RSA provides a public key encryption facility which is ideal for image
signing and verification.
Images are signed using a private key by mkimage. Then at run-time, the
images are verified using a private key.
This implementation uses openssl for the host part (mkimage). To avoid
bringing large libraries into the U-Boot binary, the RSA public key
is encoded using a simple numeric representation in the device tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.
Signed-off-by: Simon Glass <sjg@chromium.org>
Simon Glass