diff options
author | Steffen Jaeckel <jaeckel-floss@eyet-services.de> | 2021-07-08 16:57:39 +0300 |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2021-07-23 20:36:20 +0300 |
commit | 33198740aca2d68e9760cfd6ebb5a55894431966 (patch) | |
tree | 51aa2df2efe3c3cd581f59bfd82ac88892c1826f /common/Kconfig.boot | |
parent | d199c3ab1c3afa7a17259f4045516f5fbfaaa446 (diff) | |
download | u-boot-33198740aca2d68e9760cfd6ebb5a55894431966.tar.xz |
common: add support to fallback to plain SHA256
In case crypt-based hashing is enabled this will be the default mechanism
that is used. If a user wants to have support for both, the environment
variable `bootstopusesha256` can be set to `true` to allow plain SHA256
based hashing of the password.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'common/Kconfig.boot')
-rw-r--r-- | common/Kconfig.boot | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/common/Kconfig.boot b/common/Kconfig.boot index e0cca226da..49e28b2ef2 100644 --- a/common/Kconfig.boot +++ b/common/Kconfig.boot @@ -835,6 +835,14 @@ config AUTOBOOT_ENCRYPTION This provides a way to ship a secure production device which can also be accessed at the U-Boot command line. +config AUTOBOOT_SHA256_FALLBACK + bool "Allow fallback from crypt-hashed password to sha256" + depends on AUTOBOOT_ENCRYPTION && CRYPT_PW + help + This option adds support to fall back from crypt-hashed + passwords to checking a SHA256 hashed password in case the + 'bootstopusesha256' environment variable is set to 'true'. + config AUTOBOOT_DELAY_STR string "Delay autobooting via specific input key / string" depends on AUTOBOOT_KEYED && !AUTOBOOT_ENCRYPTION |