mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-11-28 23:51:33 +00:00
mkimage: Add -c option to specify a comment for key signing
When signing an image, it is useful to add some details about which tool or person is authorising the signing. Add a comment field which can take care of miscellaneous requirements. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Marek Vasut <marex@denx.de>
This commit is contained in:
parent
95d77b4479
commit
4f61042701
4 changed files with 16 additions and 3 deletions
|
@ -96,6 +96,12 @@ Set XIP (execute in place) flag.
|
|||
.P
|
||||
.B Create FIT image:
|
||||
|
||||
.TP
|
||||
.BI "\-c [" "comment" "]"
|
||||
Specifies a comment to be added when signing. This is typically a useful
|
||||
message which describes how the image was signed or some other useful
|
||||
information.
|
||||
|
||||
.TP
|
||||
.BI "\-D [" "dtc options" "]"
|
||||
Provide special options to the device tree compiler that is used to
|
||||
|
|
|
@ -153,9 +153,9 @@ static int fit_handle_file (struct mkimage_params *params)
|
|||
|
||||
/* set hashes for images in the blob */
|
||||
if (fit_add_verification_data(params->keydir, dest_blob, ptr,
|
||||
NULL, 0)) {
|
||||
params->comment, 0)) {
|
||||
fprintf (stderr, "%s Can't add hashes to FIT blob",
|
||||
params->cmdname);
|
||||
params->cmdname);
|
||||
goto err_add_hashes;
|
||||
}
|
||||
|
||||
|
|
|
@ -183,6 +183,11 @@ main (int argc, char **argv)
|
|||
genimg_get_arch_id (*++argv)) < 0)
|
||||
usage ();
|
||||
goto NXTARG;
|
||||
case 'c':
|
||||
if (--argc <= 0)
|
||||
usage();
|
||||
params.comment = *++argv;
|
||||
goto NXTARG;
|
||||
case 'C':
|
||||
if ((--argc <= 0) ||
|
||||
(params.comp =
|
||||
|
@ -640,9 +645,10 @@ usage ()
|
|||
fprintf(stderr, " -D => set options for device tree compiler\n"
|
||||
" -f => input filename for FIT source\n");
|
||||
#ifdef CONFIG_FIT_SIGNATURE
|
||||
fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb]\n"
|
||||
fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>]\n"
|
||||
" -k => set directory containing private keys\n"
|
||||
" -K => write public keys to this .dtb file\n"
|
||||
" -c => add comment in signature node\n"
|
||||
" -F => re-sign existing FIT image\n");
|
||||
#else
|
||||
fprintf(stderr, "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");
|
||||
|
|
|
@ -89,6 +89,7 @@ struct mkimage_params {
|
|||
char *cmdname;
|
||||
const char *keydir; /* Directory holding private keys */
|
||||
const char *keydest; /* Destination .dtb for public key */
|
||||
const char *comment; /* Comment to add to signature node */
|
||||
};
|
||||
|
||||
/*
|
||||
|
|
Loading…
Reference in a new issue