I will explain exactly what I am doing in a later post, but I also don't know what you are doing. You appear to have opened a serial connection to a Build HAT and checked the version of the loaded firmware.IDK what you're doing, but, I just followed the instructions ... NBD, works fine.
Is that firmware provided with the open source download, or provided by some other Raspberry Pi Build HAT install, which you then uploaded to the Build HAT ?
Either way it would seems you have loaded a prebuilt 'firmware.bin' and prebuilt 'signature.bin' and I would expect that to work.
The question is, can you sign that exact same 'firmware.bin' to recreate 'signature.bin', and then successfully load that ?
From that you seem to be suggesting no, you cannot sign that 'firmware.bin' to create a new 'signature.bin'. That it is different to what the prebuilt 'signature.bin' should be, and the pre-installed BHBL would be expected to reject that combination.Yeah, I see that signing official firmware produces a different signature
That's what I posited in the OP.
No, I hadn't noticed that, but you are right; every time the exact same 'firmware.bin' is signed using the exact same 'key.private.bin' it generates a different 'signature.bin'.but... did you notice that if you sign it, save that file, and then sign it AGAIN and diff the two files, it isn't the same? I mean, I'm not even looking in the SHA2 code and it's kind of a big hint towards it just using nonces.
That seems utterly bizarre to me as it would seem to defeat the whole point of signing anything.
The case where that would work is where 'firmware.bin' and 'signature.bin' are changed in tandem so the signature matches the associated binary. But signing doesn't alter the binary.
I am not sure how you arrive at that conclusion or what you actually mean by that, which keys you are referring to.Anybody searching and reading this thread: TL;DR: DON'T PANIC, KEYS WORK
You seem to be suggesting a factory supplied Build HAT with factory installed BHBL will accept a 'firmware.bin' no matter what its 'signature.bin' happens to be.
Is that correct ?
Did you try that ?
Does it work ?
It doesn't seem likely that would work to me unless the requirement for signing was 'just for show', a deceit, and all the open source signing stuff is just to continue the pretence that signing matters when it doesn't.
I can't see Raspberry Pi having done that but, as said, I don't have a Build HAT to test with.
Statistics: Posted by hippy — Mon Jul 14, 2025 8:49 am