git.baikalelectronics.ru Git - uboot.git/commit

author	Sean Anderson <sean.anderson@seco.com>
	Mon, 16 May 2022 20:11:08 +0000 (16:11 -0400)
committer	Tom Rini <trini@konsulko.com>
	Mon, 6 Jun 2022 22:01:20 +0000 (18:01 -0400)
commit	edf8343e20567d36744bf730ba27d37e3d1e1f0f
tree	34dbf5df7e5c357a8ba32c0ab3c10310c7a6f5b8	tree \| snapshot
parent	d3b4c85529b5adf0fd166a50ec7d09ebe2ddf837	commit \| diff

mkimage: Support signing 'auto' FITs

This adds support for signing images in auto-generated FITs. To do this,
we need to add a signature node. The algorithm name property already has
its own option, but we need one for the key name hint. We could have
gone the -G route and added an explicit name for the public key (like
what is done for the private key). However, many places assume the
public key can be constructed from the key dir and hint, and I don't
want to do the refactoring necessary.

As a consequence of this, it is now easier to add public keys to an
existing image without signing something. This could be done all along,
but now you don't have to create an its just to do it. Ideally, we
wouldn't create a FIT at the end. This could be done by calling
fit_image_setup_sig/info.crypto->add_verify_data directly.

Signed-off-by: Sean Anderson <sean.anderson@seco.com>

doc/mkimage.1		diff \| blob \| history
tools/fit_image.c		diff \| blob \| history
tools/imagetool.h		diff \| blob \| history
tools/mkimage.c		diff \| blob \| history