diff options
author | Heiko Schocher <hs@denx.de> | 2014-03-03 12:19:26 +0100 |
---|---|---|
committer | Tom Rini <trini@ti.com> | 2014-03-21 16:39:34 -0400 |
commit | 646257d1f4004855d486024527a4784bf57c4c4d (patch) | |
tree | a16c9627f823bcb68606b621fe9ff2fe493f90ed /doc/uImage.FIT/signature.txt | |
parent | 2842c1c24269a05142802d25520e7cb9035e456c (diff) | |
download | u-boot-imx-646257d1f4004855d486024527a4784bf57c4c4d.zip u-boot-imx-646257d1f4004855d486024527a4784bf57c4c4d.tar.gz u-boot-imx-646257d1f4004855d486024527a4784bf57c4c4d.tar.bz2 |
rsa: add sha256-rsa2048 algorithm
based on patch from andreas@oetken.name:
http://patchwork.ozlabs.org/patch/294318/
commit message:
I currently need support for rsa-sha256 signatures in u-boot and found out that
the code for signatures is not very generic. Thus adding of different
hash-algorithms for rsa-signatures is not easy to do without copy-pasting the
rsa-code. I attached a patch for how I think it could be better and included
support for rsa-sha256. This is a fast first shot.
aditionally work:
- removed checkpatch warnings
- removed compiler warnings
- rebased against current head
Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: andreas@oetken.name
Cc: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'doc/uImage.FIT/signature.txt')
-rw-r--r-- | doc/uImage.FIT/signature.txt | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/doc/uImage.FIT/signature.txt b/doc/uImage.FIT/signature.txt index bc9f3fa..71f8b6c 100644 --- a/doc/uImage.FIT/signature.txt +++ b/doc/uImage.FIT/signature.txt @@ -346,7 +346,9 @@ Simple Verified Boot Test Please see doc/uImage.FIT/verified-boot.txt for more information +/home/hs/ids/u-boot/sandbox/tools/mkimage -D -I dts -O dtb -p 2000 Build keys +do sha1 test Build FIT with signed images Test Verified Boot Run: unsigned signatures:: OK Sign images @@ -355,10 +357,20 @@ Build FIT with signed configuration Test Verified Boot Run: unsigned config: OK Sign images Test Verified Boot Run: signed config: OK +Test Verified Boot Run: signed config with bad hash: OK +do sha256 test +Build FIT with signed images +Test Verified Boot Run: unsigned signatures:: OK +Sign images +Test Verified Boot Run: signed images: OK +Build FIT with signed configuration +Test Verified Boot Run: unsigned config: OK +Sign images +Test Verified Boot Run: signed config: OK +Test Verified Boot Run: signed config with bad hash: OK Test passed - Future Work ----------- - Roll-back protection using a TPM is done using the tpm command. This can |