Lines Matching refs:key
15 A key point is that it is possible to field-upgrade the software on machines
25 Images are signed using a private key known only to the signer, but can
26 be verified using a public key. As its name suggests the public key can be
29 works look up "public key cryptography" and "RSA" (a particular algorithm).
38 | RSA key pair | * +---------------+
39 | .key .crt | * | Public key in |
40 +--------------+ +------> public key ----->| trusted place |
58 The signature algorithm relies only on the public key to do its work. Using
59 this key it checks the signature that it finds in the image. If it verifies
62 The public key from the signer allows us to verify and therefore trust
65 It is critical that the public key be secure and cannot be tampered with.
67 crypto provided by some modern SOCs. If the public key can be changed, then
76 1. Master private key is used by the signer to sign a first-stage image.
77 2. Master public key is placed in read-only memory.
78 2. Secondary private key is created and used to sign second-stage images.
79 3. Secondary public key is placed in first stage images
80 4. We use the master public key to verify the first-stage image. We then
81 use the secondary public key in the first-stage image to verify the second-
84 different key at each stage, so that a compromise in one place will not
95 The public key can be stored in U-Boot's CONFIG_OF_CONTROL device tree in
97 public key. Multiple keys and multiple signatures are supported.