From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <u-boot-bounces@lists.denx.de>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A59DDC433F5
	for <u-boot@archiver.kernel.org>; Wed,  5 Oct 2022 16:04:57 +0000 (UTC)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 9621484812;
	Wed,  5 Oct 2022 18:04:55 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=siemens.com
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key; unprotected) header.d=siemens.com header.i=@siemens.com header.b="pVuiyDsv";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 90BDE8484A; Wed,  5 Oct 2022 18:04:54 +0200 (CEST)
Received: from EUR01-DB5-obe.outbound.protection.outlook.com
 (mail-eopbgr150048.outbound.protection.outlook.com [40.107.15.48])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id BE62784485
 for <u-boot@lists.denx.de>; Wed,  5 Oct 2022 18:04:51 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=siemens.com
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=jan.kiszka@siemens.com
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=l3kNQdmiOcOM/7yyF6lAU29E1juJq/UHRC3FQ2+LxYYOeRYyS5Ve9st+PZVVX5mlCSWV8fTxRS42J//G1LePv672Ys9+j3JNtoPzgH2QYQ+aSN2/0ZItMv3fAZyxcIEF9tW8QT20f1tmiZmiBhALnv8/tpypBTOQ489LFl7pfcYv0PcFkbAR4GqihwiBxPW+jtJwcZpcVEMVyLT/dAP07QcKI0QwE3oppMurQCL1/7PE6/zPgcbP+K7ueHU5ULbBsbp2Pbi+lhSFaygpzmQoCQwUw2k4luDFxqGDn1yscoSKx0WPQRP8qU4VepKbPrDchXuzRCRpDd3d6hVPHuc74A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=8XPR48Nk6MtprjsqoO1OGwP45FfJq5zZUjKA7qMynrs=;
 b=FqBkFpiRqPVaaGknDF1evqDppMwmdNE8XIFaey15A3C/QuvvOk3Mvm4f6IkcxPQDo0D6ANwv1ZIlkS+XItr/aGfusgfrIbDoRAuINdbS2wgNpsbYd7rFGop65K1UTBjtD6uz76aMCUv7jJyx6yCy0Xknm2jJM3i8N1m1KGkyStiHx3tIiIQ828QQMTrAiUZ6MwUkbvOO47D0Tas7KxFqSb3rfrxxbhIjOH8JYIMAFj7UrOEKVvKjBtv+XLUOdlDkSpjeUUqfrNPcWuvwpWpvx5KmQsHu8qOr8GP4t1N5x9n4J7RSMq7KujeUhg6U3cK5q3x96OfW6grhUoHzKmT+Vw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 194.138.21.75) smtp.rcpttodomain=chromium.org smtp.mailfrom=siemens.com;
 dmarc=pass (p=none sp=none pct=100) action=none header.from=siemens.com;
 dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=8XPR48Nk6MtprjsqoO1OGwP45FfJq5zZUjKA7qMynrs=;
 b=pVuiyDsvjTSIJlMgQLfS4U09lwqM0UZ/PG7fWGbJgynvSNnkZsj3dPot60JAtVwCW8FvK/O907EfH59DwQIS7JY0cjeFtFthFqJmB008I1d5DvqMDrmznHbLcBK+XR2t1JReBPmchoGocYfk1vgvd1vwMAWVCTT5Q3nyNLyu0V0/yFWKF5sCGa1eKc5EFaU0IRB/1EY7lOSChM4O/R4z0q74q6xAPgMkXwubRiyLlYYtjjVywXzlsXtG+sPD6fPDyambPgFkFz/vdlOpAxrtPM36ca2+9EvaLtaNjBMkGJCd4UAgKdm2oc0Je+vchEGGElGFgaQHazHspOuu/ojyPg==
Received: from DB6PR0501CA0025.eurprd05.prod.outlook.com (2603:10a6:4:67::11)
 by GV1PR10MB6290.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:92::15)
 with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.32; Wed, 5 Oct
 2022 16:04:50 +0000
Received: from DB5EUR01FT071.eop-EUR01.prod.protection.outlook.com
 (2603:10a6:4:67:cafe::3a) by DB6PR0501CA0025.outlook.office365.com
 (2603:10a6:4:67::11) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.30 via Frontend
