image: Add RSA support for image signing

RSA provides a public key encryption facility which is ideal for image signing and verification. Images are signed using a private key by mkimage. Then at run-time, the images are verified using a private key. This implementation uses openssl for the host part (mkimage). To avoid bringing large libraries into the U-Boot binary, the RSA public key is encoded using a simple numeric representation in the device tree. Signed-off-by: Simon Glass <sjg@chromium.org>
author: Simon Glass <sjg@chromium.org> 2013-06-13 15:10:02 -0700
committer: Tom Rini <trini@ti.com> 2013-06-26 10:18:56 -0400
commit: 19c402afa2e1190f596f35a84ac049b10d814f1f (patch)
tree: 4f4d2302f4b6fa01e9a2214dee6bfe75e220a010 /README
parent: 56518e71041fafdfd7af3a24f263b0a22efbeda9 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/README b/README
index d3e03d797fc..0f417b599d2 100644
--- a/README
+++ b/README
@@ -2581,6 +2581,16 @@ CBFS (Coreboot Filesystem) support
 		Note: There is also a sha1sum command, which should perhaps
 		be deprecated in favour of 'hash sha1'.
 
+- Signing support:
+		CONFIG_RSA
+
+		This enables the RSA algorithm used for FIT image verification
+		in U-Boot. See doc/uImage/signature for more information.
+
+		The signing part is build into mkimage regardless of this
+		option.
+
+
 - Show boot progress:
 		CONFIG_SHOW_BOOT_PROGRESS
author	Simon Glass <sjg@chromium.org>	2013-06-13 15:10:02 -0700
committer	Tom Rini <trini@ti.com>	2013-06-26 10:18:56 -0400
commit	19c402afa2e1190f596f35a84ac049b10d814f1f (patch)
tree	4f4d2302f4b6fa01e9a2214dee6bfe75e220a010 /README
parent	56518e71041fafdfd7af3a24f263b0a22efbeda9 (diff)