On 22/01/2020 12:29, Scott Branden via TF-A wrote:
Please revert the removal of RSA PKCS#1 v1.5 support from cert_tool:
https://github.com/ARM-software/arm-trusted-firmware/commit/6a415a508ea6acec...
We have products shipping with such support. I think this problem came up before when somebody tried removing such support. They still need to run with the latest yocto codebase.
Regards, Scott
Hi Scott, It is untenable for us as maintainers to keep supporting deprecated features in the tree. We need to be able to move the codebase forward. As the commit message says, the RSA PKCS#1.5 support was removed from BL1/BL2 images before this patch, and it no longer made sense to keep the support for just the cert_tool.
Seems that you are not using the latest TF-A code for your platform (since PKCS#1.5 is not supported), it does not make sense to pull the latest master just for the tool. So my suggestion would be pin your yocto scripts to a TF-A release that had the support for PKCS#1.5.
Best Regards Soby Mathew