diff options
author | George McCollister <george.mccollister@gmail.com> | 2017-01-06 19:14:17 (GMT) |
---|---|---|
committer | Tom Rini <trini@konsulko.com> | 2017-01-14 21:47:13 (GMT) |
commit | f1ca1fdebf1cde1c37c91b3d85f8b7af111112ea (patch) | |
tree | b34c5ae6c177400ed6ed5524266cd2912138a292 /tools/imagetool.h | |
parent | b1c6a54a534d2579db1375039a45572fe38d0ce8 (diff) | |
download | u-boot-fsl-qoriq-f1ca1fdebf1cde1c37c91b3d85f8b7af111112ea.tar.xz |
mkimage: Add support for signing with pkcs11
Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.
Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Diffstat (limited to 'tools/imagetool.h')
-rw-r--r-- | tools/imagetool.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tools/imagetool.h b/tools/imagetool.h index 15c2a0c..a8d5054 100644 --- a/tools/imagetool.h +++ b/tools/imagetool.h @@ -76,6 +76,7 @@ struct image_tool_params { bool external_data; /* Store data outside the FIT */ bool quiet; /* Don't output text in normal operation */ unsigned int external_offset; /* Add padding to external data */ + const char *engine_id; /* Engine to use for signing */ }; /* |