On 6/2/25 11:56 AM, Bryan Brattlof wrote:
We currently do not have a way for binman to encrypt any component it
packages. Remove this to avoid any confusion.
From the subject tag, was this meant to be sent to our internal list for
inclusion in our evil vendor tree only? I think these patches would apply
upstream too so just checking.
For this patch, what is missing now to get binman to start encrypting
these components? I'm thinking it wouldn't take that much extra and
so leaving the comments here would be good to remind us of what we
still need to do.
Andrew
Signed-off-by: Bryan Brattlof <b...@ti.com>
---
tools/binman/btool/openssl.py | 7 -------
1 file changed, 7 deletions(-)
diff --git a/tools/binman/btool/openssl.py b/tools/binman/btool/openssl.py
index
c6df64c5316d53735fb147858b24185096254ec2..2e128e477bce87568b6d9647bbf2666f9770d732
100644
--- a/tools/binman/btool/openssl.py
+++ b/tools/binman/btool/openssl.py
@@ -198,7 +198,6 @@ emailAddress =
{req_dist_name_dict['emailAddress']}
1.3.6.1.4.1.294.1.1 = ASN1:SEQUENCE:boot_seq
1.3.6.1.4.1.294.1.2 = ASN1:SEQUENCE:image_integrity
1.3.6.1.4.1.294.1.3 = ASN1:SEQUENCE:swrv
-# 1.3.6.1.4.1.294.1.4 = ASN1:SEQUENCE:encryption
1.3.6.1.4.1.294.1.8 = ASN1:SEQUENCE:debug
[ boot_seq ]
@@ -215,12 +214,6 @@ emailAddress =
{req_dist_name_dict['emailAddress']}
[ swrv ]
swrv = INTEGER:{sw_rev}
-# [ encryption ]
-# initalVector = FORMAT:HEX,OCT:TEST_IMAGE_ENC_IV
-# randomString = FORMAT:HEX,OCT:TEST_IMAGE_ENC_RS
-# iterationCnt = INTEGER:TEST_IMAGE_KEY_DERIVE_INDEX
-# salt = FORMAT:HEX,OCT:TEST_IMAGE_KEY_DERIVE_SALT
-
[ debug ]
debugUID =
FORMAT:HEX,OCT:0000000000000000000000000000000000000000000000000000000000000000
debugType = INTEGER:4
