mirror of
https://source.denx.de/u-boot/u-boot.git
synced 2025-10-24 05:51:33 +02:00
This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com>
38 lines
1.2 KiB
Plaintext
38 lines
1.2 KiB
Plaintext
config RSA
|
|
bool "Use RSA Library"
|
|
select RSA_FREESCALE_EXP if FSL_CAAM
|
|
select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
|
|
help
|
|
RSA support. This enables the RSA algorithm used for FIT image
|
|
verification in U-Boot.
|
|
See doc/uImage.FIT/signature.txt for more details.
|
|
The Modular Exponentiation algorithm in RSA is implemented using
|
|
driver model. So CONFIG_DM needs to be enabled by default for this
|
|
library to function.
|
|
The signing part is build into mkimage regardless of this
|
|
option. The software based modular exponentiation is built into
|
|
mkimage irrespective of this option.
|
|
|
|
config SPL_RSA
|
|
bool "Use RSA Library within SPL"
|
|
depends on RSA
|
|
|
|
if RSA
|
|
config RSA_SOFTWARE_EXP
|
|
bool "Enable driver for RSA Modular Exponentiation in software"
|
|
depends on DM && RSA
|
|
help
|
|
Enables driver for modular exponentiation in software. This is a RSA
|
|
algorithm used in FIT image verification. It required RSA Key as
|
|
input.
|
|
See doc/uImage.FIT/signature.txt for more details.
|
|
|
|
config RSA_FREESCALE_EXP
|
|
bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
|
|
depends on DM && RSA && FSL_CAAM
|
|
help
|
|
Enables driver for RSA modular exponentiation using Freescale cryptographic
|
|
accelerator - CAAM.
|
|
|
|
endif
|