[v3,05/15] ecdsa: fix support of secp521r1
Simon Glass
sjg at chromium.org
Thu Apr 2 00:07:31 CEST 2026
Hi Philippe,
On 2026-03-31T10:00:34, Philippe Reynes <philippe.reynes at softathome.com> wrote:
> diff --git a/tools/image-sig-host.c b/tools/image-sig-host.c
> @@ -84,7 +84,7 @@ struct crypto_algo crypto_algos[] = {
> - .name = "secp521r1",
> + .name = "ecdsa521",
Raymond already raised this - Changing this to ecdsa521 breaks
backwards compatibility - existing FIT images signed with algo =
"sha256,secp521r1" will no longer verify.
If consistency is desired, I suspect the better approach would be to
support both names during verification (the old name for
compatibility, the new name going forward). What do you think?
Regards,
Simon
More information about the U-Boot
mailing list