[PATCH 0/1] Introduce new sign binman's option
Ivan Mikhaylov
fr0st61te at gmail.com
Fri Dec 24 22:23:33 CET 2021
From: Ivan Mikhaylov <ivan.mikhaylov at siemens.com>
This patch introduces prototype of new sign binman's option. It doesn't looks
good for now but it shows how sign process can be done. Just enhancing
sign procedure, as example from:
mkimage -G privateky -r -o sha256,rsa4096 -F fit at 0x280000.fit
binman replace -i flash.bin -f fit at 0x280000.fit fit at 0x280000
into:
binman sign -i flash.bin -k privatekey -a sha256,rsa4096 -f fit at 0x280000.fit fit at 0x280000
1. Is it needed at all? I think, it improves the way of signing, maybe
there is some other opinions on this spot?
2. I hope, that `mkimage sign` can be replaced with python code instead
of tools.Run.
3. And what things/cases should be covered in case of approval of such
option? Tests?
4. Also this option may cover cases like for TI's K3 architectures, it
may replace things like tools/k3_gen_x509_cert.sh with binman sign
option.
Also this patch refers on
https://lists.denx.de/pipermail/u-boot/2021-November/468282.html with
algo option for mkimage.
Ivan Mikhaylov (1):
binman: add sign option for binman
tools/binman/cmdline.py | 13 +++++++++++++
tools/binman/control.py | 27 ++++++++++++++++++++++++++-
2 files changed, 39 insertions(+), 1 deletion(-)
--
More information about the U-Boot
mailing list