[yocto] U-boot tool/mkimage Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)
Bill zhang
bilzhang23 at gmail.com
Wed Jul 20 12:20:49 PDT 2016
Hi all,
I want to use U-boot tool "mkimage" to sign images with RSA keys for secure
boot, but the mkimage built from YOCTO v1.7 does not support options:
-k,-K,
when run command:
${mkimage} -D "${dtc}" -F -k dev-keys -K sandbox-u-boot.dtb \
-r test.fit >${tmp},
it failed, with usage() printed out:
mkimage -l
Usage: ./mkimage -l image
-l ==> list image header information
./mkimage [-x] -A arch -O os -T type -C comp -a addr -e ep -n name
-d data_file[:data_file...] image
-A ==> set architecture to 'arch'
-O ==> set operating system to 'os'
-T ==> set image type to 'type'
-C ==> set compression type 'comp'
-a ==> set load address to 'addr' (hex)
-e ==> set entry point to 'ep' (hex)
-n ==> set image name to 'name'
-d ==> use image data from 'datafile'
-x ==> set XIP (execute in place)
./mkimage [-D dtc_options] [-f fit-image.its|-F] fit-image
-D => set options for device tree compiler
-f => input filename for FIT source
Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)
./mkimage -V ==> print version information and exit
How to build tools "mkimage" with "signing/verifying enabled" ?
Thanks
Leo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20160720/57ba5b4b/attachment.html>
More information about the yocto
mailing list