summaryrefslogtreecommitdiffstats
path: root/scripts/rsatoc.c
Commit message (Collapse)AuthorAgeFilesLines
* rsatoc: fix typo in usage stringAhmad Fatoum2024-01-111-1/+1
| | | | | | | | | | The commit introducing help text for the individual options, inadvertently modified the usage string. Revert that single line. Fixes: 94a2b2b28738 ("rsatoc: support generating standalone keys unreferenced by FIT keyring") Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Link: https://lore.barebox.org/20240105131000.1328500-1-a.fatoum@pengutronix.de Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* rsatoc: support generating standalone keys unreferenced by FIT keyringAhmad Fatoum2023-09-221-8/+26
| | | | | | | | | | | | | | | | | | By default, all keys generated by rsatoc and included into barebox, whether as C code or device tree snippets are added to the single key ring that's used for FIT image verification. Users may want to add other keys by the same means, but not have them available to FIT image verification. Support this use case by adding a -s option that generates standalone keys. These are unreferenced by the key ring and automatic DT parsing and expect the user to manually reference them, either via global variable with a symbol name equal __key_${hint} or by looking into /signature-standalone/key-${hint}. Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Link: https://lore.barebox.org/20230921102310.1108543-6-a.fatoum@pengutronix.de Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* rsatoc: support extracting RSA public key from X.509 SPKI formatAhmad Fatoum2023-09-221-11/+15
| | | | | | | | | | | | | | | In addition to PKCS#11 URIs, rsatoc supports extracting RSA public keys out of x.509 PEM certificats, which is a base64-encoded format that begins with the header `-----BEGIN CERTIFICATE-----'. Another popular format for RSA public keys is the X.509 SPKI format, which starts with the header `-----BEGIN PUBLIC KEY-----'. As public keys are the only thing rsatoc is interested in, add support for the latter as well. Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de> Link: https://lore.barebox.org/20230921102310.1108543-4-a.fatoum@pengutronix.de Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* rsatoc: Add option to print dts outputSascha Hauer2022-05-041-25/+78
| | | | | | Add -d option to generate output in dts format rather than C. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* rsatoc: fix compiler warningsSascha Hauer2022-05-041-3/+3
| | | | | | | | Fixes: scripts/rsatoc.c:189:5: warning: no previous prototype for ‘rsa_get_params’ [-Wmissing-prototypes] Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* scripts/rsatoc: relicense to allow distribution of binary linked with OpenSSLUwe Kleine-König2020-09-211-1/+1
| | | | | | | | | | | | | | The GPL (both, versions 2 and 3) are incompatible with the OpenSSL license. According to the Free Software Foundation the copyright holders of GPL software have to provide an exception to allow this linkage. This is effectively a license change and so needs confirmation by all copyright holders. Acked-by: Marc Kleine-Budde <mkl@pengutronix.de> Cc: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* scripts/rsatoc: fix printing of error message, if environment variable ↵Marc Kleine-Budde2020-08-031-2/+4
| | | | | | | | doen't contain a path Fixes: 128ad3cbe043 ("scripts: Add rsatoc tool") Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
* scripts: Add rsatoc toolSascha Hauer2019-10-151-0/+486
The rsatoc tool converts rsa public keys into C structs suitable to compile with barebox. Most of the openssl rsa related stuff has been taken from the U-Boot mkimage tool. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-03 10:03:13 +0000