mirror of
https://git.codelinaro.org/clo/qsdk/oss/boot/u-boot-2016.git
synced 2026-02-12 19:10:14 +01:00
c5de15cbc8
Freescale's SEC block has built-in Blob Protocol which provides
a method for protecting user-defined data across system power
cycles. SEC block protects data in a data structure called a Blob,
which provides both confidentiality and integrity protection.
Encapsulating data as a blob
Each time that the Blob Protocol is used to protect data, a
different randomly generated key is used to encrypt the data.
This random key is itself encrypted using a key which is derived
from SoC's non volatile secret key and a 16 bit Key identifier.
The resulting encrypted key along with encrypted data is called a blob.
The non volatile secure key is available for use only during secure boot.
During decapsulation, the reverse process is performed to get back
the original data.
Commands added
--------------
blob enc - encapsulating data as a cryptgraphic blob
blob dec - decapsulating cryptgraphic blob to get the data
Commands Syntax
---------------
blob enc src dst len km
Encapsulate and create blob of data $len bytes long
at address $src and store the result at address $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
blob dec src dst len km
Decapsulate the blob of data at address $src and
store result of $len byte at addr $dst.
$km is the 16 byte key modifier is also required for
generation/use as key for cryptographic operation. Key
modifier should be 16 byte long.
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
Reviewed-by: York Sun <yorksun@freescale.com>
|
||
|---|---|---|
| .. | ||
| bios_emulator | ||
| block | ||
| bootcount | ||
| core | ||
| crypto | ||
| ddr/fsl | ||
| demo | ||
| dfu | ||
| dma | ||
| fpga | ||
| gpio | ||
| hwmon | ||
| i2c | ||
| input | ||
| memory | ||
| misc | ||
| mmc | ||
| mtd | ||
| net | ||
| pci | ||
| pcmcia | ||
| power | ||
| pwm | ||
| qe | ||
| rtc | ||
| serial | ||
| sound | ||
| spi | ||
| tpm | ||
| twserial | ||
| usb | ||
| video | ||
| watchdog | ||
| Kconfig | ||
| Makefile | ||