Kconfig: FIT_SIGNATURE should not select RSA_VERIFY

FIT signatures can now be implemented with ECDSA. The assumption that all FIT images are signed with RSA is no longer valid. Thus, instead of 'select'ing RSA, only 'imply' it. This doesn't change the defaults, but allows one to explicitly disable RSA support. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Igor Opaniuk <igor.opaniuk@foundries.io> Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
author: Alexandru Gagniuc <mr.nuke.me@gmail.com> 2021-07-29 19:47:18 +0300
committer: Patrice Chotard <patrice.chotard@foss.st.com> 2021-08-16 11:49:35 +0300
commit: 61416fe9df966319866f058bb69c49922f33adcb (patch)
tree: caf81e68c0c46de228dd11941752eb4801a1b491
parent: ee870859ce19a3b1b932e946646cb85f2474ab39 (diff)
download: u-boot-61416fe9df966319866f058bb69c49922f33adcb.tar.xz
1 files changed, 4 insertions, 4 deletions
diff --git a/common/Kconfig.boot b/common/Kconfig.boot
index f39df04bbf..0d4c38402c 100644
--- a/common/Kconfig.boot
+++ b/common/Kconfig.boot
@@ -76,8 +76,8 @@ config FIT_SIGNATURE
 	bool "Enable signature verification of FIT uImages"
 	depends on DM
 	select HASH
-	select RSA
-	select RSA_VERIFY
+	imply RSA
+	imply RSA_VERIFY
 	select IMAGE_SIGN_INFO
 	select FIT_FULL_CHECK
 	help
@@ -186,8 +186,8 @@ config SPL_FIT_SIGNATURE
 	select SPL_FIT
 	select SPL_CRYPTO
 	select SPL_HASH_SUPPORT
-	select SPL_RSA
-	select SPL_RSA_VERIFY
+	imply SPL_RSA
+	imply SPL_RSA_VERIFY
 	select SPL_IMAGE_SIGN_INFO
 	select SPL_FIT_FULL_CHECK
author	Alexandru Gagniuc <mr.nuke.me@gmail.com>	2021-07-29 19:47:18 +0300
committer	Patrice Chotard <patrice.chotard@foss.st.com>	2021-08-16 11:49:35 +0300
commit	61416fe9df966319866f058bb69c49922f33adcb (patch)
tree	caf81e68c0c46de228dd11941752eb4801a1b491
parent	ee870859ce19a3b1b932e946646cb85f2474ab39 (diff)
download	u-boot-61416fe9df966319866f058bb69c49922f33adcb.tar.xz