andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
arm-trusted-firmware/drivers/auth
History
Justin Chadwell 6a415a508e Remove RSA PKCS#1 v1.5 support from cert_tool 
Support for PKCS#1 v1.5 was deprecated in SHA 1001202 and fully removed
in SHA fe199e3, however, cert_tool is still able to generate
certificates in that form. This patch fully removes the ability for
cert_tool to generate these certificates.

Additionally, this patch also fixes a bug where the issuing certificate
was a RSA and the issued certificate was EcDSA. In this case, the issued
certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
that PKCS#1 v1.5 support is removed, all certificates that are signed
with RSA now use the more modern padding scheme.

Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
 		2019-09-12 15:27:41 +01:00
..
cryptocell cryptocell: add product version awareness support 2019-07-25 13:38:07 +03:00
mbedtls Remove RSA PKCS#1 v1.5 support from cert_tool 2019-09-12 15:27:41 +01:00
tbbr Support larger RSA key sizes when using MBEDTLS 2019-09-12 15:27:39 +01:00
auth_mod.c Fix type of cot_desc_ptr 2019-06-13 12:53:17 +02:00
crypto_mod.c Sanitise includes across codebase 2019-01-04 10:43:17 +00:00
img_parser_mod.c Sanitise includes across codebase 2019-01-04 10:43:17 +00:00