From 399c744b22459585dc2dda2cb7353b3026e28e18 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 Jun 2013 15:10:07 -0700 Subject: mkimage: Add -r option to specify keys that must be verified Normally, multiple public keys can be provided and U-Boot is not required to use all of them for verification. This is because some images may not be signed, or may be optionally signed. But we still need a mechanism to determine when a key must be used. This feature cannot be implemented in the FIT itself, since anyone could change it to mark a key as optional. The requirement for key verification must go in with the public keys, in a place that is protected from modification. Add a -r option which tells mkimage to mark all keys that it uses for signing as 'required'. If some keys are optional and some are required, run mkimage several times (perhaps with different key directories if some keys are very secret) using the -F flag to update an existing FIT. Signed-off-by: Simon Glass Reviewed-by: Marek Vasut --- tools/fit_image.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'tools/fit_image.c') diff --git a/tools/fit_image.c b/tools/fit_image.c index d48f571..281c2bd 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -152,10 +152,11 @@ static int fit_handle_file (struct mkimage_params *params) goto err_mmap; /* set hashes for images in the blob */ - if (fit_add_verification_data(params->keydir, dest_blob, ptr, - params->comment, 0)) { - fprintf (stderr, "%s Can't add hashes to FIT blob", - params->cmdname); + if (fit_add_verification_data(params->keydir, + dest_blob, ptr, params->comment, + params->require_keys)) { + fprintf(stderr, "%s Can't add hashes to FIT blob\n", + params->cmdname); goto err_add_hashes; } -- cgit v1.1