26 lines
1.0 KiB
Plaintext
26 lines
1.0 KiB
Plaintext
This file describes how to sign the firmware binary with Public-Key Cryptography
|
|
Standards (PKCS#1) and to convert a X509 certificate to a binary public key file
|
|
|
|
1. Signing firmware binary with PKCS#1
|
|
|
|
To sign a firmware binary, a .pfx file must be provided for the private key data
|
|
By calling Pkcs1Sign.bat under the Command prompt as follows
|
|
|
|
Pkcs1Sign PfxFile FirmwareFile SignedFirmwareFile
|
|
|
|
The signature will be appended to the input firmware file.
|
|
|
|
2. Conveting/extracting a certificate (.cer) file to a binary public key file
|
|
|
|
The binary public key file is used for the
|
|
Universal/Security/SecureFlash/SecureCertificate/SecureFlashPublicKey.inf module
|
|
|
|
to extract the public key for a certificate file, call
|
|
|
|
Cert2PubKey.bat CertFile PubKeyFile
|
|
|
|
The public key data will be extracted and stored as PubKeyFile
|
|
|
|
3. License notice:
|
|
This folder contains OpenSSL for Windows toolkit, please refer to LICENSE for
|
|
copyright of OpenSSL and the OpenSSL for Windows toolkit. |