summaryrefslogtreecommitdiff
path: root/tools/mkimage.c
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2013-06-13 15:10:07 -0700
committerTom Rini <trini@ti.com>2013-06-26 10:18:56 -0400
commit399c744b22459585dc2dda2cb7353b3026e28e18 (patch)
tree82c9fe00fe92fd0eea8831a8224fcad3cac09aad /tools/mkimage.c
parent4f6104270146c76fcaf46e951f84cdc1612a04b7 (diff)
downloadu-boot-imx-399c744b22459585dc2dda2cb7353b3026e28e18.zip
u-boot-imx-399c744b22459585dc2dda2cb7353b3026e28e18.tar.gz
u-boot-imx-399c744b22459585dc2dda2cb7353b3026e28e18.tar.bz2
mkimage: Add -r option to specify keys that must be verified
Normally, multiple public keys can be provided and U-Boot is not required to use all of them for verification. This is because some images may not be signed, or may be optionally signed. But we still need a mechanism to determine when a key must be used. This feature cannot be implemented in the FIT itself, since anyone could change it to mark a key as optional. The requirement for key verification must go in with the public keys, in a place that is protected from modification. Add a -r option which tells mkimage to mark all keys that it uses for signing as 'required'. If some keys are optional and some are required, run mkimage several times (perhaps with different key directories if some keys are very secret) using the -F flag to update an existing FIT. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Marek Vasut <marex@denx.de>
Diffstat (limited to 'tools/mkimage.c')
-rw-r--r--tools/mkimage.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/tools/mkimage.c b/tools/mkimage.c
index b3b45a4..d312844 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -270,6 +270,9 @@ main (int argc, char **argv)
usage ();
params.imagename = *++argv;
goto NXTARG;
+ case 'r':
+ params.require_keys = 1;
+ break;
case 'R':
if (--argc <= 0)
usage();
@@ -645,11 +648,12 @@ usage ()
fprintf(stderr, " -D => set options for device tree compiler\n"
" -f => input filename for FIT source\n");
#ifdef CONFIG_FIT_SIGNATURE
- fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>]\n"
+ fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb] [ -c <comment>] [-r]\n"
" -k => set directory containing private keys\n"
" -K => write public keys to this .dtb file\n"
" -c => add comment in signature node\n"
- " -F => re-sign existing FIT image\n");
+ " -F => re-sign existing FIT image\n"
+ " -r => mark keys used as 'required' in dtb\n");
#else
fprintf(stderr, "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");
#endif