IMHO openssl is unsuitable for this purpose. Openssl is really good at what it does, don't get me wrong, but using it in a boot loader probably isn't the easiest/smartest idea. What you really want is a subset of PKCS#1 - that is, EMSA-PSS encoding and verification plus RSASP1/RSAVP1. I'm working on some code which happens to implement exactly this feature set using GMP, and it could trivially be ported to some smaller bigint library. I release all my code under GPL3+, and you're welcome to use it as such - but it sounds like you're working on some tivoized system, which is incompatible with GPL3.
Mike On Wed, Apr 20, 2011 at 12:39 AM, loody <milo...@gmail.com> wrote: > hi all: > My quesitons about openssl are below: > 1. I want to take advantage of RSA and SHA in openssl for secure booting. > Can they run as standalone program, that means they can run without > libc support. > > 2. I want RSA and sha authentication run in DRAM instead of flash, > such that the speed will be faster. Is that possible to fix the link > address of openssl? > > > > -- > Regards, > miloody > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
