26 Apr
2023
26 Apr
'23
8:49 p.m.
Hi there,
First of all, I would like to thank you for the tool, I like it a lot.
I've been trying to sign uboot by placing signature section into configurations section. Something like:
{ algo = "sha256,rsa2048"; key-name-hint = "dev"; sign-images = "fdt", "loadables"; }
But I can't find how to sign the second stage uboot, and integrate the public key into uboot spl device tree with binman. Prior to binman I used mkimage to do that, as follows:
mkimage -f uboot.its -K u-boot.dtb -k ./keys -r image.fit
Could not find it in the documentation, I only saw pre-load, but I am not sure that this is what I am looking for.
Would appreciate if you could give some hint on how this could be done.
Thank you for your help
Cheers, Andy