u-boot.git/tools/image-host.c, branch v2020.04

image: Use constants for 'required' and 'key-name-hint'

2020-04-01T13:45:09+00:00

These are used in multiple places so update them to use a shared #define.

Signed-off-by: Simon Glass 
Reviewed-by: Philippe Reynes

fit_check_sign: Allow selecting the configuration to verify

2020-04-01T13:45:09+00:00

This tool always verifies the default configuration. It is useful to be
able to verify a specific one. Add a command-line flag for this and plumb
the logic through.

Signed-off-by: Simon Glass

image: Be a little more verbose when checking signatures

2020-04-01T13:45:09+00:00

It is useful to be a little more specific about what is being checked.
Update a few messages to help with this.

Signed-off-by: Simon Glass

tools: image-host.c: remove uboot_aes.h

2020-02-25T16:29:39+00:00

The include uboot_aes.h is not useful and
it breaks the compilation on android, so
we remove it.

Signed-off-by: Philippe Reynes 
Reported-by: Praneeth Bajjuri

mkimage: fit: add support to encrypt image with aes

2020-01-17T15:15:49+00:00

This commit add the support of encrypting image with aes
in mkimage. To enable the ciphering, a node cipher with
a reference to a key and IV (Initialization Vector) must
be added to the its file. Then mkimage add the encrypted
image to the FIT and add the key and IV to the u-boot
device tree.

Signed-off-by: Philippe Reynes

rsa: add a structure for the padding

2018-12-03T15:44:10+00:00

The rsa signature use a padding algorithm. By default, we use the
padding pkcs-1.5. In order to add some new padding algorithm, we
add a padding framework to manage several padding algorithm.
The choice of the padding is done in the file .its.

Signed-off-by: Philippe Reynes 
Reviewed-by: Simon Glass

mkimage: fit_image: Add support for SOURCE_DATE_EPOCH in signatures

2018-07-10T20:56:00+00:00

When generating timestamps in signatures, use imagetool_get_source_date()
so we can be overridden by SOURCE_DATE_EPOCH to generate reproducible
images.

Signed-off-by: Alex Kiernan 
Reviewed-by: Simon Glass

vboot: Do not use hashed-strings offset

2018-07-10T20:55:58+00:00

The hashed-strings signature property includes two uint32_t values.
The first is unneeded as there should never be a start offset into the
strings region. The second, the size, is needed because the added
signature node appends to this region.

See tools/image-host.c, where a static 0 value is used for the offset.

Signed-off-by: Teddy Reed 
Reviewed-by: Simon Glass

SPDX: Convert all of our single license tags to Linux Kernel style

2018-05-07T13:34:12+00:00

When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini

fix incorrect usage of DT node unit address in comments

2018-01-16T01:29:21+00:00

The DT spec demands a unit-address in a node name to match the "reg"
property in that node. Newer dtc versions will throw warnings if this is
not the case.
Fix all occurences in the tree where node names were mentioned in
comments, to not give bad examples to the reader.

Signed-off-by: Andre Przywara