[PATCH 0/4] mkimage: Add a 'keyfile' argument for image signing
Alexandru Gagniuc
mr.nuke.me at gmail.com
Thu Feb 4 20:57:01 CET 2021
This series is a continuation of the following series
* [PATCH v5 0/6] Add support for ECDSA image signing (with test)
There were some requests in the previous series to be more consistent
between RSA and ECDSA paths, particularly in the area of handling the
'keydir' argument.
This series adds a 'keyfile' argument to be used in lieu of the
antiquated 'keydir'. Using 'keyfile' allows signing images that do not
contain a "key-name-hint" property.
Other issues, such as automatically adding the 'signature' node were
discussed. Such features are beyond the scope of this series. I am
going to halt any further work on mkimage because of time constraints.
I hope the corrections in this series are sufficient to finally allow
users to sign their images with ECDSA.
Alexandru Gagniuc (4):
doc: signature.txt: Document the keydir and keyfile arguments
mkimage: Add a 'keyfile' argument for image signing
lib/rsa: Use the 'keyfile' argument from mkimage
lib/ecdsa: Use the 'keydir' argument from mkimage if appropriate
doc/uImage.FIT/signature.txt | 13 +++++++++
include/image.h | 8 ++++--
lib/ecdsa/ecdsa-libcrypto.c | 10 ++++++-
lib/rsa/rsa-sign.c | 34 +++++++++++++++++------
tools/fit_image.c | 3 +-
tools/image-host.c | 54 ++++++++++++++++++++----------------
tools/imagetool.h | 1 +
tools/mkimage.c | 6 +++-
8 files changed, 91 insertions(+), 38 deletions(-)
--
2.26.2
More information about the U-Boot
mailing list