Re: [U-Boot] [PATCH 1/3] tools: k3_get_x509 cert: Add a script to generate x509 certificate for K3 devices

On Thu, May 02, 2019 at 03:35:50PM +0530, Lokesh Vutla wrote:

TI's K3 boot architecture mandates a x509 certificate for every boot image. While signing the image K3 ROM allows for two types of keys based on which the boot image gets loaded in different ways:

• Degenerate RSA keys: This generates a signature which is equal to the digest. When ROM sees this, it does a DMA for copying the images, which significantly improves the boot time.
• Any other key: Does a memcpy to load the image. This is introduced as a fallback for DMA copy.

Add a script for generating boot images with the above options. Default generates image using rsa degenerate key in order to improve boot time.

Signed-off-by: Lokesh Vutla lokeshvutla@ti.com Signed-off-by: Dave Gerlach d-gerlach@ti.com Signed-off-by: Andreas Dannenberg dannenberg@ti.com

Applied to u-boot/master, thanks!