Hi Philippe, On 2026-03-31T10:00:34, Philippe Reynes <[email protected]> wrote: > diff --git a/tools/image-sig-host.c b/tools/image-sig-host.c > @@ -84,7 +84,7 @@ struct crypto_algo crypto_algos[] = { > - .name = "secp521r1", > + .name = "ecdsa521",
Raymond already raised this - Changing this to ecdsa521 breaks backwards compatibility - existing FIT images signed with algo = "sha256,secp521r1" will no longer verify. If consistency is desired, I suspect the better approach would be to support both names during verification (the old name for compatibility, the new name going forward). What do you think? Regards, Simon
