diff options
| author | Randall Spangler <rspangler@chromium.org> | 2010-06-17 14:45:22 -0700 |
|---|---|---|
| committer | Randall Spangler <rspangler@chromium.org> | 2010-06-17 14:45:22 -0700 |
| commit | 620c38cf34eadcd222535b01fb71c5e9fbc1cb80 (patch) | |
| tree | 55c883fd01447b0ffdf6c121f4b7c6817cbc53b0 /README | |
| parent | d52030f340d14f8039360a39ec6a938d31e083d0 (diff) | |
| download | vboot-620c38cf34eadcd222535b01fb71c5e9fbc1cb80.tar.gz | |
Remove unused files, and tidy the directory structure of the remaining ones.
Review URL: http://codereview.chromium.org/2815011
Diffstat (limited to 'README')
| -rw-r--r-- | README | 36 |
1 files changed, 19 insertions, 17 deletions
@@ -7,22 +7,19 @@ Directory Structure The source is organized into distinct modules - -vboot_firmware/ - Contains ONLY the code required by the BIOS to validate -the secure boot components. There shouldn't be any code in here that signs -or generates images. BIOS should require ONLY this directory to implement -secure boot. Refer to vboot_firmware/README for futher details. +firmware/ - Contains ONLY the code required by the BIOS to validate +the secure boot components. There shouldn't be any code in here that +signs or generates images. BIOS should require ONLY this directory to +implement secure boot. Refer to firmware/README for futher details. -cgptlib/ - Work in progress for handling GPT headers. Parts of this will no -doubt be migrated into vboot_firmware/ +cgpt/ - Utility to read/write/modify GPT partitions. Much like the +gpt tool, but with support for Chrome OS extensiosn. -misclibs/ - Miscellaneous functions used by userland utilities. +host/ - Miscellaneous functions used by userland utilities. utility/ - Utilities for generating and verifying signed firmware and kernel images, as well as arbitrary blobs. -vfirmware/ and vkernel/ - Functions for generating, verifying, and -manipulating signed firmware and kernel images. - tests/ - User-land tests and benchmarks that test the reference implementation. Please have a look at these if you'd like to understand how to use the reference implementation. @@ -61,14 +58,17 @@ BUILD=../build make runtests Some useful utilities: ---------- -firmware_utility.c To generate verified boot firmware images. - -kernel_utility.c To generate verified boot kernel images. +vbutil_key Convert a public key into .vbpubk format +vbutil_keyblock Wrap a public key inside a signature and checksum +vbutil_firmware Create a .vblock with signature info for a + firmware image +vbutil_kernel Pack a kernel image, bootloader, and config into + a signed binary -dumpRSAPublicKey.c Dump RSA Public key (from a DER-encoded X509 - certificate) in a format suitable for - use by RSAVerify* functions in - crypto/. +dumpRSAPublicKey Dump RSA Public key (from a DER-encoded X509 + certificate) in a format suitable for + use by RSAVerify* functions in + crypto/. verify_data.c Verify a given signature on a given file. @@ -99,6 +99,8 @@ $ openssl req -batch -new -x509 -key signing_key.pem -out signing_key.crt $ utility/dumpRSAPublicKey root_key.crt > root_key.keyb $ utility/dumpRSAPublicKey signing_key.crt > signing_key.keyb +************** TODO: STUFF PAST HERE IS OUT OF DATE *************** + At this point we have all the requisite keys needed to generate a signed firmware image. |