On Mon, Mar 28, 2022 at 10:56:59PM +0200, Philippe Reynes wrote: > Add a stage pre-load that could > check or modify an image. > > For the moment, only a header with a signature is > supported. This header has the following format: > - magic : 4 bytes > - version : 4 bytes > - header size : 4 bytes > - image size : 4 bytes > - offset image signature : 4 bytes > - flags : 4 bytes > - reserved0 : 4 bytes > - reserved1 : 4 bytes > - sha256 of the image signature : 32 bytes > - signature of the first 64 bytes : n bytes > - image signature : n bytes > - padding : up to header size > > The stage uses a node /image/pre-load/sig to > get some informations: > - algo-name (mandatory) : name of the algo used to sign > - padding-name : name of padding used to sign > - signature-size : size of the signature (in the header) > - mandatory : set to yes if this sig is mandatory > - public-key (madatory) : value of the public key > > Before running the image, the stage pre-load checks > the signature provided in the header. > > This is an initial support, later we could add the > support of: > - ciphering > - uncompressing > - ... > > Signed-off-by: Philippe Reynes <philippe.rey...@softathome.com>
Applied to u-boot/next, thanks! -- Tom
signature.asc
Description: PGP signature
