git.openwrt.org Git - project/bcm63xx/atf.git/commit

author	Soby Mathew <soby.mathew@arm.com>
	Thu, 31 Aug 2017 10:50:29 +0000 (11:50 +0100)
committer	Soby Mathew <soby.mathew@arm.com>
	Thu, 31 Aug 2017 15:42:11 +0000 (16:42 +0100)
commit	a8eb286adaa73e86305317b9cae15d41c57de8e7
tree	dfb4cbd2168a73d0dabf2e2472e9a414a40dc916	tree \| snapshot
parent	2091755c5e3b8d94333b9aad742e61db9d754cc5	commit \| diff

cert_tool: Support for legacy RSA PKCS#1 v1.5

This patch enables choice of RSA version at run time to be used for
generating signatures by the cert_tool. The RSA PSS as defined in
PKCS#1 v2.1 becomes the default version and this patch enables to specify
the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
-a option. Also, the build option `KEY_ALG` can be used to pass this
option from the build system. Please note that RSA PSS is mandated
by Trusted Board Boot requirements (TBBR) and legacy RSA support is
being added for compatibility reasons.

Fixes ARM-Software/tf-issues#499
Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
Co-Authored-By: Eleanor Bonnici <Eleanor.bonnici@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

docs/user-guide.rst		diff \| blob \| history
drivers/auth/mbedtls/mbedtls_crypto.mk		diff \| blob \| history
tools/cert_create/include/cert.h		diff \| blob \| history
tools/cert_create/include/key.h		diff \| blob \| history
tools/cert_create/src/cert.c		diff \| blob \| history
tools/cert_create/src/main.c		diff \| blob \| history