[RFC] Keystore design
Jean-Christophe PLAGNIOL-VILLARD
plagnioj at jcrosoft.com
Wed Mar 18 02:59:30 PDT 2015
Hi,
I'm curently looking the implementation for the PKI keystore
I was thinking to simply do a FS
The idea is this one
we will use envfs as storing format.
Contraint:
- Multiple RO env
- one RW env
- as less as possible API to add a key
1) Builtin
We will allow to have multiple keystore for boards
we need to be hanble to drop a keystore if not valid for this board
we need to be able to have global keystore
2) SoC Keytore
- RO
3) RW
a key will be store in the keystore on if valid (signed by a master
key or CA)
We will use the fs api
to put a key a simple cp will be enough
Best Regards,
J.
More information about the barebox
mailing list