summaryrefslogtreecommitdiff
path: root/common
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2013-06-13 15:10:02 -0700
committerTom Rini <trini@ti.com>2013-06-26 10:18:56 -0400
commit19c402afa2e1190f596f35a84ac049b10d814f1f (patch)
tree4f4d2302f4b6fa01e9a2214dee6bfe75e220a010 /common
parent56518e71041fafdfd7af3a24f263b0a22efbeda9 (diff)
downloadu-boot-19c402afa2e1190f596f35a84ac049b10d814f1f.tar.gz
image: Add RSA support for image signing
RSA provides a public key encryption facility which is ideal for image signing and verification. Images are signed using a private key by mkimage. Then at run-time, the images are verified using a private key. This implementation uses openssl for the host part (mkimage). To avoid bringing large libraries into the U-Boot binary, the RSA public key is encoded using a simple numeric representation in the device tree. Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'common')
-rw-r--r--common/image-sig.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/common/image-sig.c b/common/image-sig.c
index 9b222daa0f..9928bfceca 100644
--- a/common/image-sig.c
+++ b/common/image-sig.c
@@ -27,8 +27,15 @@ DECLARE_GLOBAL_DATA_PTR;
#endif /* !USE_HOSTCC*/
#include <errno.h>
#include <image.h>
+#include <rsa.h>
struct image_sig_algo image_sig_algos[] = {
+ {
+ "sha1,rsa2048",
+ rsa_sign,
+ rsa_add_verify_data,
+ rsa_verify,
+ }
};
struct image_sig_algo *image_get_sig_algo(const char *name)