Dear Wolfgang Denk, Thanks for this information. But this feature is used to check the kernel integrity.
My need is to authenticate the kernel image by the u-boot, to be sure that the kernel image is a official firmware. That is why i'm thinking about RSA signature. The goal is, at generation time, to sign the uImage with a private RSA key (unique for one firmware release), and u-boot uses the public RSA key to authenticate the uImage. Best regards, Cyrille FRANCOIS 2009/7/22, Wolfgang Denk <w...@denx.de>: > Dear Cyrille Francois, > > In message <61acdef60907212330r1a4d5829t976f88f72bcde...@mail.gmail.com> you > wrote: >> >> I'm looking for a solution to authenticate the kernel launched by >> u-boot via a RSA signature. >> Or another way perhaps... >> >> I ask here for that, before beginning my development... if a solution >> already exist. > > It exists. At least MD5 and SHA1 are supported. You need to wrap your > kernel into a "new style" aka FIT (Flattened Image Tree) image. See > doc/uImage.FIT/howto.txt and doc/uImage.FIT/* for details. > > Best regards, > > Wolfgang Denk > > -- > DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel > HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany > Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: w...@denx.de > You are only young once, but you can stay immature indefinitely. > _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
