diff options
Diffstat (limited to 'docs/trusted-board-boot.rst')
| -rw-r--r-- | docs/trusted-board-boot.rst | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/docs/trusted-board-boot.rst b/docs/trusted-board-boot.rst index 5ab32fe4c..33005e3de 100644 --- a/docs/trusted-board-boot.rst +++ b/docs/trusted-board-boot.rst @@ -59,7 +59,7 @@ The keys used to establish the CoT are: - **Trusted world key** The private part is used to sign the key certificates corresponding to the - secure world images (SCP\_BL2, BL31 and BL32). The public part is stored in + secure world images (SCP_BL2, BL31 and BL32). The public part is stored in one of the extension fields in the trusted world certificate. - **Non-trusted world key** @@ -70,7 +70,7 @@ The keys used to establish the CoT are: - **BL3-X keys** - For each of SCP\_BL2, BL31, BL32 and BL33, the private part is used to + For each of SCP_BL2, BL31, BL32 and BL33, the private part is used to sign the content certificate for the BL3-X image. The public part is stored in one of the extension fields in the corresponding key certificate. @@ -78,7 +78,7 @@ The following images are included in the CoT: - BL1 - BL2 -- SCP\_BL2 (optional) +- SCP_BL2 (optional) - BL31 - BL33 - BL32 (optional) @@ -96,14 +96,14 @@ The following certificates are used to authenticate the images. public part of the trusted world key and the public part of the non-trusted world key. -- **SCP\_BL2 key certificate** +- **SCP_BL2 key certificate** It is self-signed with the trusted world key. It contains the public part of - the SCP\_BL2 key. + the SCP_BL2 key. -- **SCP\_BL2 content certificate** +- **SCP_BL2 content certificate** - It is self-signed with the SCP\_BL2 key. It contains a hash of the SCP\_BL2 + It is self-signed with the SCP_BL2 key. It contains a hash of the SCP_BL2 image. - **BL31 key certificate** @@ -133,8 +133,8 @@ The following certificates are used to authenticate the images. It is self-signed with the BL33 key. It contains a hash of the BL33 image. -The SCP\_BL2 and BL32 certificates are optional, but they must be present if the -corresponding SCP\_BL2 or BL32 images are present. +The SCP_BL2 and BL32 certificates are optional, but they must be present if the +corresponding SCP_BL2 or BL32 images are present. Trusted Board Boot Sequence --------------------------- @@ -160,8 +160,8 @@ if any of the steps fail. registers. If the comparison succeeds, BL2 reads and saves the trusted and non-trusted world public keys from the verified certificate. -The next two steps are executed for each of the SCP\_BL2, BL31 & BL32 images. -The steps for the optional SCP\_BL2 and BL32 images are skipped if these images +The next two steps are executed for each of the SCP_BL2, BL31 & BL32 images. +The steps for the optional SCP_BL2 and BL32 images are skipped if these images are not present. - BL2 loads and verifies the BL3x key certificate. The certificate signature |