51c14cd128
This allows a board to configure verified boot within the SPL using a FIT or FIT with external data. It also allows the SPL to perform signature verification without needing relocation. The board configuration will need to add the following feature defines: CONFIG_SPL_CRYPTO_SUPPORT CONFIG_SPL_HASH_SUPPORT CONFIG_SPL_SHA256 In this example, SHA256 is the only selected hashing algorithm. And the following booleans: CONFIG_SPL=y CONFIG_SPL_DM=y CONFIG_SPL_LOAD_FIT=y CONFIG_SPL_FIT=y CONFIG_SPL_OF_CONTROL=y CONFIG_SPL_OF_LIBFDT=y CONFIG_SPL_FIT_SIGNATURE=y Signed-off-by: Teddy Reed <teddy.reed@gmail.com> Acked-by: Simon Glass <sjg@chromium.org> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Acked-by: Sumit Garg <sumit.garg@nxp.com>
12 lines
275 B
Makefile
12 lines
275 B
Makefile
#
|
|
# Copyright (c) 2013, Google Inc.
|
|
#
|
|
# (C) Copyright 2000-2007
|
|
# Wolfgang Denk, DENX Software Engineering, wd@denx.de.
|
|
#
|
|
# SPDX-License-Identifier: GPL-2.0+
|
|
#
|
|
|
|
obj-$(CONFIG_$(SPL_)FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o
|
|
obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o
|