mbox series

[0/4] mkimage: Add a 'keyfile' argument for image signing

Message ID 20210204195705.2057081-1-mr.nuke.me@gmail.com
Headers show
Series mkimage: Add a 'keyfile' argument for image signing | expand

Message

Alexandru Gagniuc Feb. 4, 2021, 7:57 p.m. UTC 
This series is a continuation of the following series
 *    [PATCH v5 0/6] Add support for ECDSA image signing (with test)

There were some requests in the previous series to be more consistent
between RSA and ECDSA paths, particularly in the area of handling the
'keydir' argument.

This series adds a 'keyfile' argument to be used in lieu of the
antiquated 'keydir'. Using 'keyfile' allows signing images that do not
contain a "key-name-hint" property.

Other issues, such as automatically adding the 'signature' node were
discussed. Such features are beyond the scope of this series. I am
going to halt any further work on mkimage because of time constraints.
I hope the corrections in this series are sufficient to finally allow 
users to sign their images with ECDSA.


Alexandru Gagniuc (4):
  doc: signature.txt: Document the keydir and keyfile arguments
  mkimage: Add a 'keyfile' argument for image signing
  lib/rsa: Use the 'keyfile' argument from mkimage
  lib/ecdsa: Use the 'keydir' argument from mkimage if appropriate

 doc/uImage.FIT/signature.txt | 13 +++++++++
 include/image.h              |  8 ++++--
 lib/ecdsa/ecdsa-libcrypto.c  | 10 ++++++-
 lib/rsa/rsa-sign.c           | 34 +++++++++++++++++------
 tools/fit_image.c            |  3 +-
 tools/image-host.c           | 54 ++++++++++++++++++++----------------
 tools/imagetool.h            |  1 +
 tools/mkimage.c              |  6 +++-
 8 files changed, 91 insertions(+), 38 deletions(-)