On 31/05/2022 17:15, Andrew Davis wrote: > On 5/31/22 12:06 AM, Roger Quadros wrote: >> On 27/05/2022 20:50, Alper Nebi Yasak wrote: >>> This would definitely work, see etype/mkimage.py for example. I'd prefer >>> to know the file-format details (and maybe replicate them in binman) if >>> you could afford to publish them, though... >> >> This is a question to Nishanth/Andrew. > > What file format are we talking about here? If it is the signed format, > it's an attached x509 certificate, that is already published [0] and > the tools to make it are public [1].
Thanks, I meant this. I saw 'secure-binary-image.sh' in the first patch, which lead me to 'doc/README.ti-secure', which mentions NDA and logins, so I stopped looking there. > There is also an effort to replicate some of this in binman too [2]. > > Thanks, > Andrew > > [0] > https://software-dl.ti.com/tisci/esd/latest/2_tisci_msgs/security/sec_cert_format.html > [1] https://git.ti.com/cgit/security-development-tools/core-secdev-k3 > [2] https://lore.kernel.org/all/20220510200511.GK3901321@bill-the-cat/T/
