| /openbmc/openbmc/poky/meta/classes/ |
| H A D | sign_package_feed.bbclass | 7 # Class for signing package feeds
12 # Path to a file containing the passphrase of the signing key.
16 # Optional variable for specifying the backend to use for signing.
17 # Currently the only available option is 'local', i.e. local signing
27 # signing.
38 # Make feed signing key to be present in rootfs
39 FEATURE_PACKAGES_package-management:append = " signing-keys-packagefeed"
52 do_package_index[depends] += "signing-keys:do_deploy"
53 do_rootfs[depends] += "signing-keys:do_populate_sysroot gnupg-native:do_populate_sysroot"
|
| H A D | sign_rpm.bbclass | 11 # The passphrase of the signing key.
15 # Optional variable for specifying the backend to use for signing.
16 # Currently the only available option is 'local', i.e. local signing
22 # Optional variable for the file signing key.
24 # Optional variable for the file signing key password.
27 # signing.
75 do_package_index[depends] += "signing-keys:do_deploy"
76 do_rootfs[depends] += "signing-keys:do_populate_sysroot"
|
| H A D | sign_ipk.bbclass | 11 # Path to a file containing the passphrase of the signing key.
15 # Optional variable for specifying the backend to use for signing.
16 # Currently the only available option is 'local', i.e. local signing
24 # signing.
49 bb.debug(1, 'Signing ipk: %s' % ipk_to_sign)
|
| /openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/Certs/ |
| H A D | Entry.interface.yaml | 14 The current status of the signing operation.
19 Signing operation state enum.
23 Signing request is pending.
29 CSR signing complete
|
| H A D | Authority.interface.yaml | 2 Signs Certificate Signing Request.
6 This method provides signing authority functionality.
12 Should be a valid PEM encoded Certificate signing request
|
| H A D | Certificate.interface.yaml | 33 CodeSigning: The public key is used for the signing of executable
54 protects against the signing entity falsely denying
56 OCSPSigning: The public key is used for signing OCSP responses.
|
| /openbmc/openbmc/meta-openembedded/meta-oe/classes/ |
| H A D | signing.bbclass | 16 # Many software projects support signing using PKCS #11 keys, but configuring
18 # widespread, testing code signing in CI is not simple. To solve this at the
37 # meta-code-signing/recipes-security/signing-keys/dummy-rsa-key-native.bb
38 # meta-code-signing-demo/recipes-security/ptx-dev-keys/ptx-dev-keys-native_git.bb
40 # Examples for using keys for signing:
42 # meta-code-signing-demo/recipes-security/fit-image/linux-fit-image.bb
43 # meta-code-signing-demo/recipes-core/bundles/update-bundle.bb
47 # meta-code-signing-demo/recipes-security/fit-image/barebox_%.bbappend
48 # meta-code-signing-demo/recipes-core/rauc/rauc_%.bbappend
50 # Examples for using keys for both signing and authentication:
[all …]
|
| /openbmc/u-boot/doc/ |
| H A D | mkimage.1 | 105 Specifies a comment to be added when signing. This is typically a useful
146 Specifies the directory containing keys to use for signing. This directory
147 should contain a private key file <name>.key for use with signing and a
190 /public/signing-keys directory. Add corresponding public keys into u-boot.dtb,
193 .B mkimage -f kernel.its -k /public/signing-keys -K u-boot.dtb \\\\
199 Update an existing FIT image, signing it with additional keys.
201 with keys that are available in the new directory. Images that request signing
204 .B mkimage -F -k /secret/signing-keys -K u-boot.dtb \\\\
232 and Wolfgang Denk <wd@denx.de>. It was updated for image signing by
|
| /openbmc/openbmc/meta-hpe/meta-gxp/classes/ |
| H A D | gxp2-bootblock-n.bbclass | 1 # TODO: Manually copy the U-Boot signing key here:
16 # Copy in the U-Boot signing key
17 …install -m 644 ${HPE_GXP_KEY_FILES_DIR}/customer_private_key.pem ${DEPLOYDIR}/hpe-uboot-signing-ke…
|
| H A D | gxp-bootblock-n.bbclass | 1 # TODO: Manually copy the U-Boot signing key and customer-key-block here:
15 # Copy in the U-Boot signing key
16 install -m 644 ${HPE_GXP_KEY_FILES_DIR}/private_key.pem ${DEPLOYDIR}/hpe-uboot-signing-key.pem
|
| /openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/Certs/CSR/ |
| H A D | Create.interface.yaml | 2 Implement to create Certificate Signing Request(CSR).
