Kconfig: FIT_SIGNATURE should not select RSA_VERIFY FIT signatures can now be implemented with ECDSA. The assumption that all FIT images are signed with RSA is no longer valid. Thus, instead of 'select'ing RSA, only 'imply' it. This doesn't change the defaults, but allows one to explicitly disable RSA support. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io> Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>

commit: 1f2e231e2a96fe3d2436e97d9b813d1cf1985daa [log] [tgz]
author: Alexandru Gagniuc <mr.nuke.me@gmail.com> Thu Jul 29 11:47:18 2021 -0500
committer: Patrice Chotard <patrice.chotard@foss.st.com> Mon Aug 16 10:49:35 2021 +0200
tree: caf81e68c0c46de228dd11941752eb4801a1b491
parent: 31aa69744dbdb29dfc13e1f778cec4af63fb08a5 [diff] [blame]
diff --git a/common/Kconfig.boot b/common/Kconfig.boot
index f39df04..0d4c384 100644
--- a/common/Kconfig.boot
+++ b/common/Kconfig.boot

@@ -76,8 +76,8 @@
 	bool "Enable signature verification of FIT uImages"
 	depends on DM
 	select HASH
-	select RSA
-	select RSA_VERIFY
+	imply RSA
+	imply RSA_VERIFY
 	select IMAGE_SIGN_INFO
 	select FIT_FULL_CHECK
 	help
@@ -186,8 +186,8 @@
 	select SPL_FIT
 	select SPL_CRYPTO
 	select SPL_HASH_SUPPORT
-	select SPL_RSA
-	select SPL_RSA_VERIFY
+	imply SPL_RSA
+	imply SPL_RSA_VERIFY
 	select SPL_IMAGE_SIGN_INFO
 	select SPL_FIT_FULL_CHECK
commit	1f2e231e2a96fe3d2436e97d9b813d1cf1985daa	[log] [tgz]
author	Alexandru Gagniuc <mr.nuke.me@gmail.com>	Thu Jul 29 11:47:18 2021 -0500
committer	Patrice Chotard <patrice.chotard@foss.st.com>	Mon Aug 16 10:49:35 2021 +0200
tree	caf81e68c0c46de228dd11941752eb4801a1b491
parent	31aa69744dbdb29dfc13e1f778cec4af63fb08a5 [diff] [blame]