[U-Boot] [U-Boot, v3] Implement generalised RSA public exponents for verified boot
Tom Rini
trini at ti.com
Mon Aug 11 00:21:39 CEST 2014
On Wed, Jul 02, 2014 at 10:17:26AM +0200, Michael van der Westhuizen wrote:
> From: Michael van der Westhuizen <michael at smart-africa.com>
>
> Remove the verified boot limitation that only allows a single
> RSA public exponent of 65537 (F4). This change allows use with
> existing PKI infrastructure and has been tested with HSM-based
> PKI.
>
> Change the configuration OF tree format to store the RSA public
> exponent as a 64 bit integer and implement backward compatibility
> for verified boot configuration trees without this extra field.
>
> Parameterise vboot_test.sh to test different public exponents.
>
> Mathematics and other hard work by Andrew Bott.
>
> Tested with the following public exponents: 3, 5, 17, 257, 39981,
> 50457, 65537 and 4294967297.
>
> Signed-off-by: Andrew Bott <Andrew.Bott at ipaccess.com>
> Signed-off-by: Andrew Wishart <Andrew.Wishart at ipaccess.com>
> Signed-off-by: Neil Piercy <Neil.Piercy at ipaccess.com>
> Signed-off-by: Michael van der Westhuizen <michael at smart-africa.com>
> Cc: Simon Glass <sjg at chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20140810/f70725cf/attachment.pgp>
More information about the U-Boot
mailing list