mirror of
https://gitee.com/Vancouver2017/luban-lite-t3e-pro.git
synced 2025-12-14 18:38:55 +00:00
188 lines
12 KiB
HTML
188 lines
12 KiB
HTML
<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-cn" lang="zh-cn" data-whc_version="26.0">
|
||
<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><meta name="viewport" content="width=device-width, initial-scale=1.0"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><meta name="description" content="U-Boot 原生代码仅支持 FIT Image 的签名校验。 在 do_bootm_states() 的 BOOTM_STATE_FINDOS 阶段,程序检查当前内核镜像的格式, 如果是 FIT Image 格式,则根据 FIT Image 的配置,加载对应的内核镜像。 bootm_find_os(); // common/bootm.c |-> boot_get_kernel(); // ..."/><meta name="DC.rights.owner" content="(C) 版权 2025"/><meta name="copyright" content="(C) 版权 2025"/><meta name="generator" content="DITA-OT"/><meta name="DC.type" content="concept"/><meta name="DC.contributor" content="yan.wang"/><meta name="DC.date.modified" content="2024-12-25"/><meta name="DC.format" content="HTML5"/><meta name="DC.identifier" content="concept_xsp_wl3_pzb"/><meta name="DC.language" content="zh-CN"/><title>安全校验</title><!-- Build number 2023110923. --><meta name="wh-path2root" content="../../../"/><meta name="wh-toc-id" content=""/><meta name="wh-source-relpath" content="topics/sdk/boot/uboot-signature-verify.dita"/><meta name="wh-out-relpath" content="topics/sdk/boot/uboot-signature-verify.html"/>
|
||
|
||
<link rel="stylesheet" type="text/css" href="../../../webhelp/app/commons.css?buildId=2023110923"/>
|
||
<link rel="stylesheet" type="text/css" href="../../../webhelp/app/topic.css?buildId=2023110923"/>
|
||
|
||
<script src="../../../webhelp/app/options/properties.js?buildId=20250121171154"></script>
|
||
<script src="../../../webhelp/app/localization/strings.js?buildId=2023110923"></script>
|
||
<script src="../../../webhelp/app/search/index/keywords.js?buildId=20250121171154"></script>
|
||
<script defer="defer" src="../../../webhelp/app/commons.js?buildId=2023110923"></script>
|
||
<script defer="defer" src="../../../webhelp/app/topic.js?buildId=2023110923"></script>
|
||
<link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-styles-web.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/notes.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-common.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-images.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/footnote.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/aic-web-watermark.css?buildId=2023110923"/><link rel="stylesheet" type="text/css" href="../../../webhelp/template/topic-body-list.css?buildId=2023110923"/></head>
|
||
|
||
<body id="concept_xsp_wl3_pzb" class="wh_topic_page frmBody">
|
||
<a href="#wh_topic_body" class="sr-only sr-only-focusable">
|
||
跳转到主要内容
|
||
</a>
|
||
|
||
|
||
|
||
|
||
<header class="navbar navbar-default wh_header">
|
||
<div class="container-fluid">
|
||
<div class="wh_header_flex_container navbar-nav navbar-expand-md navbar-dark">
|
||
<div class="wh_logo_and_publication_title_container">
|
||
<div class="wh_logo_and_publication_title">
|
||
|
||
<a href="http://www.artinchip.com" class=" wh_logo d-none d-sm-block "><img src="../../../company-logo-white.png" alt="RTOS SDK 使用指南SDK 指南文件"/></a>
|
||
