[PATCH 2/2] binman: Accept pkcs11 URI tokens for capsule updates
Simon Glass
sjg at chromium.org
Sat Dec 27 15:52:36 CET 2025
Hi Wojciech,
On Tue, 16 Dec 2025 at 08:09, Wojciech Dubowik <Wojciech.Dubowik at mt.com> wrote:
>
> With pkcs11 support in mkeficapsule we can now accept URI
> tokens and not only files.
>
> Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik at mt.com>
> ---
> tools/binman/etype/efi_capsule.py | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/binman/etype/efi_capsule.py b/tools/binman/etype/efi_capsule.py
> index 9f06cc88e6e5..8ab022915d9d 100644
> --- a/tools/binman/etype/efi_capsule.py
> +++ b/tools/binman/etype/efi_capsule.py
> @@ -125,9 +125,9 @@ class Entry_efi_capsule(Entry_section):
> private_key = ''
> public_key_cert = ''
> if self.auth:
> - if not os.path.isabs(self.private_key):
> + if not os.path.isabs(self.private_key) and not 'pkcs11:' in self.private_key:
> private_key = tools.get_input_filename(self.private_key)
> - if not os.path.isabs(self.public_key_cert):
> + if not os.path.isabs(self.public_key_cert) and not 'pkcs11:' in self.public_key_cert:
> public_key_cert = tools.get_input_filename(self.public_key_cert)
> data, payload, uniq = self.collect_contents_to_file(
> self._entries.values(), 'capsule_in')
> --
> 2.47.3
>
Does this have a test case?
Regards,
Simon
More information about the U-Boot
mailing list