Simon Glass 399c744b22 mkimage: Add -r option to specify keys that must be verified ... Normally, multiple public keys can be provided and U-Boot is not required to use all of them for verification. This is because some images may not be signed, or may be optionally signed. But we still need a mechanism to determine when a key must be used. This feature cannot be implemented in the FIT itself, since anyone could change it to mark a key as optional. The requirement for key verification must go in with the public keys, in a place that is protected from modification. Add a -r option which tells mkimage to mark all keys that it uses for signing as 'required'. If some keys are optional and some are required, run mkimage several times (perhaps with different key directories if some keys are very secret) using the -F flag to update an existing FIT. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: Marek Vasut <marex@denx.de>		2013-06-26 10:18:56 -04:00
..
bddb	Update Hymod Board Database PHP code in "tools" directory	2005-08-12 23:27:18 +02:00
buildman	buildman: Produce a sensible error message when branch is missing	2013-05-14 15:37:58 -04:00
easylogo	easylogo: add lzma support	2012-06-19 22:33:55 +02:00
env	env: Add redundant env support to UBI env	2013-04-11 15:52:55 -04:00
gdb	makefiles: fixes for building build tools	2009-12-02 22:58:46 +01:00
imls	treewide: include libfdt_env.h before fdt.h	2013-02-07 20:38:55 -05:00
kernel-doc	kerneldoc: Implement "Example" section handling	2012-10-15 11:54:15 -07:00
logos	wandboard: Add Boot Splash image with Wandboard logo	2013-06-03 14:26:22 +02:00
omap	omap: Improve PLL parameter calculation tool	2011-12-06 23:59:34 +01:00
patman	buildman: Produce a sensible error message when branch is missing	2013-05-14 15:37:58 -04:00
scripts	autoconfig.mk: Make it possible to define configs from other configs	2013-04-12 07:55:06 +02:00
updater	cmd_usage(): simplify return code handling	2010-07-24 20:43:57 +02:00
.gitignore	Add proftool to decode profile data	2013-06-26 10:16:41 -04:00
aisimage.c	mkimage: Move ARRAY_SIZE to header file	2013-05-14 15:37:24 -04:00
aisimage.h	mkimage: adding support for Davinci AIS image	2011-10-23 23:34:21 +02:00
bin2header.c	Add 'license' command to U-Boot command line	2008-08-18 23:21:49 +02:00
binutils-version.sh	tools, config.mk: add binutils-version	2012-10-04 14:18:54 +02:00
bmp_logo.c	tools: logo: split bmp arrays from bmp_logo.h	2011-11-15 23:58:26 +01:00
checkpatch.pl	checkpatch.pl: Add 'printf' to logFunctions	2013-06-06 09:28:19 -04:00
checkstack.pl	tools: checkstack.pl from Linux added to tools	2012-03-06 22:07:55 +01:00
cleanpatch	tools: Add cleanpatch	2012-10-15 11:54:04 -07:00
default_image.c	image: Implement IH_TYPE_KERNEL_NOLOAD	2011-12-01 09:45:35 +01:00
envcrc.c	env: remove value from boolean defines	2012-01-05 16:35:54 +01:00
fdt_host.h	treewide: include libfdt_env.h before fdt.h	2013-02-07 20:38:55 -05:00
fit_image.c	mkimage: Add -r option to specify keys that must be verified	2013-06-26 10:18:56 -04:00
gcc-version.sh	tools, config.mk: Add gcc-version.sh, cc-version test from Linux	2012-05-15 08:31:26 +02:00
gen_eth_addr.c	gen_eth_addr: Use POSIX rand() and srand()	2009-04-04 01:09:56 +02:00
getline.c	getline: split out for darwin systems	2010-01-26 00:07:13 +01:00
getline.h	getline: split out for darwin systems	2010-01-26 00:07:13 +01:00
image-host.c	image: Support signing of images	2013-06-26 10:18:56 -04:00
img2brec.sh	Fix file permissions	2005-07-21 11:22:21 +02:00
img2srec.c	img2srec: use standard types	2009-11-24 23:43:18 +01:00
imximage.c	imx: Align the imximage header and payload to multiples of 4k	2013-05-05 17:45:04 +02:00
imximage.h	imx: Align the imximage header and payload to multiples of 4k	2013-05-05 17:45:04 +02:00
jtagconsole	Blackfin: jtagconsole: disable output processing	2010-07-25 15:17:23 -04:00
kwbimage.c	kwbimage: Fix check variable of checksum	2011-05-12 23:53:41 +02:00
kwbimage.h	mkimage: Add Kirkwood Boot Image support (kwbimage)	2009-09-10 22:58:48 +02:00
kwboot.c	kwboot: boot kirkwood SoCs over a serial link	2012-07-07 14:07:32 +02:00
Makefile	image: Add RSA support for image signing	2013-06-26 10:18:56 -04:00
mingw_support.c	getline: split out for darwin systems	2010-01-26 00:07:13 +01:00
mingw_support.h	tools: clean up mingw ifdefs	2012-07-20 08:53:34 +02:00
mkenvimage.c	tools: clean up mingw ifdefs	2012-07-20 08:53:34 +02:00
mkexynosspl.c	EXYNOS: SMDK5250: Add MMC SPL support	2012-02-12 10:11:30 +01:00
mkimage.c	mkimage: Add -r option to specify keys that must be verified	2013-06-26 10:18:56 -04:00
mkimage.h	mkimage: Add -r option to specify keys that must be verified	2013-06-26 10:18:56 -04:00
mpc86x_clk.c	* Patch by Anders Larsen, 18 Sep 2003:	2003-10-08 22:14:02 +00:00
mxsboot.c	mxs: mxsboot: Move sdcard BCB header to 4 sectors offset	2013-04-26 09:16:48 +02:00
ncb.c	ncb: Check return value of write()	2009-04-28 01:16:46 +02:00
netconsole	net: Make netconsole src and dest ports configurable	2012-09-24 13:17:24 -05:00
omapimage.c	omapimage: Add support for byteswapped SPI images	2012-10-25 11:30:50 -07:00
omapimage.h	mkimage: Add OMAP boot image support	2011-08-03 12:49:20 +02:00
os_support.c	tools/os_support: add OS X Lion support	2011-12-02 10:56:21 +01:00
os_support.h	tools/os_support: add OS X Lion support	2011-12-02 10:56:21 +01:00
pblimage.c	powerpc/CoreNet: Allow pbl images to take u-boot images != 512K	2013-06-20 17:08:52 -05:00
pblimage.h	powerpc/CoreNet: add tool to support pbl image build.	2012-08-23 10:24:16 -05:00
proftool.c	Add proftool to decode profile data	2013-06-26 10:16:41 -04:00
setlocalversion	tools/setlocalversion: Update from the Linux Kernel	2011-12-17 20:58:48 +01:00
ublimage.c	mkimage: ublimage must return if the header is not verified	2011-10-05 22:03:11 +02:00
ublimage.h	arm, davinci: add cam_enc_4xx support	2011-11-03 22:56:25 +01:00
ubsha1.c	ubsha1: drop unnecessary includes/prototypes	2010-01-21 22:59:29 +01:00
xway-swap-bytes.c	MIPS: INCA-IP: rename inca-swap-bytes host tool	2011-07-31 23:25:41 +09:00