<div class=" wh_publication_title "><a href="../../../index.html"><span class="booktitle"><span class="ph mainbooktitle">RTOS SDK 使用指南</span><span class="ph booktitlealt">SDK 指南文件</span></span></a></div>
|
||
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
<div class="wh_top_menu_and_indexterms_link collapse navbar-collapse" id="wh_top_menu_and_indexterms_link">
|
||
|
||
|
||
|
||
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</header>
|
||
|
||
|
||
|
||
|
||
<div class=" wh_search_input navbar-form wh_topic_page_search search " role="form">
|
||
|
||
|
||
|
||
<form id="searchForm" method="get" role="search" action="../../../search.html"><div><input type="search" placeholder="搜索 " class="wh_search_textfield" id="textToSearch" name="searchQuery" aria-label="搜索查询" required="required"/><button type="submit" class="wh_search_button" aria-label="搜索"><span class="search_input_text">搜索</span></button></div></form>
|
||
|
||
|
||
|
||
</div>
|
||
|
||
<div class="container-fluid" id="wh_topic_container">
|
||
<div class="row">
|
||
|
||
<nav class="wh_tools d-print-none navbar-expand-md" aria-label="Tools">
|
||
|
||
<div data-tooltip-position="bottom" class=" wh_breadcrumb "></div>
|
||
|
||
|
||
|
||
<div class="wh_right_tools">
|
||
<button class="wh_hide_highlight" aria-label="切换搜索突出显示" title="切换搜索突出显示"></button>
|
||
<button class="webhelp_expand_collapse_sections" data-next-state="collapsed" aria-label="折叠截面" title="折叠截面"></button>
|
||
|
||
|
||
|
||
|
||
<div class=" wh_print_link print d-none d-md-inline-block "><button onClick="window.print()" title="打印此页" aria-label="打印此页"></button></div>
|
||
|
||
|
||
</div>
|
||
|
||
</nav>
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div class="wh_content_area">
|
||
<div class="row">
|
||
|
||
|
||
<div class="col-12" id="wh_topic_body">
|
||
|
||
|
||
|
||
<div class=" wh_topic_content body "><main role="main"><article class="- topic/topic concept/concept topic concept" role="article" aria-labelledby="ariaid-title1"><span class="edit-link" style="font-size:12px; opacity:0.6; text-align:right; vertical-align:middle"><a target="_blank" href="http://172.16.35.88/tasks/jdssno1uvvbf2mltu9kb9v3if05d5gopuakboe8hlud18rma/edit/F:/aicdita/aicdita-cn/topics/sdk/boot/uboot-signature-verify.dita">Edit online</a></span><h1 class="- topic/title title topictitle1" id="ariaid-title1">安全校验</h1><div class="date inPage">25 Dec 2024</div><div style="color: gray;">
|
||
Read time: 1 minute(s)
|
||
</div><div class="- topic/body concept/conbody body conbody"><p class="- topic/p p" data-ofbid="d294436e22__20250121171800">U-Boot 原生代码仅支持 FIT Image 的签名校验。</p><ol class="- topic/ol ol" id="concept_xsp_wl3_pzb__ol_iw3_d2x_5dc" data-ofbid="concept_xsp_wl3_pzb__ol_iw3_d2x_5dc"><li class="- topic/li li" data-ofbid="d294436e25__20250121171800">
|
||
<div class="- topic/p p" data-ofbid="d294436e27__20250121171800">在 do_bootm_states() 的 BOOTM_STATE_FINDOS 阶段,程序检查当前内核镜像的格式, 如果是 FIT Image 格式,则根据
|
||
FIT Image
|
||
的配置,加载对应的内核镜像。<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="concept_xsp_wl3_pzb__codeblock_rqb_jpr_c1c" data-ofbid="concept_xsp_wl3_pzb__codeblock_rqb_jpr_c1c">bootm_find_os(); <em class="hl-comment">// common/bootm.c</em>
|
||
|-> boot_get_kernel(); <em class="hl-comment">// common/bootm.c</em>
|
||
|-> fit_image_load(); <em class="hl-comment">// common/image-fit.c</em>
