mirrors/meta-secure-core
1
0
Fork 0
mirror of https://github.com/jiazhang0/meta-secure-core.git synced 2026-05-07 10:09:22 +00:00
Code Issues Projects Releases Wiki Activity
104 Commits 6 Branches 0 Tags
c28ebfb98464f90ccfba557358475b140ac9b5e2
Commit Graph

104 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lans Zhang dcc933df6e linux-yocto-efi-secure-boot: don't use sccs to define the included kernel cfg 
The variable sccs is used internally and thus it will be corrupted by the external
definition.

Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
 2017-06-26 11:25:31 +08:00
Meng Li 92f65d3394 openssl-tpm-engine: parse an encrypted tpm SRK password from env 
Before, we support reading SRK password from env TPM_SRK_PW,
but it is a plain password and not secure.
So, we improve it and support to get an encrypted (AES algorithm)
SRK password from env, and then parse it. The default decrypting
AES password and salt is set in bb file.
When we initialize TPM, and set a SRK pw, and then we need to
encrypt it with the same AES password and salt by AES algorithm.
At last, we set a env as below:
export TPM_SRK_ENC_PW=xxxxxxxx
"xxxxxxxx" is the encrypted SRK password for libtpm.so.

Signed-off-by: Meng Li <Meng.Li@windriver.com>
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
 2017-06-23 21:52:57 +08:00
Guojian Zhou e6c0acbede Ignore the KEYS DIR in the do_package and do_sign task dependence 
Signed-off-by: Guojian Zhou <guojian.zhou@windriver.com>
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
 2017-06-23 13:16:20 +08:00
Lans Zhang 1b3e594449 meta-secure-core: initial commit 
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
 2017-06-22 15:24:04 +08:00