diff options
| author | Simon Glass <sjg@chromium.org> | 2013-06-13 15:10:02 -0700 |
|---|---|---|
| committer | Tom Rini <trini@ti.com> | 2013-06-26 10:18:56 -0400 |
| commit | 19c402afa2e1190f596f35a84ac049b10d814f1f (patch) | |
| tree | 4f4d2302f4b6fa01e9a2214dee6bfe75e220a010 /common | |
| parent | 56518e71041fafdfd7af3a24f263b0a22efbeda9 (diff) | |
| download | talos-obmc-uboot-19c402afa2e1190f596f35a84ac049b10d814f1f.tar.gz talos-obmc-uboot-19c402afa2e1190f596f35a84ac049b10d814f1f.zip | |
image: Add RSA support for image signing
RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large libraries into the U-Boot binary, the RSA public key
is encoded using a simple numeric representation in the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'common')
| -rw-r--r-- | common/image-sig.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/common/image-sig.c b/common/image-sig.c index 9b222daa0f..9928bfceca 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -27,8 +27,15 @@ DECLARE_GLOBAL_DATA_PTR; #endif /* !USE_HOSTCC*/ #include <errno.h> #include <image.h> +#include <rsa.h> struct image_sig_algo image_sig_algos[] = { + { + "sha1,rsa2048", + rsa_sign, + rsa_add_verify_data, + rsa_verify, + } }; struct image_sig_algo *image_get_sig_algo(const char *name) |