7 This command is used to initiate a certificate signing request. This
81 The type of key pair for use with signing algorithms.
95 CodeSigning: The public key is used for the signing of
123 protects against the signing entity falsely
126 OCSPSigning: The public key is used for signing OCSP responses.
|
| /openbmc/openbmc/meta-security/meta-integrity/classes/ |
| H A D | ima-evm-rootfs.bbclass | 7 # Private key for IMA signing. The default is okay when
11 # Additional option when signing. Allows to for example provide
49 # reasons (including a change of the signing keys) without also
84 bbnote "IMA/EVM: Signing root filesystem at ${IMAGE_ROOTFS} with key ${IMA_EVM_PRIVKEY}"
88 # check signing key and signature verification key
100 bbnote "IMA/EVM: Signing IMA policy with key ${IMA_EVM_PRIVKEY}"
118 # Signing must run as late as possible in the do_rootfs task.
|
| H A D | kernel-modsign.bbclass | 7 # Private key for modules signing. The default is okay when
11 # Public part of certificates used for modules signing.
|
| /openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/imx-cst/ |
| H A D | imx-cst_3.4.0.bb | 1 SUMMARY = "i.MX code signing tool"
2 DESCRIPTION = "Code signing support that integrates the HABv4 and AHAB library for i.MX processors"
14 DEBIAN_PGK_NAME = "imx-code-signing-tool"
|
| /openbmc/u-boot/doc/uImage.FIT/ |
| H A D | signature.txt | 22 The procedure for signing is as follows:
37 The signing is generally performed by mkimage, as part of making a firmware
90 - key-name-hint: Name of key to use for signing. The keys will normally be in
132 sign-configs.its for config signing.
149 - key-name-hint: Name of key used for signing. This is only a hint since it
151 all available signing keys until one matches.
160 Each signing algorithm has its own additional properties.
173 While signing images is useful, it does not provide complete protection
333 CONFIG_FIT_SIGNATURE - enable signing and verification in FITs
334 CONFIG_RSA - enable RSA algorithm for signing
[all …]
|
| /openbmc/openbmc/poky/meta/recipes-core/meta/ |
| H A D | signing-keys.bb | 4 SUMMARY = "Makes public keys of the signing keys available"
27 # Export public key of the rpm signing key
33 # Export public key of the ipk signing key
39 # Export public key of the feed signing key
|
| /openbmc/openbmc/poky/meta/recipes-devtools/file/files/ |
| H A D | 0001-Use-4-in-default-reset-previous-negative-offset-in-m.patch | 26 >>>>>>(-6.l-16) string APK\x20Sig\x20Block\x2042 \b, with APK Signing Block
46 +# APK Signing Block
57 -# APK Signing Block
60 ->>>(-6.l-16) string APK\x20Sig\x20Block\x2042 Android package (APK), with APK Signing Block
63 +>>>>>(-6.l-16) string APK\x20Sig\x20Block\x2042 Android package (APK), with APK Signing Block
|
| /openbmc/openbmc/meta-arm/meta-arm/recipes-bsp/trusted-firmware-m/ |
| H A D | trusted-firmware-m-scripts-native.inc | 1 SUMMARY = "Trusted Firmware image signing scripts"
2 DESCRIPTION = "Trusted Firmware-M image signing scripts"
|
| /openbmc/openbmc/meta-arm/meta-arm/classes/ |
| H A D | tfm_sign_image.bbclass | 6 # * Write the signing logic, which may call the function sign_host_image,
38 # The arguments passed to the TF-M image signing script. Override this variable
65 # $4 ... signing private key's path
|
| /openbmc/openbmc/meta-phosphor/recipes-phosphor/flash/files/ |
| H A D | OpenBMC.priv | 7 signing keys should be used, and the private production signing key should be
|
| /openbmc/openbmc/meta-security/meta-integrity/ |
| H A D | README.md | 90 the image, enable image signing in the local.conf like this:
99 IMA_EVM_PRIVKEY_KEYID_OPT = "<options to use while signing>"
128 # Signing images then will not require entering that passphrase,
140 and sign the signing keys with it. The ``ima-evm-rootfs.bbclass`` then
240 * Signing files in advance with a X509 certificate and then not having
243 * EVM signing in advance would only work on the final file system and thus
|
| /openbmc/openbmc/poky/meta/lib/oe/ |
| H A D | gpg_sign.py | 7 """Helper module for GPG signing"""
16 """Class for handling local (on the build host) signing"""
156 # Use local signing by default
160 bb.fatal("Unsupported signing backend '%s'" % backend)
|
| /openbmc/u-boot/arch/arm/mach-tegra/tegra20/ |
| H A D | crypto.c | 110 * The only need for a key is for signing/checksum purposes, so in encrypt_and_sign()
127 debug("encrypt_and_sign: begin signing\n"); in encrypt_and_sign()
129 debug("encrypt_and_sign: end signing\n"); in encrypt_and_sign()
|
| /openbmc/openbmc/meta-phosphor/recipes-phosphor/flash/ |
| H A D | phosphor-image-signing.bb | 1 SUMMARY = "OpenBMC image signing public key"
6 DEPENDS += "${@oe.utils.conditional('INSECURE_KEY', 'True', 'phosphor-insecure-signing-key-native',…
|
| /openbmc/openbmc/poky/meta/conf/ |
| H A D | image-fitimage.conf | 2 # related to signing of the fitImage content.
16 # Generate keys for signing Kernel fitImage
|