From 5902a397d029008a98e8e83b7627635ed3a2cd06 Mon Sep 17 00:00:00 2001 From: Jan Kiszka Date: Fri, 14 Jan 2022 10:21:19 +0100 Subject: mkimage: Allow to specify the signature algorithm on the command line This permits to prepare FIT image description that do not hard-code the final choice of the signature algorithm, possibly requiring the user to patch the sources. When -o is specified, this information is used in favor of the 'algo' property in the signature node. Furthermore, that property is set accordingly when writing the image. Signed-off-by: Jan Kiszka --- include/image.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/image.h b/include/image.h index 7be6f11f61a..fe1356265c8 100644 --- a/include/image.h +++ b/include/image.h @@ -1031,6 +1031,7 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit, * @require_keys: Mark all keys as 'required' * @engine_id: Engine to use for signing * @cmdname: Command name used when reporting errors + * @algo_name: Algorithm name, or NULL if to be read from FIT * * Adds hash values for all component images in the FIT blob. * Hashes are calculated for all component images which have hash subnodes @@ -1045,7 +1046,7 @@ int fit_cipher_data(const char *keydir, void *keydest, void *fit, int fit_add_verification_data(const char *keydir, const char *keyfile, void *keydest, void *fit, const char *comment, int require_keys, const char *engine_id, - const char *cmdname); + const char *cmdname, const char *algo_name); int fit_image_verify_with_data(const void *fit, int image_noffset, const void *data, size_t size); -- cgit v1.3.1