[U-Boot] Force check of RSA-Signature

Simon Glass sjg at chromium.org
Fri Sep 5 00:47:28 CEST 2014


Hi,

On 3 September 2014 09:12, Ulf Bartel <ulf.bartel at scansonic.de> wrote:

> Hello.
>
> We are currently testing U-Boot on a PPC. Beside booting the system we
> like to use it do some system updates (e.g. Kernel, FDT and Initrd). I've
> compiled U-Boot with support for AES and RSA-Signatures. We are storing the
> RSA public keys using a Fit-Image for U-Boot configuration on Flash.
> Basically both AES and RSA support works as expected,
>
> but:
>
> 1) is there a possibility to always be sure that accessing an image from a
> Fit-container checks the signature?
> If the signature is wrong, we get an error as expected. But if we generate
> an image without any signature (which may be generated by anybody) the
> access is of course possible. Currently I used something like
>
> fdt get value algorithm /images/script at 1/signature at 1/ algo &&
> test "$algorithm" = "sha1,rsa2048" && echo success
>
> to check if the image has a signature before proceeding. But this feels
> wrong.
>

See the -r flag for mkimage. See also doc/uImage.FIT/beaglebone_vboot.txt
which uses it.

>
> 2) Is there a possibility to check the signature/CRC before copying the
> image to ram with imxtract?
>

I'm not sure of the specifics here - sometimes the image must be
decompressed, etc. so in principle this is tricky to implement (but not
impossible). Another option might be to zero it afterwards if the check
fails?

Regards,
Simon


More information about the U-Boot mailing list