[PATCH 0/3] RFC: add fdt_add_pubkey tool
Rasmus Villemoes
rasmus.villemoes at prevas.dk
Tue Feb 11 10:49:13 CET 2020
In order to reduce the coupling between building the kernel and
U-Boot, I'd like a tool that can add a public key to U-Boot's dtb
without simultaneously signing a FIT image. That tool doesn't seem to
exist, so I stole the necessary pieces from mkimage et al and put it
in a single .c file.
I'm still working on the details of my proposed "require just k out
these n required keys" and how it should be implemented, but it will
probably involve teaching this tool a bunch of new options. These
patches are not necessarily ready for inclusion (unless someone else
finds fdt_add_pubkey useful as is), but I thought I might as well send
it out for early comments.
Rasmus Villemoes (3):
test_vboot.py: remove extraneous -k option to fit_check_sign
tools: add fdt_add_pubkey
test_vboot.py: include test of fdt_add_pubkey tool
test/py/tests/test_vboot.py | 11 ++++-
tools/.gitignore | 1 +
tools/Makefile | 3 ++
tools/fdt_add_pubkey.c | 96 +++++++++++++++++++++++++++++++++++++
4 files changed, 109 insertions(+), 2 deletions(-)
create mode 100644 tools/fdt_add_pubkey.c
--
2.23.0
More information about the U-Boot
mailing list