diff options
author | Andrew Jeffery <andrew@aj.id.au> | 2022-05-24 03:38:30 +0300 |
---|---|---|
committer | Adriana Kobylak <anoo@linux.ibm.com> | 2022-05-25 22:46:54 +0300 |
commit | 7ecd9d9f44d59a0e75573912a3055d887b3e0607 (patch) | |
tree | cff61661d0eb90853aefcb40f9df14ea9201604b | |
parent | b112144582b32ceb2dbe8af6ec52f86c772e081c (diff) | |
download | openbmc-7ecd9d9f44d59a0e75573912a3055d887b3e0607.tar.xz |
meta-ibm: p10bmc: Drop no-TPM key from OTP configuration
Some cards were built without TPMs populated. However, we signed builds
for these cards. Remove the key corresponding to the signatures on these
builds and sign builds for cards with TPMs populated with a subsequent
key to prevent non-TPM builds from being used on TPM-enabled systems.
Change-Id: I511a310750319b0e3dc2e028285a77d8cf07d7c7
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
-rw-r--r-- | meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/a3.json | 11 | ||||
-rw-r--r-- | meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/keys/P10BMCAspeedSBPubKey_1.pem | 14 |
2 files changed, 2 insertions, 23 deletions
diff --git a/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/a3.json b/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/a3.json index fdcfd5d81e..cada446379 100644 --- a/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/a3.json +++ b/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/a3.json @@ -13,24 +13,17 @@ }, { "types": "rsa_pub_oem", - "key_pem": "P10BMCAspeedSBPubKey_1.pem", + "key_pem": "P10BMCAspeedSBPubKey_2.pem", "offset": "0x240", "number_id": 1, "sha_mode": "SHA512" }, { "types": "rsa_pub_oem", - "key_pem": "P10BMCAspeedSBPubKey_2.pem", + "key_pem": "P10BMCAspeedSBPubKey_3.pem", "offset": "0x440", "number_id": 2, "sha_mode": "SHA512" - }, - { - "types": "rsa_pub_oem", - "key_pem": "P10BMCAspeedSBPubKey_3.pem", - "offset": "0x640", - "number_id": 3, - "sha_mode": "SHA512" } ] }, diff --git a/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/keys/P10BMCAspeedSBPubKey_1.pem b/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/keys/P10BMCAspeedSBPubKey_1.pem deleted file mode 100644 index eeba16b640..0000000000 --- a/meta-ibm/recipes-bsp/u-boot/u-boot-aspeed-sdk/p10bmc/keys/P10BMCAspeedSBPubKey_1.pem +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PUBLIC KEY----- -MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtgJW7ar+qtAM3YSYRZBu -5CNlrZeK//2p45Uwme9bjaFT1T95yvHiK2hwostp0g0Gwa40H2NlRw9V7fEcH+2z -zpRvyPorgP6rN6gcdvpdkhlrM7ntYoZpqKqstAmsT9xlOL9aYlWZ1mqb31j9WlIz -wphuWNYKvrS2OvPNFSSWhIXJhekMQCl/b22poydHVslScQDCmUNl4TQXBLpaeVd5 -LqN80JaQEBDZABwBwAfVLbpfgPI5BG0JEiNd77r3AnAp1N7A2oKUBjQK+4ClkqR0 -3zPZ572nEBaXfVRZQsGV0mxwP021I/lncYrlWZrwBxK0fP+VDuIKYcAEmOJ6kEdg -FfuAgEFJQvlgH45dfHJ6KcN1K4wEU1RHZxho0XnIwrI5GtctTdLl33AfajG0dYKf -mHUmeli4AS//bjRfR7O2K4mdCMsj06mzXNoTv2wgb/QSkjMUqGLniiaRueuDSiZ0 -/mJfZLCFpZtiVF+wE1meympZqFk+T6j8C5kwCuxB4OqKC7Ec0N6G/NNwQ8m96cFS -A4SUNAIQGjoSpziqF7N9UNl4rI+kEV/FstXLs7I0eYNpXEts2PDuY+PN+p7wKVrB -Fet8LI13EAVrJJaKKvF41YXvNlwBxBZ2WBZhhiA/6F0dYcI16mRmnRs+hL7A6adO -M1JIVupxDJzhQ4+S06VQbSsCAwEAAQ== ------END PUBLIC KEY----- |