random-mirrors/smaeul-u-boot
1
0
Fork 0
mirror of https://github.com/smaeul/u-boot.git synced 2025-10-31 03:58:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
smaeul-u-boot/lib/rsa/Kconfig
Teddy Reed 51c14cd128 verified-boot: Minimal support for booting U-Boot proper from SPL 
This allows a board to configure verified boot within the SPL using
a FIT or FIT with external data. It also allows the SPL to perform
signature verification without needing relocation.

The board configuration will need to add the following feature defines:
CONFIG_SPL_CRYPTO_SUPPORT
CONFIG_SPL_HASH_SUPPORT
CONFIG_SPL_SHA256

In this example, SHA256 is the only selected hashing algorithm.

And the following booleans:
CONFIG_SPL=y
CONFIG_SPL_DM=y
CONFIG_SPL_LOAD_FIT=y
CONFIG_SPL_FIT=y
CONFIG_SPL_OF_CONTROL=y
CONFIG_SPL_OF_LIBFDT=y
CONFIG_SPL_FIT_SIGNATURE=y

Signed-off-by: Teddy Reed <teddy.reed@gmail.com>
Acked-by: Simon Glass <sjg@chromium.org>
Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Acked-by: Sumit Garg <sumit.garg@nxp.com>
2016-06-12 13:14:58 -04:00

38 lines
1.2 KiB
Plaintext
Raw Blame History

config RSA
bool "Use RSA Library"
select RSA_FREESCALE_EXP if FSL_CAAM
select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
help
RSA support. This enables the RSA algorithm used for FIT image
verification in U-Boot.
See doc/uImage.FIT/signature.txt for more details.
The Modular Exponentiation algorithm in RSA is implemented using
driver model. So CONFIG_DM needs to be enabled by default for this
library to function.
The signing part is build into mkimage regardless of this
option. The software based modular exponentiation is built into
mkimage irrespective of this option.
config SPL_RSA
bool "Use RSA Library within SPL"
depends on RSA
if RSA
config RSA_SOFTWARE_EXP
bool "Enable driver for RSA Modular Exponentiation in software"
depends on DM && RSA
help
Enables driver for modular exponentiation in software. This is a RSA
algorithm used in FIT image verification. It required RSA Key as
input.
See doc/uImage.FIT/signature.txt for more details.
config RSA_FREESCALE_EXP
bool "Enable RSA Modular Exponentiation with FSL crypto accelerator"
depends on DM && RSA && FSL_CAAM
help
Enables driver for RSA modular exponentiation using Freescale cryptographic
accelerator - CAAM.
endif
Reference in New Issue View Git Blame Copy Permalink