How to make u-boot verify script signature in FIT image

Andrii Voloshyn a.voloshyn at d.mobilunity.com
Fri Oct 2 12:44:58 CEST 2020


Hi there,

      I have a script in FIT image, I want to verify its signature before running it.
When I run "source" command, it doesn't check the signature, only hash at 1.

images {
       ...
       script {
            description = "Script";
            data = /incbin/("script.txt");
            type = "script";
            compression = "none";
            hash at 1 {
                algo = "crc32";
            };
            signature {
                    algo = "sha256,rsa4096";
            };
        };
}
    
  How to make u-boot verify the script before running it? Is it possible to auto run the script when boot a configuration from a FIT image?

Thank you

Cheers,
Andy



More information about the U-Boot mailing list