[PATCH 1/1] binman: add sign option for binman
Simon Glass
sjg at chromium.org
Tue Dec 28 09:34:55 CET 2021
Hi Ivan,
On Fri, 24 Dec 2021 at 11:23, Ivan Mikhaylov <fr0st61te at gmail.com> wrote:
>
> Introduce prototype for binman's new option which provides sign
> and replace sections in binary images.
>
> Usage as example:
>
> from:
> mkimage -G privateky -r -o sha256,rsa4096 -F fit at 0x280000.fit
> binman replace -i flash.bin -f fit at 0x280000.fit fit at 0x280000
>
> to:
> binman sign -i flash.bin -k privatekey -a sha256,rsa4096 -f fit at 0x280000.fit fit at 0x280000
>
> Signed-off-by: Ivan Mikhaylov <ivan.mikhaylov at siemens.com>
> ---
> tools/binman/cmdline.py | 13 +++++++++++++
> tools/binman/control.py | 27 ++++++++++++++++++++++++++-
> 2 files changed, 39 insertions(+), 1 deletion(-)
This looks good. Just need a test and docs update (also check 'binman
test -T' for 100% code coverage).
Nits below
>
> diff --git a/tools/binman/cmdline.py b/tools/binman/cmdline.py
> index e73ff78095..c3cfd17d1c 100644
> --- a/tools/binman/cmdline.py
> +++ b/tools/binman/cmdline.py
> @@ -113,6 +113,19 @@ controlled by a description in the board device tree.'''
> replace_parser.add_argument('paths', type=str, nargs='*',
> help='Paths within file to replace (wildcard)')
>
> + sign_parser = subparsers.add_parser('sign',
> + help='Sign entries in image')
> + sign_parser.add_argument('-i', '--image', type=str, required=True,
> + help='Image filename to update')
> + sign_parser.add_argument('-k', '--key', type=str, required=True,
> + help='Private key file for sign')
s/sign/signing/
> + sign_parser.add_argument('-a', '--algo', type=str, required=True,
> + help='Hash algorithm')
e.g. sha256,rsa4096
> + sign_parser.add_argument('-f', '--file', type=str, required=True,
> + help='Input filename to sign')
Please sort the options in alpha order: -a, -f, -i, -k
[..]
Regards,
Simon
More information about the U-Boot
mailing list