30 Sep
2013
30 Sep
'13
9:28 a.m.
Am 13.09.2013 19:28, schrieb Michael Trimarchi:
Hi I don't understand you can decrypt it after load. Why just verify the signature?
Michael
This is a proof-of-concept for a technique, which involves de-/encrypting the u-boot.img with a key derived from a hardware fingerprint. This is why I can not just verify the signature.
Yes, I want to decrypt it after load. However, I am not sure about the correct position in the SPL source code to this, i.e. the position after loading the u-boot.img and before executing it. I assume after do_fat_read() the u-boot.img is loaded into internal memory and jump_to_image_no_args() executes the u-boot.img. Thus, the decryption routine should be implemented between both functions?