Hello,
The last reference I could find about it, is an email from dec.17 2012, but I'd like to re-ignite the discussion. Also, I'm new here - forgive me if I'm asking stupid questions. I'd like to implement a form of authenticated boot into u-boot. That is, I need it myself for a device that I'm making, and I'll gladly use anything if it is already available, but I don't think it is. For my solution, I'm assuming the existence (somewhere) to U-boot of the following three files/buffers: - A boot-image (a RAM disk) - A public key (type RSA in some format, perhaps more simple than x509 pem to keep additional source code small) - A signature and a function, based on those three files (I suppose that - although difficult - the signature can be part of the boot-image, while the public key may have to be in a boot-flash partition), that tells U-boot whether booting the image is Ok or not (and not booting when it's not Ok). I propose to do this, not using hardware encryption (which might not always be available and, in my case, I'm not even allowed to use) or openssl (which is a monster), but (parts of - which is, unlike openssl, quite easy) polarssl for the crypto. That is, of course, unless this feature already exists, which I would very much like to hear. Thanks for your time, KJ
_______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
