diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-11-03 03:44:49 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-11-03 23:32:06 +0300 |
commit | 4873add6e11c1bd421c83cd08df589f1184aa673 (patch) | |
tree | aec4845be29329cca2a0b2d7c8f94249e48ed067 /poky/meta/classes/kernel-fitimage.bbclass | |
parent | 56a8292be03a7cb27f3b3ad762f4779e7e5ff47d (diff) | |
download | openbmc-4873add6e11c1bd421c83cd08df589f1184aa673.tar.xz |
Revert "poky: subtree update:b23aa6b753..ad30a6d470"
This reverts commit af5e4ef732faedf66c6dc1756432e9de2ac72988.
This commit introduced openbmc/openbmc#3720 and no solution has been
forthcoming. Revert until we can get to the bottom of this.
Change-Id: I2fb0d81eb26cf3dadb2f2abdd1a1bb7a95eaf03c
Diffstat (limited to 'poky/meta/classes/kernel-fitimage.bbclass')
-rw-r--r-- | poky/meta/classes/kernel-fitimage.bbclass | 44 |
1 files changed, 0 insertions, 44 deletions
diff --git a/poky/meta/classes/kernel-fitimage.bbclass b/poky/meta/classes/kernel-fitimage.bbclass index bb2f3c4cc..fa4ea6fee 100644 --- a/poky/meta/classes/kernel-fitimage.bbclass +++ b/poky/meta/classes/kernel-fitimage.bbclass @@ -56,22 +56,6 @@ FIT_HASH_ALG ?= "sha256" # fitImage Signature Algo FIT_SIGN_ALG ?= "rsa2048" -# Generate keys for signing fitImage -FIT_GENERATE_KEYS ?= "0" - -# Size of private key in number of bits -FIT_SIGN_NUMBITS ?= "2048" - -# args to openssl genrsa (Default is just the public exponent) -FIT_KEY_GENRSA_ARGS ?= "-F4" - -# args to openssl req (Default is -batch for non interactive mode and -# -new for new certificate) -FIT_KEY_REQ_ARGS ?= "-batch -new" - -# Standard format for public key certificate -FIT_KEY_SIGN_PKCS ?= "-x509" - # # Emit the fitImage ITS header # @@ -538,34 +522,6 @@ do_assemble_fitimage_initramfs() { addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs -do_generate_rsa_keys() { - if [ "${UBOOT_SIGN_ENABLE}" = "0" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then - bbwarn "FIT_GENERATE_KEYS is set to 1 eventhough UBOOT_SIGN_ENABLE is set to 0. The keys will not be generated as they won't be used." - fi - - if [ "${UBOOT_SIGN_ENABLE}" = "1" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then - - # Generate keys only if they don't already exist - if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key ] || \ - [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt]; then - - # make directory if it does not already exist - mkdir -p "${UBOOT_SIGN_KEYDIR}" - - echo "Generating RSA private key for signing fitImage" - openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \ - "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \ - "${FIT_SIGN_NUMBITS}" - - echo "Generating certificate for signing fitImage" - openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \ - -key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \ - -out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt - fi - fi -} - -addtask generate_rsa_keys before do_assemble_fitimage after do_compile kernel_do_deploy[vardepsexclude] = "DATETIME" kernel_do_deploy_append() { |