From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D6CA9C433F5 for ; Fri, 14 Jan 2022 09:21:53 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id F2D938339D; Fri, 14 Jan 2022 10:21:41 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=siemens.com header.i=@siemens.com header.b="RL/wT0Bd"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id E71ED8339D; Fri, 14 Jan 2022 10:21:38 +0100 (CET) Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on061c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe1e::61c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id ED9558339D for ; Fri, 14 Jan 2022 10:21:32 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=jan.kiszka@siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cMxr5/npCoFzpT3tQPr3z2AYsD/i2opuBPRruxp6yRpWPPcjqODibLh+Ciw49vv5EcJVV+6wEdUwL7lJPk06HxGOGMS327YW0jt+D58E0DHb8yXbtLCKf93ihTUApGEmnDhM4b9rcdeX80pEhSt9wn3l2ovolBCMqYBiC7kGM0p28aeb45aBc6VMZq73OO0FLGEDLqlVD5HIRB0XYRAofrnjUicZHsMDBOLQEdnY6NWq37g52kx1m5m5w89MPdvcTMZS57RxWivnBg/8pGIaw6z0PhmQsouGG38PBwhBoBUIYOSns+PQn+jNbY7J7+89nNwDhFGMGijyoZMsYXjS9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2D9kyT9UujmNaDTpEVdzOb6Xz4k223PAIwtY1rQQ98A=; b=QMzWXJxDAodh0UFKQMlt28TPtTZeUJ+Pb6VpIDoeWxZUTHzeSDnrIsD/LZyFUJouGFomgye3roKuBY1RBsQ/4X3oeif7sXJi91euR6Q8X3fyPONGar02a/TKgrJsVqUeNDLa/oBu3vRxU7EZRV3SItpHj8mO5DGMDy3RBAH+WggYh1FJYSRdO/BmGwv9cdhAJynU641eGBV3ZS2tE7GvuSH509fuho4wx5fTEtGm6dcLOM3cFF1Ju7z/+ibVONGudOIqaktBIWAIhvxCgOK0/cSohLLrGKXnjB/6rq6JsloJrofDVeAVZHjd/HJd8C3RgX9pV/zX3sRfc1eK0zROcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 194.138.21.71) smtp.rcpttodomain=lists.denx.de smtp.mailfrom=siemens.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=siemens.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2D9kyT9UujmNaDTpEVdzOb6Xz4k223PAIwtY1rQQ98A=; b=RL/wT0BdUQTJbCh/TIdwF3ys9aL14dO3CEDMJdkMFbMb+I6YNZvUj1qiYEG5FjcySZqVy0vVr1si25XmBUP3UUbLt1FDrY27enCSpYxzpsWThQSP9FV4MxzjK0e9vM81pnWmXgkIL5ju/o2jv88fsBtL6jYCYF1Opj8VQytcD5Fl2elvnG+wWsmAi7WGk8a+n6R6UXjh2rFO3kJyQnvRgUFOhTf4DagLsbnLr5367udPQ1YzTPEZP5ulNS6o2M2tu9vmlm7BLNsylUceWgybvPTr66vUvDNm7QJJMpx59+chwCvmkTQT13cGBRqCbGHQr3WY/qWcwo8E89zjkfjpRQ== Received: from SV0P279CA0009.NORP279.PROD.OUTLOOK.COM (2603:10a6:f10:11::14) by AS8PR10MB4710.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:336::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.9; Fri, 14 Jan 2022 09:21:31 +0000 Received: from HE1EUR01FT051.eop-EUR01.prod.protection.outlook.com (2603:10a6:f10:11:cafe::aa) by SV0P279CA0009.outlook.office365.com (2603:10a6:f10:11::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.10 via Frontend Transport; Fri, 14 Jan 2022 09:21:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 194.138.21.71) smtp.mailfrom=siemens.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=siemens.com; Received-SPF: Pass (protection.outlook.com: domain of siemens.com designates 194.138.21.71 as permitted sender) receiver=protection.outlook.com; client-ip=194.138.21.71; helo=hybrid.siemens.com; Received: from hybrid.siemens.com (194.138.21.71) by HE1EUR01FT051.mail.protection.outlook.com (10.152.1.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.4888.9 via Frontend Transport; Fri, 14 Jan 2022 09:21:31 +0000 Received: from DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) by DEMCHDC9SKA.ad011.siemens.net (194.138.21.