Re: Injecting public keys into FTDs for FIT verification

Hi, On Fri, 5 Nov 2021 at 07:04, Jan Kiszka wrote: > > On 05.11.21 13:42, Jan Kiszka wrote: > > On 05.11.21 11:28, Rasmus Villemoes wrote: > >> On 05/11/2021 11.16, Jan Kiszka wrote: > >>> Hi all, > >>> > >>> in order to use CONFIG_FIT_SIGNATURE and also > >>> CONFIG_SPL_FIT_SIGNATURE, a public

Re: Injecting public keys into FTDs for FIT verification

On 05.11.21 13:42, Jan Kiszka wrote: > On 05.11.21 11:28, Rasmus Villemoes wrote: >> On 05/11/2021 11.16, Jan Kiszka wrote: >>> Hi all, >>> >>> in order to use CONFIG_FIT_SIGNATURE and also >>> CONFIG_SPL_FIT_SIGNATURE, a public key needs to be placed into the >>> control FDT. So far, I only found

Re: Injecting public keys into FTDs for FIT verification

On 05.11.21 11:28, Rasmus Villemoes wrote: > On 05/11/2021 11.16, Jan Kiszka wrote: >> Hi all, >> >> in order to use CONFIG_FIT_SIGNATURE and also >> CONFIG_SPL_FIT_SIGNATURE, a public key needs to be placed into the >> control FDT. So far, I only found mkimage being able to do that during >> FIT

Re: Injecting public keys into FTDs for FIT verification

On 05/11/2021 11.16, Jan Kiszka wrote: > Hi all, > > in order to use CONFIG_FIT_SIGNATURE and also > CONFIG_SPL_FIT_SIGNATURE, a public key needs to be placed into the > control FDT. So far, I only found mkimage being able to do that during > FIT image signing. That is fairly unhandy and often

Injecting public keys into FTDs for FIT verification

Hi all, in order to use CONFIG_FIT_SIGNATURE and also CONFIG_SPL_FIT_SIGNATURE, a public key needs to be placed into the control FDT. So far, I only found mkimage being able to do that during FIT image signing. That is fairly unhandy and often incompatible with how firmware is built & signed vs.