For FIT signature based approach to work, RSA library needs to be selected. The FIT_SIGNATURE option in Kconfig is modified to automatically select RSA. Selecting RSA compiles the RSA library required for image verification.
Signed-off-by: Ruchika Gupta ruchika.gupta@freescale.com CC: Simon Glass sjg@chromium.org Acked-by: Simon Glass sjg@chromium.org --- Changes in v5: Word wrapping in commit Added space after .
Changes in v4: Expanded CONFIG_RSA with documentation link
Changes in v3: New patch created for adding Kconfig option for FIT signature
Kconfig | 3 ++- lib/Kconfig | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/Kconfig b/Kconfig index 153ee2b..c2d7cb9 100644 --- a/Kconfig +++ b/Kconfig @@ -116,8 +116,9 @@ config FIT_VERBOSE depends on FIT
config FIT_SIGNATURE - bool "Enabel signature verification of FIT uImages" + bool "Enable signature verification of FIT uImages" depends on FIT + select RSA help This option enables signature verification of FIT uImages, using a hash signed and verified using RSA. diff --git a/lib/Kconfig b/lib/Kconfig index 8460439..79b91b7 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -27,4 +27,11 @@ config SYS_HZ get_timer() must operate in milliseconds and this option must be set to 1000.
+config RSA + bool "Use RSA Library" + help + RSA support. This enables the RSA algorithm used for FIT image + verification in U-Boot. + See doc/uImage.FIT/signature.txt for more details. + endmenu