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Fri, 14 Jan 2022 10:21:30 +0100 Received: from md1q0hnc.ad001.siemens.net (167.87.0.93) by DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Fri, 14 Jan 2022 10:21:30 +0100 From: Jan Kiszka To: U-Boot Mailing List CC: Simon Glass , Ivan Mikhaylov Subject: [resent][PATCH 0/3] mkimage: allow to specify signing algorithm Date: Fri, 14 Jan 2022 10:21:16 +0100 Message-ID: X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [167.87.0.93] X-ClientProxiedBy: DEMCHDC89XA.ad011.siemens.net (139.25.226.103) To DEMCHDC8A0A.ad011.siemens.net (139.25.226.106) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 91e22be5-a800-4d4b-9185-08d9d73f4066 X-MS-TrafficTypeDiagnostic: AS8PR10MB4710:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: u1+Tn59XCRjBXVKggJmH1/XEykIHtGL3MZ+Q7gilmtx4k3d0fWujognHHJMnlGiVSwPK1aK7qcsxiCBf71zt31/xf6jVRId9HHTQtDXcSMNhnbJhEkYDdXU2Sz+PAfRM9ZwUGybj5dTm4aBmQMrbhCheHT6w2Ov2RA0zrOj1jjexD5oJRTKiJz+0fy8PbemhOLO5cSYV4WsIXigE8PDMyOEA+U3GTFZUUKfRuBDZ9LXc0p+/wMEZTfAZYYYbHYFQEBVPTJBL9Dpg4pm7+e7TV3nVKTcjoQ7Qvwe+zU4TrKX2gg283fw7go7VBs8yW5fKY07FMHesEPpVSP+gPC+f0RHB19tB2V6RgcV6zv4P1FMOAzNZV3+tc/J9i+S3+xrPnVO28ore7B/eaa9qVKcVKRk9wRJq9ZyTldPI+Ro9M/zse6NFWCREJPiKBCBeyqsY1kuh65ZJTFpOReG3qD58D+RiZPs80vN/skeRj0BDdgjfkoHQUApJl0uLLcL+W6tlIwL3kIIDAj46OQDzhKgcNGMCQAbQ7dpE911hd5LQb7YPGAqv3uQFpdplpWqvBeTHpDS31qh8M1dW0Ixpklk/jfH94V298lWnlt2C2QCsdAwgRp3vxH5/xAGLaWHsX6yHcJKK+ZI4R48BH9q7mTahq32upA4SdZkTx/3/35/GRYS/mN8GOTemkV6a11Zi6m5G7TAMbTC13n6TcTyC2sXF844VUl2KC0zQG9Vg8oOAi+WZ54K5DutYv3ix1lrqcVOYFzgtQs5008g0CetGRpOJJ416uhbWBHrXh+nBLGbjkXY= X-Forefront-Antispam-Report: CIP:194.138.21.71; CTRY:DE; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:hybrid.siemens.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(4636009)(46966006)(40470700002)(36840700001)(8676002)(40460700001)(44832011)(4326008)(186003)(16526019)(86362001)(2906002)(107886003)(5660300002)(82960400001)(81166007)(356005)(54906003)(26005)(6666004)(316002)(508600001)(70206006)(36860700001)(6916009)(36756003)(47076005)(82310400004)(8936002)(83380400001)(2616005)(956004)(336012)(70586007)(36900700001); DIR:OUT; SFP:1101; X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Jan 2022 09:21:31.1917 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 91e22be5-a800-4d4b-9185-08d9d73f4066 X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; Ip=[194.138.21.71]; Helo=[hybrid.siemens.com] X-MS-Exchange-CrossTenant-AuthSource: HE1EUR01FT051.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR10MB4710 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean [resent as requested by Simon] Another step to decouple the FIT image specification from the actual signing: With these changes, the signature nodes can leave out an algo property, mkimage will initialize that as well while signing. This way, in-tree FIT source files can be prepared for gaining signatures without defining the key type or size upfront, forcing users to patch the code to change that. Patch 1 is preparatory for this, patch 2 a drive-by cleanup. A better solution would actually be if the algorithm was derived from the provided key. But the underlying crypto layer seems to be rather unprepared for that. Jan Jan Kiszka (3): image-fit: Make string of algo parameter constant mkimage: Drop unused OPT_STRING constant mkimage: Allow to specify the signature algorithm on the command line boot/image-fit-sig.c | 2 +- boot/image-fit.c | 8 +++---- doc/mkimage.1 | 5 +++++ include/image.h | 5 +++-- tools/fit_image.c | 3 ++- tools/image-host.c | 50 +++++++++++++++++++++++++------------------- tools/imagetool.h | 1 + tools/mkimage.c | 6 ++++-- 8 files changed, 49 insertions(+), 31 deletions(-) -- 2.31.1