@@ -346,6 +346,7 @@ fitimage_emit_section_config() {
conf_csum="${FIT_HASH_ALG}"
conf_sign_algo="${FIT_SIGN_ALG}"
+ conf_padding_algo="${FIT_PAD_ALG}"
if [ "${UBOOT_SIGN_ENABLE}" = "1" ] ; then
conf_sign_keyname="${UBOOT_SIGN_KEYNAME}"
fi
@@ -465,6 +466,7 @@ EOF
signature-1 {
algo = "$conf_csum,$conf_sign_algo";
key-name-hint = "$conf_sign_keyname";
+ padding = "$conf_padding_algo";
$sign_line
};
EOF
@@ -73,6 +73,9 @@ UBOOT_FIT_HASH_ALG ?= "sha256"
FIT_SIGN_ALG ?= "rsa2048"
UBOOT_FIT_SIGN_ALG ?= "rsa2048"
+# Kernel / U-Boot fitImage Padding Algo
+FIT_PAD_ALG ?= "pkcs-1.5"
+
# Generate keys for signing Kernel / U-Boot fitImage
FIT_GENERATE_KEYS ?= "0"
UBOOT_FIT_GENERATE_KEYS ?= "0"