[RFC 2/4] Add rsa support
jlu at pengutronix.de
Mon Mar 16 03:00:22 PDT 2015
On Fr, 2015-03-13 at 16:49 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote:
> you just need to have a unique ID on the HW and then use a x509 object
> to store it. then signed it with you CA. As only validated keys can be
> used, you can easly give a generated key for a specific HW.
> And this key will be valid only for this HW.
Yes, this sounds useful. So you'd have a board-specific way to check the
unique ID constraint in an intermediate cert against the HW ID?
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox