Home
last modified time | relevance | path

Searched refs:certificates (Results 1 – 24 of 24) sorted by relevance

/trusted-firmware-a-3.7.0/docs/design/
Dtrusted-board-boot.rst29 The remaining components in the CoT are either certificates or boot loader
30 images. The certificates follow the `X.509 v3`_ standard. This standard
31 enables adding custom extensions to the certificates, which are used to store
34 In the TBB CoT all certificates are self-signed. There is no need for a
37 extensions. To sign the certificates, different signature schemes are available,
40 The certificates are categorised as "Key" and "Content" certificates. Key
41 certificates are used to verify public keys which have been used to sign content
42 certificates. Content certificates are used to store the hash of a boot loader
47 extension fields in the `X.509 v3`_ certificates.
58 The private part is used to sign the key certificates corresponding to the
[all …]
Dtrusted-board-boot-build.rst80 FIP will include the certificates corresponding to the selected Chain of
81 Trust. These certificates can also be found in the output build directory.
116 Both the FIP and FWU_FIP will include the certificates corresponding to the
117 selected Chain of Trust. These certificates can also be found in the output
Dauth-framework.rst15 X.509v3 certificates to ferry Subject Public Keys, hashes and non-volatile
299 x509v3 certificates, signed ELF files or any other platform specific format).
414 PKI certificates (authentication images). It is expected that open source
678 The TBBR specifies the additional certificates that must accompany these images
683 identifiers for all the images and certificates that will be loaded during the
709 (i.e. the BL2 and Trusted Key certificates are signed with the ROT private
746 extracted from the certificates. In the case of the TBBR CoT, these parameters
/trusted-firmware-a-3.7.0/docs/components/
Dcot-binding.rst44 In other words, certificates which are validated
59 This property is required for all non-root certificates.
61 This property is not required for root-certificates
62 as root-certificates are validated using root of trust
72 non-root certificates which are authenticated using public-key
75 This property is not required for root-certificates
76 as root-certificates are validated using root of trust
84 This property is used by all certificates which are
330 which are currently specific to X.509 certificates for e.g. Object IDs.
Dfirmware-update.rst177 authentication). Secure world certificates and non-AP images are examples
/trusted-firmware-a-3.7.0/plat/nxp/common/fip_handler/fuse_fip/
Dfuse.mk60 …$(error Error: Trusted Board Boot with X509 certificates not supported with FUSE_PROG build option)
/trusted-firmware-a-3.7.0/docs/plat/nxp/
Dnxp-ls-tbbr.rst42 Option 1: CoT using X 509 certificates
57 - SAVE_KEYS=1 saves the keys and certificates, if GENERATE_COT=1.
63 - ROTPK for x.509 certificates is generated and embedded in bl2.bin and
/trusted-firmware-a-3.7.0/plat/socionext/uniphier/
Dplatform.mk107 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/socionext/synquacer/
Dplatform.mk73 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/nxp/common/tbbr/
Dtbbr.mk132 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/imx/imx7/common/
Dimx7.mk78 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/docs/plat/arm/
Darm-build-options.rst56 to sign the BL2 and Trusted Key certificates. Available options for
65 when creating the certificates.
70 ``ROT_KEY`` when creating the certificates.
/trusted-firmware-a-3.7.0/plat/rpi/rpi3/
Dplatform.mk212 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/imx/imx8m/imx8mp/
Dplatform.mk130 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/hisilicon/hikey/
Dplatform.mk154 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/qemu/qemu/
Dplatform.mk79 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/hisilicon/hikey960/
Dplatform.mk147 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/plat/imx/imx8m/imx8mm/
Dplatform.mk133 certificates: $(ROT_KEY)
/trusted-firmware-a-3.7.0/docs/security_advisories/
Dsecurity-advisory-tfv-10.rst41 parse boot certificates in TF-A trusted boot: it is possible for a crafted
/trusted-firmware-a-3.7.0/docs/plat/
Dwarp7.rst78 BL33=fiptool_images/u-boot.bin certificates all
/trusted-firmware-a-3.7.0/docs/getting_started/
Dbuild-options.rst548 tool to create certificates as per the Chain of Trust described in
550 include the certificates in the FIP and FWU_FIP. Default value is '0'.
554 the corresponding certificates, and to include those certificates in the
559 include the corresponding certificates. This FIP can be used to verify the
564 will not include the corresponding certificates, causing a boot failure.
885 and verify the certificates and images in a FIP, and BL1 includes support
887 of certificates in the FIP and FWU_FIP depends upon the value of the
/trusted-firmware-a-3.7.0/
DMakefile830 FIP_DEPS += certificates
1673 certificates: ${CRT_DEPS} ${CRTTOOL} target
/trusted-firmware-a-3.7.0/docs/
Dchange-log.md1590 …- only accept v3 X.509 certificates ([e9e4a2a](https://review.trustedfirmware.org/plugins/gitiles/…
1593 …- reject junk after certificates ([ca34dbc](https://review.trustedfirmware.org/plugins/gitiles/TF-…
5474 - Added support for platform-defined certificates, keys, and extensions
5711 - Create only requested certificates
5820 certificates
5851 - Added support for platform certificates
7808 verification will also get faster because certificates are generated based on
8439 the PolarSSL SSL library to verify certificates and images. The OpenSSL
8440 library is used to create the X.509 certificates. Support has been added to
8441 `fip_create` tool to package the certificates in a FIP.
Dporting-guide.rst622 - Include the NPU firmware and certificates in the FIP.
625 and certificates.