The public key digest for signed boot can only be programmed via rpiboot.
The rpi-sb-provisioner wraps this and provides a fully automated workflow for OTP provisioning, encrypted file-system setup etc. This is the recommended/supported tool for provisioning CM4/CM5/Pi5, however, if you want to do your own thing then it's all open-source and very readable so copy / modify as you need.
https://github.com/raspberrypi/rpi-sb-provisioner
The rpi-sb-provisioner wraps this and provides a fully automated workflow for OTP provisioning, encrypted file-system setup etc. This is the recommended/supported tool for provisioning CM4/CM5/Pi5, however, if you want to do your own thing then it's all open-source and very readable so copy / modify as you need.
https://github.com/raspberrypi/rpi-sb-provisioner
Statistics: Posted by timg236 — Thu Dec 19, 2024 3:18 pm