 Transport; Wed, 5 Oct 2022 16:04:50 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 194.138.21.75)
 smtp.mailfrom=siemens.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=siemens.com;
Received-SPF: Pass (protection.outlook.com: domain of siemens.com designates
 194.138.21.75 as permitted sender) receiver=protection.outlook.com;
 client-ip=194.138.21.75; helo=hybrid.siemens.com; pr=C
Received: from hybrid.siemens.com (194.138.21.75) by
 DB5EUR01FT071.mail.protection.outlook.com (10.152.5.8) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.5709.10 via Frontend Transport; Wed, 5 Oct 2022 16:04:50 +0000
Received: from DEMCHDC89XA.ad011.siemens.net (139.25.226.103) by
 DEMCHDC8VRA.ad011.siemens.net (194.138.21.75) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1118.12; Wed, 5 Oct 2022 18:04:50 +0200
Received: from [139.21.17.164] (139.21.17.164) by
 DEMCHDC89XA.ad011.siemens.net (139.25.226.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.12; Wed, 5 Oct 2022 18:04:49 +0200
Message-ID: <4a901065-d2e9-7d30-9737-63d3cdc6d462@siemens.com>
Date: Wed, 5 Oct 2022 18:04:48 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.3.0
Subject: Re: [PATCH V2 10/13] iot2050: Add script for signing artifacts
Content-Language: en-US
To: Simon Glass <sjg@chromium.org>
CC: U-Boot Mailing List <u-boot@lists.denx.de>
References: <cover.1664958832.git.jan.kiszka@siemens.com>
 <4ba5b89af2ccc113eeeb21a5d503f37155749a3f.1664958832.git.jan.kiszka@siemens.com>
 <CAPnjgZ0RRu2qH2F27Y283iTh0C761usjtp14+C_9o47hsW5tPA@mail.gmail.com>
From: Jan Kiszka <jan.kiszka@siemens.com>
In-Reply-To: <CAPnjgZ0RRu2qH2F27Y283iTh0C761usjtp14+C_9o47hsW5tPA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [139.21.17.164]
X-ClientProxiedBy: DEMCHDC89XA.ad011.siemens.net (139.25.226.103) To
 DEMCHDC89XA.ad011.siemens.net (139.25.226.103)
X-TM-AS-Product-Ver: SMEX-14.0.0.3080-8.6.1018-26680.007
X-TM-AS-Result: No-10--12.081100-8.000000
X-TMASE-MatchedRID: Fi1yTWlF5J/rOhfRe676RwJfVW3wuXXEPg9yfk4YC0bxryc2N+6fmk+c
 rEA4+nhZIFWQH/JudNgOPOogdbkzeYeIEp9e5kvjsMrpfzhECQU/TckLkomq+gXGi/7cli9jlNc
 2tyboPcLoyF+2lT/wWg6+rPzHX18b2TwqUMkxU0vTUJMI/BDGSWMNX/9K+QfeCtzGvPCy/m7zZK
 DA1/pIrrobGHR5ejtrNJ3/6jNv2j/6xwROYh7urhN4dB/EldNV9RYy+aTqMwV7TXnCjI8t9r8KI
 pAt5pKklAFH5WviIWiyl1phL2htxJcskeOj7yLTtqjRmi7h575Nfs8n85Te8oMbH85DUZXy3Qfw
 sVk0UbtuRXh7bFKB7pK0jWuTJ7c7nAKceWYHzff+nyaefYKw+fmRC7MPsh65xYVzI3UCCaY=
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No
X-TMASE-Result: 10--12.081100-8.000000
X-TMASE-Version: SMEX-14.0.0.3080-8.6.1018-26680.007
X-TM-SNTS-SMTP: E7E9E651FCE764D30BCD3D486C82F252FC8D9241615DCC1BA5071E90CBDBC3F72000:8
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB5EUR01FT071:EE_|GV1PR10MB6290:EE_
X-MS-Office365-Filtering-Correlation-Id: 302b2bdf-23f8-4433-e749-08daa6eb5547
