From f0afcf836269e7fba7c33c58146f2fcd3db57ae2 Mon Sep 17 00:00:00 2001
From: George Liu <liuxiwei@inspur.com>
Date: Tue, 15 Dec 2020 09:46:10 +0800
Subject: image_type_phosphor: Support single signature for the tarball
 contents

Currently the contents of the code update tarball are individually
signed and signature files for each file are created.
In order to ensure that the contents of the tarball are the expected
ones as a full package, it is necessary to create an additional single
signature file bashed on the individual signature files.

(From meta-phosphor rev: 80b9baede615563bc15e5218cb051f57ae451b8d)

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I6373d4f0387e8f64c2c30be05e0d43af4ed9b913
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
---
 meta-phosphor/classes/image_types_phosphor.bbclass | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'meta-phosphor/classes/image_types_phosphor.bbclass')

diff --git a/meta-phosphor/classes/image_types_phosphor.bbclass b/meta-phosphor/classes/image_types_phosphor.bbclass
index e4663471cc..fa5d3191c9 100644
--- a/meta-phosphor/classes/image_types_phosphor.bbclass
+++ b/meta-phosphor/classes/image_types_phosphor.bbclass
@@ -332,6 +332,14 @@ make_signatures() {
 		openssl dgst -sha256 -sign ${SIGNING_KEY} -out "${file}.sig" $file
 		signature_files="${signature_files} ${file}.sig"
 	done
+
+	if [ -n "$signature_files" ]; then
+		sort_signature_files=`echo "$signature_files" | tr ' ' '\n' | sort | tr '\n' ' '`
+		cat $sort_signature_files > image-full
+		openssl dgst -sha256 -sign ${SIGNING_KEY} -out image-full.sig image-full
+		signature_files="${signature_files} image-full.sig"
+		rm -rf image-full
+	fi
 }
 
 do_generate_static_alltar() {
-- 
cgit v1.2.3