Hi Simon and Alexander,
Thank you both for these resources.
Hopefully they will provide more indication into why I cannot get ECDSA to work.
I have seen some of these resources (Admittedly I did only look partially at the one for the beagle bone board), however the patch series for barebox is new info for me.
I'll make sure to inspect these two in depth.
Again, thanks to both of you.
Regards, Eden ________________________________ From: Simon Glass sjg@chromium.org Sent: 07 August 2024 15:36 To: Eden Hamilton VRC7 C eden.hamilton@bt.com Cc: u-boot@lists.denx.de u-boot@lists.denx.de Subject: Re: Fw: ECDSA for FIT Files in U-Boot
Hi Eden,
On Wed, 7 Aug 2024 at 07:59, Simon Glass sjg@chromium.org wrote:
Hi Eden,
I don't see it on the mailing list yet[1].
Regards, Simon
[1] https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.denx...https://lists.denx.de/listinfo/u-boot
On Wed, 7 Aug 2024 at 02:21, eden.hamilton@bt.com wrote:
Hi Simon,
I have forwarded these emails as requested.
Cheers, Eden
From: Simon Glass sjg@chromium.org Sent: 06 August 2024 22:47 To: Eden Hamilton VRC7 C eden.hamilton@bt.com Subject: Re: ECDSA for FIT Files in U-Boot
Hi Eden,
Would you mind sending this to the U-Boot mailing list and cc me? There are quite a few people involved in the security side.
Regards, Simon
On Tue, 6 Aug 2024 at 08:24, eden.hamilton@bt.com wrote:
Hi there Simon!
I am Eden, currently at BT trying to get ECDSA verified boot for FIT files working on U-Boot.
I have observed that you have reviewed many patches/updates surrounding ECDSA in U-Boot.
I have been trying to get this working, but it is appearing difficult due to no examples online.
I was wondering, if you have any examples where you have managed to get this working? Perhaps examples of FIT files, DTBs etc - that you would not mind sharing with me.
If you do not, then no worries.
OK, there it is, hidden under my ellipsis, thanks. Here are a few thoughts:
[1] is the general docs which I'm sure you've read [2] Describes the process for a real board (with RSA, but the idea is similar) [3] Is a test for ECDSA so you should be able to follow along with the steps there to get something working
If you have problems, then a console trace is often useful.
Regards, SImon
[1] https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.u-boo...https://docs.u-boot.org/en/latest/usage/fit/signature.htm [2] https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.u-boo...https://docs.u-boot.org/en/latest/usage/fit/beaglebone_vboot.html [3] test/py/tests/test_fit_ecdsa.py