|
||
|-> fit_image_select(); <em class="hl-comment">// common/image-fit.c</em></pre></div>
|
||
</li><li class="- topic/li li" data-ofbid="d294436e32__20250121171800">
|
||
<div class="- topic/p p" data-ofbid="d294436e34__20250121171800">检查环境变量中是否有设置 “verify” 为 “no”。如果没有设置,或者被设置为 “yes”, 则在加载 FIT Image
|
||
时对镜像数据进行验证。<pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="concept_xsp_wl3_pzb__codeblock_qlp_jpr_c1c" data-ofbid="concept_xsp_wl3_pzb__codeblock_qlp_jpr_c1c">images.verify = env_get_yesno(<span class="hl-string">"verify"</span>);</pre><pre class="+ topic/pre pr-d/codeblock pre codeblock language-c" id="concept_xsp_wl3_pzb__codeblock_gdk_kpr_c1c" data-ofbid="concept_xsp_wl3_pzb__codeblock_gdk_kpr_c1c">fit_image_select(); <em class="hl-comment">// common/image-fit.c</em>
|
||
|-> fit_image_verify(fit_hdr, noffset); <em class="hl-comment">// common/image-fit.c</em>
|
||
|-> fit_image_verify_with_data(fit, image_noffset, data, size);
|
||
|-> fit_image_check_sig(fit, noffset, data, size, -<span class="hl-number">1</span>, &err_msg);
|
||
| <em class="hl-comment">// common/image-sig.c</em>
|
||
|-> fit_image_setup_verify(&info, ...); <em class="hl-comment">// common/image-fit-sig.c</em>
|
||
| <em class="hl-comment">// 读取签名所用的算法等信息,以及验证所用的公钥信息</em>
|
||
| <em class="hl-comment">// 并且保存到 info 中</em>
|
||
|
|
||
|-> fit_image_hash_get_value();
|
||
|-> info.crypto->verify(&info, &region, <span class="hl-number">1</span>,
|
||
fit_value, fit_value_len);
|
||
rsa_verify(&info, &region, <span class="hl-number">1</span>, fit_value, fit_value_len); <em class="hl-comment">// lib/rsa/rsa-verify.c</em></pre></div>
|
||
</li><li class="- topic/li li" data-ofbid="d294436e41__20250121171800">
|
||
<p class="- topic/p p" data-ofbid="d294436e43__20250121171800">最终调用 rsa_verify 函数进行签名验证。 此处的 rsa_verify 可以对接到硬件 CE,具体可看
|
||
<span class="+ topic/keyword pr-d/apiname keyword apiname">UCLASS_MOD_EXP</span> 的相关内容。 如果没有硬件加速器的实现,则使用软件进行计算。</p>
|
||
</li></ol></div></article></main></div>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
</div>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
|
||
</div>
|
||
<footer class="navbar navbar-default wh_footer">
|
||
<div class=" footer-container mx-auto ">
|
||
<title>footer def</title>
|
||
<style><!--
|
||
|
||
.p1 {
|
||
font-family: FangZhengShuSong, Times, serif;
|
||
}
|
||
.p2 {
|
||
font-family: Arial, Helvetica, sans-serif;
|
||
}
|
||
.p3 {
|
||
font-family: "Lucida Console", "Courier New", monospace;
|
||
}
|
||
|
||
--></style>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div class="webhelp.fragment.footer">
|
||
<p class="p1">Copyright © 2019-2024 广东匠芯创科技有限公司. All rights reserved.</p>
|
||
</div><div>
|
||
<div class="generation_time">
|
||
Update Time: 2025-01-21
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</footer>
|
||
|
||
<div id="go2top" class="d-print-none">
|
||
<span class="oxy-icon oxy-icon-up"></span>
|
||
</div>
|
||
|
||
<div id="modal_img_large" class="modal">
|
||
<span class="close oxy-icon oxy-icon-remove"></span>
|
||
<div id="modal_img_container"></div>
|
||
<div id="caption"></div>
|
||
</div>
|
||
|
||
|
||
<script src="${pd}/publishing/publishing-styles-AIC-template/js/custom.js" defer="defer"></script>
|
||
|
||
|
||
</body>
|
||
</html> |