Hi Alexandru,
On Thu, 4 Feb 2021 at 12:57, Alexandru Gagniuc mr.nuke.me@gmail.com wrote:
It's not always desirable to use 'keydir' and some ad-hoc heuristics to get the filename of the signing key. More often, just passing the filename is the simpler, easier, and logical thing to do.
Since mkimage doesn't use long options, we're slowly running out of letters. I've chosen '-G' because it was available.
Signed-off-by: Alexandru Gagniuc mr.nuke.me@gmail.com
include/image.h | 8 ++++--- tools/fit_image.c | 3 ++- tools/image-host.c | 58 +++++++++++++++++++++++++--------------------- tools/imagetool.h | 1 + tools/mkimage.c | 6 ++++- 5 files changed, 45 insertions(+), 31 deletions(-)
Reviewed-by: Simon Glass sjg@chromium.org
See below.
diff --git a/include/image.h b/include/image.h index 2447321023..9bc8b8d179 100644 --- a/include/image.h +++ b/include/image.h @@ -1128,9 +1128,10 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit,
0, on successlibfdt error code, on failure*/ -int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
const char *comment, int require_keys,const char *engine_id, const char *cmdname);+int fit_add_verification_data(const char *keydir, const char *keyfile,
void *keydest, void *fit, const char *comment,int require_keys, const char *engine_id,const char *cmdname);int fit_image_verify_with_data(const void *fit, int image_noffset, const void *data, size_t size); @@ -1236,6 +1237,7 @@ void image_set_host_blob(void *host_blob); struct image_sign_info { const char *keydir; /* Directory conaining keys */ const char *keyname; /* Name of key to use */
const char *keyfile; /* Filename of private or public key */
Please also document the semantics of this...can it be NULL? I think you intend that either keydir or keyfile is used but not both, right?
Regards, Simon