[PATCH v2 2/3] binman: Accept pkcs11 URI tokens for capsule updates
Wojciech Dubowik
Wojciech.Dubowik at mt.com
Tue Jan 6 12:09:58 CET 2026
With pkcs11 support in mkeficapsule we can now accept URI
tokens and not only files.
Signed-off-by: Wojciech Dubowik <Wojciech.Dubowik at mt.com>
---
tools/binman/etype/efi_capsule.py | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/tools/binman/etype/efi_capsule.py b/tools/binman/etype/efi_capsule.py
index 9f06cc88e6e5..3b30c12ea514 100644
--- a/tools/binman/etype/efi_capsule.py
+++ b/tools/binman/etype/efi_capsule.py
@@ -125,10 +125,14 @@ class Entry_efi_capsule(Entry_section):
private_key = ''
public_key_cert = ''
if self.auth:
- if not os.path.isabs(self.private_key):
+ if not os.path.isabs(self.private_key) and not 'pkcs11:' in self.private_key:
private_key = tools.get_input_filename(self.private_key)
- if not os.path.isabs(self.public_key_cert):
+ if not os.path.isabs(self.public_key_cert) and not 'pkcs11:' in self.public_key_cert:
public_key_cert = tools.get_input_filename(self.public_key_cert)
+ if 'pkcs11:' in self.private_key:
+ private_key = self.private_key
+ if 'pkcs11:' in self.public_key_cert:
+ public_key_cert = self.public_key_cert
data, payload, uniq = self.collect_contents_to_file(
self._entries.values(), 'capsule_in')
outfile = self._filename if self._filename else 'capsule.%s' % uniq
--
2.47.3
More information about the U-Boot
mailing list