[PATCH 0/2] Binman: fix signing an encrypted FIT with a
yan wang
yan.wang at softathome.com
Mon Jun 2 16:52:26 CEST 2025
When running the test case testPreLoadEncryptedFit, mkimage has been called
multiple times. Each call to Entry_fit's GetData falls into Entry_fit's
BuildSectionData then mkimage is called. The last mkimage is called after
the image has been signed with the preload key. As mkimage uses a random
IV for encryption and the timestamps may differ, There is a
mismatch between the previously calculated signature and the
final fit included in the image.
During ProcessImage, how can one tell when exactly a fit is well generated,
and stop the useless mkimage afterwards?
Paul HENRYS (1):
tools: binman: Test signing an encrypted FIT with a preload header
yan wang (1):
binman: Fix signing an encryted FIT with a preload key
tools/binman/ftest.py | 17 +++++
tools/binman/image.py | 10 +++
.../test/336_pre_load_fit_encrypted.dts | 63 +++++++++++++++++++
3 files changed, 90 insertions(+)
create mode 100644 tools/binman/test/336_pre_load_fit_encrypted.dts
--
2.25.1
More information about the U-Boot
mailing list