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 4zOdOepJ/OOAVVxO16wJkwOuPG1cdXB6YmMAEPaaLRSyQvYO18hYnVsWFWIo/otEJHUc6OEsxL058FG/KxskHCa7nUG9OmJkzRQlDTm6/clrB3oOps7CLqj+AoJyx8+bTEp5r/iHwD48v4LOwx1YUX2ZCWjQtnnbAy3+jA5msL8n12wh+ig2074oSHnzEypAMLlPuKrvpRL9SQfNl+IWMXLsjflnJOneP+w3OybbZNNYZjAHxo8jgZdXvRrceAyZJ4oVsmicUjeFk9rv5Px+wcHOYQmU3MdoGPwKtni8kfxBiv2sUvbjl7PkYleenIUvzUV/d7kmydoI6x6Fe9WdjRHXbVsoiJufwFASK+y695tnt/w/kGM76R3CrN1FkW7gy8hDlqljTcFNsmDqYnIVaCjaNsfhuPbj8uEV2l8vK2GzrDa6mUp6dz/l1kSU/0WibrzGOHuRvY8GBYHkBKDRTpYO66FXfvJ3TKgjixmaloKCGVgAp5M4eKpOg9LVpoHAoICLTRufsoIdy6bLrTJdFiSz6aUQlXdjc4hGoCK07hdRUK2D/t4XSf1Bam/5D07HPXCVxMWJmkMbnQQkOC8EmdN8Lh6QvVxYqQFwKym4x+OLcitV4+rerpj6lRSj7yQV1Ch6g4wTMkLHYbPAUM2Oma6rk+q+zV334eD3EuhWJq2LRp8DRWB/VUNTZfIT1hlzXWnSOiROQZ4poWdy8hLlLsm2W+j1SJxx8uebCCDZzAclcp5T8qLDHf2pbcWgtTjAhINuP2gcM8F14e8JVoGAxpgmT1lcX3E33arH+EmxbYM/f6ekKlOki+PlLm9jjmgdDWgBzrb1wf/whaJA0S4EYjJltV/0ZLd4H1w8RdbWT5o=
X-Forefront-Antispam-Report: CIP:194.138.21.75; CTRY:DE; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:hybrid.siemens.com; PTR:InfoDomainNonexistent; CAT:NONE;
 SFS:(13230022)(4636009)(39860400002)(136003)(396003)(376002)(346002)(451199015)(40470700004)(46966006)(36840700001)(5660300002)(2906002)(41300700001)(44832011)(70586007)(70206006)(2616005)(81166007)(8676002)(4326008)(47076005)(478600001)(53546011)(16526019)(336012)(186003)(82310400005)(6706004)(316002)(6916009)(16576012)(40460700003)(356005)(82960400001)(40480700001)(82740400003)(86362001)(83380400001)(26005)(31686004)(36860700001)(956004)(8936002)(36756003)(31696002)(3940600001)(36900700001)(43740500002);
 DIR:OUT; SFP:1101; 
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2022 16:04:50.3866 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 302b2bdf-23f8-4433-e749-08daa6eb5547
X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; Ip=[194.138.21.75];
 Helo=[hybrid.siemens.com]
X-MS-Exchange-CrossTenant-AuthSource: DB5EUR01FT071.eop-EUR01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR10MB6290
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

On 05.10.22 17:58, Simon Glass wrote:
> Hi Jan,
> 
> On Wed, 5 Oct 2022 at 02:36, Jan Kiszka <jan.kiszka@siemens.com> wrote:
>>
>> From: Jan Kiszka <jan.kiszka@siemens.com>
>>
>> There are many ways to get a signed firmware for the IOT2050 devices,
>> namely for the parts under user-control. This script documents one way
>> of doing it, given a signing key. Augment the board documentation with
>> the required procedure around it.
>>
>> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
>> ---
>>  doc/board/siemens/iot2050.rst | 52 +++++++++++++++++++++++++++++++++++
>>  tools/iot2050-sign-fw.sh      | 51 ++++++++++++++++++++++++++++++++++
>>  2 files changed, 103 insertions(+)
>>  create mode 100755 tools/iot2050-sign-fw.sh
> 
> Please use binman for this. You can create  new entry type for your
> needs. We want to avoid adding arch-specific scripts with no tests.

We will need a script in the foreseeable future, even when binman should
be fixed /wrt replace - see how the certs need to be set up.

Jan

-- 
Siemens AG, Technology
Competence Center Embedded Linux