Lines Matching refs:authentication
4 The aim of this document is to describe the authentication framework
62 This document describes the inner details of the authentication framework and
74 A CoT is basically a sequence of authentication images which usually starts with
125 Images in a CoT are categorised as authentication and data images. An
126 authentication image contains information to authenticate a data image or
127 another authentication image. A data image is usually a boot loader binary, but
128 it could be any other data that requires authentication.
144 #. If the image is an authentication image, extract the information that will
153 These components are responsible for initiating the authentication process for a
154 particular image in BL1 or BL2. For each BL image that requires authentication,
167 also specifies the authentication methods and the parsing method used for
176 extract authentication parameters contained in an image, e.g. if the
183 #. Export functions to verify an image which uses an authentication method that
197 other things, the authentication and image parsing methods must be specified
210 #. Reusing memory meant for a data image to verify authentication images e.g.
215 certificate. It is assumed that the size of an authentication image will
298 Images may have different formats (for example, authentication images could be
303 check the image integrity and extract the authentication parameters.
311 The AM supports the following authentication methods:
383 The authentication framework will use the image descriptor to extract all the
384 information related to authentication.
402 authentication image that represents a certificate could be in the X.509v3
414 PKI certificates (authentication images). It is expected that open source
420 proprietary standards to represent authentication or data images. For
457 - ``_get_param``: extract authentication parameter function pointer.
475 Describing the authentication method(s)
478 As part of the CoT, each image has to specify one or more authentication methods
491 The AM defines the type of each parameter used by an authentication method. It
500 #. Extract authentication parameters from a parent image in order to verify a
516 The AM defines the following structure to identify an authentication parameter
541 * Parameters for authentication by hash matching
549 * Parameters for authentication by signature
558 The AM defines the following structure to describe an authentication method for
588 authentication parameter.
631 parameters are specified only by authentication images and can be extracted
654 the authentication framework. This example corresponds to the Applicative
680 for a proper authentication. Details about the TBBR CoT may be found in the
690 **Important**: the authentication module uses these identifiers to index the
698 authentication parameters. Three types of images are currently supported:
703 type for custom images not directly supported by the authentication
709 is NULL, the authentication parameters will be obtained from the platform
713 authentication methods that must be checked to consider an image
740 - ``authenticated_data``: this array pointer indicates what authentication
749 bytes, and a hash requires 51 bytes. Depending on the CoT and the authentication
895 four parameter descriptors must be specified with the authentication method:
917 parameter in the signature authentication method. The key is stored in the
922 certificate. In the image descriptor, we specify a single authentication method
930 We specify the authentication method using ``soc_fw_content_pk`` as public key.
931 After authentication, we need to extract the BL31 hash, stored in the extension
937 a single authentication method by hash. The parameters to the hash method are
945 extract the authentication parameters. The number and type of parser libraries
977 authentication framework using the macro ``REGISTER_CRYPTO_LIB()`` and exports