diff options
author | Michael van der Westhuizen <michael@smart-africa.com> | 2014-07-02 10:17:26 +0200 |
---|---|---|
committer | Tom Rini <trini@ti.com> | 2014-08-09 11:17:01 -0400 |
commit | e0f2f15534146729fdf2ce58b740121fd67eea1c (patch) | |
tree | 87cd55f630088b177050457ed0f3a3059997da17 /configs/T1040RDB_SECURE_BOOT_defconfig | |
parent | 53022c3113a6670d21f55262f511ae6a07bb3dc4 (diff) | |
download | u-boot-imx-e0f2f15534146729fdf2ce58b740121fd67eea1c.zip u-boot-imx-e0f2f15534146729fdf2ce58b740121fd67eea1c.tar.gz u-boot-imx-e0f2f15534146729fdf2ce58b740121fd67eea1c.tar.bz2 |
Implement generalised RSA public exponents for verified boot
Remove the verified boot limitation that only allows a single
RSA public exponent of 65537 (F4). This change allows use with
existing PKI infrastructure and has been tested with HSM-based
PKI.
Change the configuration OF tree format to store the RSA public
exponent as a 64 bit integer and implement backward compatibility
for verified boot configuration trees without this extra field.
Parameterise vboot_test.sh to test different public exponents.
Mathematics and other hard work by Andrew Bott.
Tested with the following public exponents: 3, 5, 17, 257, 39981,
50457, 65537 and 4294967297.
Signed-off-by: Andrew Bott <Andrew.Bott@ipaccess.com>
Signed-off-by: Andrew Wishart <Andrew.Wishart@ipaccess.com>
Signed-off-by: Neil Piercy <Neil.Piercy@ipaccess.com>
Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Cc: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'configs/T1040RDB_SECURE_BOOT_defconfig')
0 files changed, 0 insertions, 0 deletions