diff options
| author | Simon Glass <sjg@chromium.org> | 2013-06-13 15:10:02 -0700 |
|---|---|---|
| committer | Tom Rini <trini@ti.com> | 2013-06-26 10:18:56 -0400 |
| commit | 19c402afa2e1190f596f35a84ac049b10d814f1f (patch) | |
| tree | 4f4d2302f4b6fa01e9a2214dee6bfe75e220a010 /tools | |
| parent | 56518e71041fafdfd7af3a24f263b0a22efbeda9 (diff) | |
| download | olio-uboot-2014.01-19c402afa2e1190f596f35a84ac049b10d814f1f.tar.xz olio-uboot-2014.01-19c402afa2e1190f596f35a84ac049b10d814f1f.zip | |
image: Add RSA support for image signing
RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large libraries into the U-Boot binary, the RSA public key
is encoded using a simple numeric representation in the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/Makefile | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/tools/Makefile b/tools/Makefile index e3cb3bf5b..cc912fb06 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -125,6 +125,9 @@ LIBFDT_OBJ_FILES-y += fdt_rw.o LIBFDT_OBJ_FILES-y += fdt_strerror.o LIBFDT_OBJ_FILES-y += fdt_wip.o +# RSA objects +RSA_OBJ_FILES-y += rsa-sign.o + # Generated LCD/video logo LOGO_H = $(OBJTREE)/include/bmp_logo.h LOGO_DATA_H = $(OBJTREE)/include/bmp_logo_data.h @@ -152,8 +155,10 @@ endif # !LOGO_BMP HOSTSRCS += $(addprefix $(SRCTREE)/,$(EXT_OBJ_FILES-y:.o=.c)) HOSTSRCS += $(addprefix $(SRCTREE)/tools/,$(OBJ_FILES-y:.o=.c)) HOSTSRCS += $(addprefix $(SRCTREE)/lib/libfdt/,$(LIBFDT_OBJ_FILES-y:.o=.c)) +HOSTSRCS += $(addprefix $(SRCTREE)/lib/rsa/,$(RSA_OBJ_FILES-y:.o=.c)) BINS := $(addprefix $(obj),$(sort $(BIN_FILES-y))) LIBFDT_OBJS := $(addprefix $(obj),$(LIBFDT_OBJ_FILES-y)) +RSA_OBJS := $(addprefix $(obj),$(RSA_OBJ_FILES-y)) # We cannot check CONFIG_FIT_SIGNATURE here since it is not set on the host FIT_SIG_OBJ_FILES := image-sig.o @@ -228,8 +233,9 @@ $(obj)mkimage$(SFX): $(obj)aisimage.o \ $(obj)omapimage.o \ $(obj)sha1.o \ $(obj)ublimage.o \ - $(LIBFDT_OBJS) - $(HOSTCC) $(HOSTCFLAGS) $(HOSTLDFLAGS) -o $@ $^ + $(LIBFDT_OBJS) \ + $(RSA_OBJS) + $(HOSTCC) $(HOSTCFLAGS) $(HOSTLDFLAGS) -o $@ $^ $(HOSTLIBS) $(HOSTSTRIP) $@ $(obj)mk$(BOARD)spl$(SFX): $(obj)mkexynosspl.o @@ -265,6 +271,9 @@ $(obj)%.o: $(SRCTREE)/lib/%.c $(obj)%.o: $(SRCTREE)/lib/libfdt/%.c $(HOSTCC) -g $(HOSTCFLAGS_NOPED) -c -o $@ $< +$(obj)%.o: $(SRCTREE)/lib/rsa/%.c + $(HOSTCC) -g $(HOSTCFLAGS_NOPED) -c -o $@ $< + subdirs: ifeq ($(TOOLSUBDIRS),) @: |