jim.lai/OpenBMC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Your Name
2026-04-23 17:07:55 +08:00
commit b7e39e063b
16725 changed files with 1625565 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-security/meta-integrity/data/debug-keys/README.md
+17
View File
@@ -0,0 +1,17 @@
# EVM & IMA keys
The following IMA & EVM debug/test keys are in this directory
- ima-local-ca.priv: The CA's private key (password: 1234)
- ima-local-ca.pem: The CA's self-signed certificate
- privkey_ima.pem: IMA & EVM private key used for signing files
- x509_ima.der: Certificate containing public key (of privkey_ima.pem) to verify signatures
The CA's (self-signed) certificate can be used to verify the validity of
the x509_ima.der certificate. Since the CA certificate will be built into
the Linux kernel, any key (x509_ima.der) loaded onto the .ima keyring must
pass this test:
```
openssl verify -CAfile ima-local-ca.pem x509_ima.der
````