lib: rsa: allow rsa verify with pkey in SPL
This commit adds the option SPL_RSA_VERIFY_WITH_PKEY. Reviewed-by: Simon Glass <sjg@chromium.org> Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit is contained in:
parent
e44ec9f709
commit
f6bacf1d48
@ -47,6 +47,25 @@ config RSA_VERIFY_WITH_PKEY
|
||||
directly specified in image_sign_info, where all the necessary
|
||||
key properties will be calculated on the fly in verification code.
|
||||
|
||||
config SPL_RSA_VERIFY_WITH_PKEY
|
||||
bool "Execute RSA verification without key parameters from FDT within SPL"
|
||||
depends on SPL
|
||||
select SPL_RSA_VERIFY
|
||||
select SPL_ASYMMETRIC_KEY_TYPE
|
||||
select SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
|
||||
select SPL_RSA_PUBLIC_KEY_PARSER
|
||||
help
|
||||
The standard RSA-signature verification code (FIT_SIGNATURE) uses
|
||||
pre-calculated key properties, that are stored in fdt blob, in
|
||||
decrypting a signature.
|
||||
This does not suit the use case where there is no way defined to
|
||||
provide such additional key properties in standardized form,
|
||||
particularly UEFI secure boot.
|
||||
This options enables RSA signature verification with a public key
|
||||
directly specified in image_sign_info, where all the necessary
|
||||
key properties will be calculated on the fly in verification code
|
||||
in the SPL.
|
||||
|
||||
config RSA_SOFTWARE_EXP
|
||||
bool "Enable driver for RSA Modular Exponentiation in software"
|
||||
depends on DM
|
||||
|
Loading…
Reference in New Issue
Block a user