On Tue, 1 Oct 2024 at 07:58, Brian Ruley <[email protected]> wrote: > > Using the PKI tree with SRKs as intermediate CA isn't necessary or even > desirable in some situations (boot time, for example). Add the possibility > to use the "fast authentication" method where the image and CSF are both > signed using the SRK [1, p.63]. > > [1] > https://community.nxp.com/pwmxy87654/attachments/pwmxy87654/imx-processors/202591/1/CST_UG.pdf > > Signed-off-by: Brian Ruley <[email protected]> > Cc: Marek Vasut <[email protected]> > --- > Changes for v2: > - fixed default key length (s/2048/4096) for srk-crt node > Changes for v3: > - code formatting > Changes for v4: > - fix spelling in commit message > - code formatting > > tools/binman/etype/nxp_imx8mcst.py | 34 +++++++++++++++++++++++------- > 1 file changed, 26 insertions(+), 8 deletions(-)
Reviewed-by: Simon Glass <[email protected]> (since I am seeing progress on testing, thank you)
