From: Simon Glass <sjg@chromium.org>
To: Ivan Mikhaylov <fr0st61te@gmail.com>
Cc: Jan Kiszka <jan.kiszka@siemens.com>,
U-Boot Mailing List <u-boot@lists.denx.de>,
Ivan Mikhaylov <ivan.mikhaylov@siemens.com>
Subject: Re: [PATCH 1/1] binman: add sign option for binman
Date: Tue, 28 Dec 2021 01:34:55 -0700 [thread overview]
Message-ID: <CAPnjgZ0YRbFQGBpuJEMUjWwuhuOsiDWz_wJQ=zRTxtYgT1j4nQ@mail.gmail.com> (raw)
In-Reply-To: <20211224212334.7146-2-fr0st61te@gmail.com>
Hi Ivan,
On Fri, 24 Dec 2021 at 11:23, Ivan Mikhaylov <fr0st61te@gmail.com> wrote:
>
> Introduce prototype for binman's new option which provides sign
> and replace sections in binary images.
>
> Usage as example:
>
> from:
> mkimage -G privateky -r -o sha256,rsa4096 -F fit@0x280000.fit
> binman replace -i flash.bin -f fit@0x280000.fit fit@0x280000
>
> to:
> binman sign -i flash.bin -k privatekey -a sha256,rsa4096 -f fit@0x280000.fit fit@0x280000
>
> Signed-off-by: Ivan Mikhaylov <ivan.mikhaylov@siemens.com>
> ---
> tools/binman/cmdline.py | 13 +++++++++++++
> tools/binman/control.py | 27 ++++++++++++++++++++++++++-
> 2 files changed, 39 insertions(+), 1 deletion(-)
This looks good. Just need a test and docs update (also check 'binman
test -T' for 100% code coverage).
Nits below
>
> diff --git a/tools/binman/cmdline.py b/tools/binman/cmdline.py
> index e73ff78095..c3cfd17d1c 100644
> --- a/tools/binman/cmdline.py
> +++ b/tools/binman/cmdline.py
> @@ -113,6 +113,19 @@ controlled by a description in the board device tree.'''
> replace_parser.add_argument('paths', type=str, nargs='*',
> help='Paths within file to replace (wildcard)')
>
> + sign_parser = subparsers.add_parser('sign',
> + help='Sign entries in image')
> + sign_parser.add_argument('-i', '--image', type=str, required=True,
> + help='Image filename to update')
> + sign_parser.add_argument('-k', '--key', type=str, required=True,
> + help='Private key file for sign')
s/sign/signing/
> + sign_parser.add_argument('-a', '--algo', type=str, required=True,
> + help='Hash algorithm')
e.g. sha256,rsa4096
> + sign_parser.add_argument('-f', '--file', type=str, required=True,
> + help='Input filename to sign')
Please sort the options in alpha order: -a, -f, -i, -k
[..]
Regards,
Simon
next prev parent reply other threads:[~2021-12-28 8:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-24 21:23 [PATCH 0/1] Introduce new sign binman's option Ivan Mikhaylov
2021-12-24 21:23 ` [PATCH 1/1] binman: add sign option for binman Ivan Mikhaylov
2021-12-28 8:34 ` Simon Glass [this message]
2022-01-27 13:00 ` Ivan Mikhaylov
2022-02-07 20:22 ` Simon Glass
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPnjgZ0YRbFQGBpuJEMUjWwuhuOsiDWz_wJQ=zRTxtYgT1j4nQ@mail.gmail.com' \
--to=sjg@chromium.org \
--cc=fr0st61te@gmail.com \
--cc=ivan.mikhaylov@siemens.com \
--cc=jan.kiszka@siemens.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.