e0f2f15534
Remove the verified boot limitation that only allows a single RSA public exponent of 65537 (F4). This change allows use with existing PKI infrastructure and has been tested with HSM-based PKI. Change the configuration OF tree format to store the RSA public exponent as a 64 bit integer and implement backward compatibility for verified boot configuration trees without this extra field. Parameterise vboot_test.sh to test different public exponents. Mathematics and other hard work by Andrew Bott. Tested with the following public exponents: 3, 5, 17, 257, 39981, 50457, 65537 and 4294967297. Signed-off-by: Andrew Bott <Andrew.Bott@ipaccess.com> Signed-off-by: Andrew Wishart <Andrew.Wishart@ipaccess.com> Signed-off-by: Neil Piercy <Neil.Piercy@ipaccess.com> Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Cc: Simon Glass <sjg@chromium.org> |
||
---|---|---|
.. | ||
beaglebone_vboot.txt | ||
command_syntax_extensions.txt | ||
howto.txt | ||
kernel_fdt.its | ||
kernel.its | ||
multi.its | ||
sign-configs.its | ||
sign-images.its | ||
signature.txt | ||
source_file_format.txt | ||
update3.its | ||
update_uboot.its | ||
verified-boot.txt |