[U-Boot-Users] Support for verifying the certificate signatures on the downloaded files?
Wolfgang Denk
wd at denx.de
Wed Nov 3 00:18:47 CET 2004
In message <87mzxz3n3o.fsf at deepthought.outer.space.org> you wrote:
>
> > Based on my reading of the u-boot documentation, at present u-boot
> > there is no support for verification of certificate signatures in
> > the downloaded files. If, this Is correct, has somebody considered
> > adding support for this to u-boot?
>
> You mean checking downloaded image files signed by certificates? Um,
> I am not sure what you want to do this for in a _bootloader_ - sure
Well, I've heard that song before. It goes something like this:
let'smake sure that our cutomers cannot run any modified images. We
know what the customer wants (usually better than he himself), and
there is no reason to meddle with our perfect solutions.
Usually these people forget that U-Boot is under GPL, so they have to
deliver the full source code to the customer, and all it takes to
disable this expensive (in terms of effort, boot time and memory
footprint) extension is deleting a "#define" in a board config file.
Best regards,
Wolfgang Denk
--
See us @ Embedded/Electronica Munich, Nov 09 - 12, Hall A.6 Booth 513
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
If I have seen further it is by standing on the shoulders of giants.
- Isaac Newton, Letter to Robert Hooke, 5 February 1676
More information about the U-Boot
mailing list