Kconfig: FIT_SIGNATURE should not select RSA_VERIFY
FIT signatures can now be implemented with ECDSA. The assumption that all FIT images are signed with RSA is no longer valid. Thus, instead of 'select'ing RSA, only 'imply' it. This doesn't change the defaults, but allows one to explicitly disable RSA support. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io> Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
This commit is contained in:
Alexandru Gagniuc
Patrice Chotard
parent
ee870859ce
commit
61416fe9df
@ -76,8 +76,8 @@ config FIT_SIGNATURE
|
||||
bool "Enable signature verification of FIT uImages"
|
||||
depends on DM
|
||||
select HASH
|
||||
select RSA
|
||||
select RSA_VERIFY
|
||||
imply RSA
|
||||
imply RSA_VERIFY
|
||||
select IMAGE_SIGN_INFO
|
||||
select FIT_FULL_CHECK
|
||||
help
|
||||
@ -186,8 +186,8 @@ config SPL_FIT_SIGNATURE
|
||||
select SPL_FIT
|
||||
select SPL_CRYPTO
|
||||
select SPL_HASH_SUPPORT
|
||||
select SPL_RSA
|
||||
select SPL_RSA_VERIFY
|
||||
imply SPL_RSA
|
||||
imply SPL_RSA_VERIFY
|
||||
select SPL_IMAGE_SIGN_INFO
|
||||
select SPL_FIT_FULL_CHECK
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user