which are currently specific to X.509 certificates for e.g. Object IDs.
Dfirmware-update.rst81 authentication). Secure world certificates and non-AP images are examples
/trusted-firmware-a-3.4.0/plat/nxp/common/fip_handler/fuse_fip/
Dfuse.mk61 …$(error Error: Trusted Board Boot with X509 certificates not supported with FUSE_PROG build option)
/trusted-firmware-a-3.4.0/docs/plat/nxp/
Dnxp-ls-tbbr.rst42 Option 1: CoT using X 509 certificates
57 - SAVE_KEYS=1 saves the keys and certificates, if GENERATE_COT=1.
63 - ROTPK for x.509 certificates is generated and embedded in bl2.bin and
/trusted-firmware-a-3.4.0/plat/socionext/synquacer/
Dplatform.mk73 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/socionext/uniphier/
Dplatform.mk107 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/nxp/common/tbbr/
Dtbbr.mk132 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/imx/imx7/common/
Dimx7.mk78 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/docs/plat/arm/
Darm-build-options.rst56 to sign the BL2 and Trusted Key certificates. Available options for
65 when creating the certificates.
70 ``ROT_KEY`` when creating the certificates.
/trusted-firmware-a-3.4.0/plat/imx/imx8m/imx8mp/
Dplatform.mk127 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/hisilicon/hikey960/
Dplatform.mk146 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/rpi/rpi3/
Dplatform.mk211 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/imx/imx8m/imx8mm/
Dplatform.mk130 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/hisilicon/hikey/
Dplatform.mk154 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/plat/qemu/qemu/
Dplatform.mk87 certificates: $(ROT_KEY)
/trusted-firmware-a-3.4.0/docs/getting_started/
Dbuild-options.rst534 tool to create certificates as per the Chain of Trust described in
536 include the certificates in the FIP and FWU_FIP. Default value is '0'.
540 the corresponding certificates, and to include those certificates in the
545 include the corresponding certificates. This FIP can be used to verify the
550 will not include the corresponding certificates, causing a boot failure.
839 and verify the certificates and images in a FIP, and BL1 includes support
841 of certificates in the FIP and FWU_FIP depends upon the value of the
/trusted-firmware-a-3.4.0/docs/plat/
Dwarp7.rst78 BL33=fiptool_images/u-boot.bin certificates all
/trusted-firmware-a-3.4.0/
DMakefile100 FIP_DEPS += certificates
1443 certificates: ${CRT_DEPS} ${CRTTOOL} target
/trusted-firmware-a-3.4.0/docs/
Dchange-log.md2392 - Added support for platform-defined certificates, keys, and extensions
2629 - Create only requested certificates
2738 certificates
2769 - Added support for platform certificates
4726 verification will also get faster because certificates are generated based on
5357 the PolarSSL SSL library to verify certificates and images. The OpenSSL
5358 library is used to create the X.509 certificates. Support has been added to
5359 `fip_create` tool to package the certificates in a FIP.