From patchwork Tue May 2 04:47:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 1775722 X-Patchwork-Delegate: xypron.glpk@gmx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=tkos.co.il header.i=@tkos.co.il header.a=rsa-sha256 header.s=default header.b=MwaU3vfJ; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Q9SJK2VCzz20fd for ; Tue, 2 May 2023 14:48:17 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 934E2863B2; Tue, 2 May 2023 06:47:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=tkos.co.il Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; secure) header.d=tkos.co.il header.i=@tkos.co.il header.b="MwaU3vfJ"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8904986380; Tue, 2 May 2023 06:47:48 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail.tkos.co.il (guitar.tkos.co.il [84.110.109.230]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 0E93886303 for ; Tue, 2 May 2023 06:47:44 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=tkos.co.il Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=baruch@tkos.co.il Received: from tarshish.tkos.co.il (unknown [10.0.8.2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.tkos.co.il (Postfix) with ESMTPS id 47642441078; Tue, 2 May 2023 07:42:03 +0300 (IDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tkos.co.il; s=default; t=1683002523; bh=yqVwEx3VcuEi+Zle5WvVolX/7g2kCcMkw14SM1PBo08=; h=From:To:Cc:Subject:Date:From; b=MwaU3vfJsQY7aQ8Pb6t/NUdP6jd7MmOI4HwwRmzToAKSyiNAW2cJcOk2NYq763AfU PAtqAqHM32v7ed9tvT3SQE6v14Nrq1LYDUoKHZjqnicqXR8Q/gpzj4/5Oz12q1tFmJ tOHTvW3dQmb00/XuIPHQysS+xaYkOTNhHP7/CvYz8sGGA55XzShU3HWp3RW8WdRMuy c5uAgXWnBL2B93MeZkBtkssZ27frI7J11mIOVbXOVC67q7aTgDR4Pp8lElkwxlKhWI v9CsdLtQQw6d45JrcILfPQyWszG3Ur/xlm8mR3MxwIXRxoRUOGc8FGfyd+/eMTcwY7 8FBYV79slwUyg== From: Baruch Siach To: Simon Glass Cc: u-boot@lists.denx.de, Baruch Siach Subject: [PATCH 1/4] doc: signature: update algorithms support description Date: Tue, 2 May 2023 07:47:28 +0300 Message-Id: <58421075b02401535de82d4b91616c270b020982.1683002851.git.baruch@tkos.co.il> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean U-Boot supports more hash and verification algorithms these days. Signed-off-by: Baruch Siach Reviewed-by: Simon Glass --- doc/uImage.FIT/signature.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/uImage.FIT/signature.txt b/doc/uImage.FIT/signature.txt index c71280b63bb6..bc123f512f7b 100644 --- a/doc/uImage.FIT/signature.txt +++ b/doc/uImage.FIT/signature.txt @@ -42,8 +42,8 @@ device. Algorithms ---------- In principle any suitable algorithm can be used to sign and verify a hash. -At present only one class of algorithms is supported: SHA1 hashing with RSA. -This works by hashing the image to produce a 20-byte hash. +U-Boot supports a few hashing and verification algorithms. See below for +details. While it is acceptable to bring in large cryptographic libraries such as openssl on the host side (e.g. mkimage), it is not desirable for U-Boot.