#!/bin/bash echo "*** BUILD IMAGE ..." cat - <foo.its /* * U-Boot uImage source file with multiple kernels, ramdisks and FDT blobs */ /dts-v1/; / { description = "kernel, initrd and devicetree"; #address-cells = <1>; images { kernel@1 { description = "kernel"; data = /incbin/("./zImage"); type = "kernel"; arch = "arm"; os = "linux"; compression = "none"; load = <0x80800000>; entry = <0x80800000>; hash@1 { algo = "crc32"; }; hash@2 { algo = "sha1"; }; signature@1 { algo = "sha256,rsa2048"; key-name-hint = "fit"; sign-images = "kernel"; }; }; ramdisk@1 { description = "ramdisk"; data = /incbin/("./initrd.img"); type = "ramdisk"; arch = "arm"; os = "linux"; compression = "gzip"; load = <0x83800000>; entry = <0x83800000>; hash@1 { algo = "crc32"; }; hash@2 { algo = "sha1"; }; signature@1 { algo = "sha256,rsa2048"; key-name-hint = "fit"; sign-images = "ramdisk"; }; }; fdt@1 { description = "fdt"; data = /incbin/("./fdt.dtb"); type = "flat_dt"; arch = "arm"; compression = "none"; load = <0x83000000>; entry = <0x83000000>; hash@1 { algo = "crc32"; }; hash@2 { algo = "sha1"; }; signature@1 { algo = "sha256,rsa2048"; key-name-hint = "fit"; sign-images = "fdt"; }; }; }; configurations { default = "config@1"; config@1 { description = "Configuration #1"; kernel = "kernel@1"; ramdisk = "ramdisk@1"; fdt = "fdt@1"; signature@1 { algo = "sha256,rsa2048"; key-name-hint = "fit"; sign-images = "kernel", "ramdisk","fdt"; }; }; }; }; EOF echo kernel >zImage echo ramdisk >initrd.img echo fdt >fdt.dtb mkimage -q -f foo.its kernel.img echo "" file kernel.img dumpimage -l kernel.img | egrep 'Sign algo|Sign value' echo "*** SIGN IMAGE ..." mkdir keys openssl genpkey -algorithm RSA -out keys/fit.key \ -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 mkimage -q -F -k keys -r kernel.img echo "" file kernel.img dumpimage -l kernel.img | egrep 'Sign algo|Sign value'