[U-Boot] [PATCH v3 03/12] image: Add RSA support for image signing
Simon Glass
sjg at chromium.org
Thu Jun 27 08:44:52 CEST 2013
Hi Masahiro,
On Wed, Jun 26, 2013 at 9:08 PM, Masahiro Yamada
<yamada.m at jp.panasonic.com>wrote:
> Hello, Simon.
>
>
> When compiling the master branch,
> I got an error while a tools/mkimage build.
>
>
> u-boot/lib/rsa/rsa-sign.c:26:25: fatal error: openssl/rsa.h: No such
> file or directory
>
>
> I think this erorr is caused by commit 19c402a.
>
>
> I searched and installed the necessary package and
> I could resolve this error.
>
> $ apt-file search openssl/rsa.h
> libssl-dev: /usr/include/openssl/rsa.h
> $ sudo apt-get install libssl-dev
>
>
> Let me ask a question.
>
> Going forward do we always need the openssl development package
> for creating mkimage tool?
> Or is it possible to disable RSA feature by some CONFIG option?
>
This is to support verified boot using FIT. Yes it would be possible to
make it an option. I had it that way for a while, but then I worried that
it would create two versions of mkimage, one of which is incapable of
signing images. That means that mkimage would need to be built for a board
with verified boot enabled in order to get full functionality.
Perhaps another way would be to check for the header and (if not present),
silently build without signing support?
Regards,
Simon
>
>
> Best Regards
> Masahiro Yamada
>
>
More information about the U-Boot
mailing list