summaryrefslogtreecommitdiff
path: root/tools/mkimage.c
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2013-06-13 15:10:05 -0700
committerTom Rini <trini@ti.com>2013-06-26 10:18:56 -0400
commit95d77b4479f9d07aea114fd4253cd665bb48ea10 (patch)
tree4aa9f969fc0f104956fb29a6f5993d3026e39843 /tools/mkimage.c
parente29495d37f7c0533d365004ca475218250351c93 (diff)
mkimage: Add -F option to modify an existing .fit file
When signing images it is sometimes necessary to sign with different keys at different times, or make the signer entirely separate from the FIT creation to avoid needing the private keys to be publicly available in the system. Add a -F option so that key signing can be a separate step, and possibly done multiple times as different keys are avaiable. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Marek Vasut <marex@denx.de>
Diffstat (limited to 'tools/mkimage.c')
-rw-r--r--tools/mkimage.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/tools/mkimage.c b/tools/mkimage.c
index 376039228a9..e2b82d0c5c3 100644
--- a/tools/mkimage.c
+++ b/tools/mkimage.c
@@ -240,12 +240,14 @@ main (int argc, char **argv)
case 'f':
if (--argc <= 0)
usage ();
+ params.datafile = *++argv;
+ /* no break */
+ case 'F':
/*
* The flattened image tree (FIT) format
* requires a flattened device tree image type
*/
params.type = IH_TYPE_FLATDT;
- params.datafile = *++argv;
params.fflag = 1;
goto NXTARG;
case 'k':
@@ -633,14 +635,15 @@ usage ()
" -d ==> use image data from 'datafile'\n"
" -x ==> set XIP (execute in place)\n",
params.cmdname);
- fprintf(stderr, " %s [-D dtc_options] -f fit-image.its fit-image\n",
+ fprintf(stderr, " %s [-D dtc_options] [-f fit-image.its|-F] fit-image\n",
params.cmdname);
fprintf(stderr, " -D => set options for device tree compiler\n"
" -f => input filename for FIT source\n");
#ifdef CONFIG_FIT_SIGNATURE
fprintf(stderr, "Signing / verified boot options: [-k keydir] [-K dtb]\n"
" -k => set directory containing private keys\n"
- " -K => write public keys to this .dtb file\n");
+ " -K => write public keys to this .dtb file\n"
+ " -F => re-sign existing FIT image\n");
#else
fprintf(stderr, "Signing / verified boot not supported (CONFIG_FIT_SIGNATURE undefined)\n");
#endif