diff options
| author | Bastian Krause <bst@pengutronix.de> | 2020-05-15 16:26:39 +0200 |
|---|---|---|
| committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2020-05-15 17:22:07 +0200 |
| commit | c420c0745b568fbf2ab2d0f7394c27935ed7faf2 (patch) | |
| tree | 3bbddb3be682c7171f3a3d2346bdd69b538d11c8 /projectroot | |
| parent | c691a61e4b244d30b046289655228981d27adc2c (diff) | |
| download | ptxdist-c420c0745b568fbf2ab2d0f7394c27935ed7faf2.tar.gz ptxdist-c420c0745b568fbf2ab2d0f7394c27935ed7faf2.tar.xz | |
rauc/image-rauc: use code signing infrastructure for key retrieval
Use the keys provided by the currently active key provider via PKCS#11
instead of key files placed in the platform config directory. In order
to make sure the new mechanics are used after a BSP update the rauc.key
file is no longer allowed to exist in the platformconfig directory.
Note: requires genimage v13 or later and ptx-code-signing-dev 0.4 or
later
Signed-off-by: Bastian Krause <bst@pengutronix.de>
Message-Id: <20200515142641.812-14-bst@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'projectroot')
| -rw-r--r-- | projectroot/etc/rauc/ca.cert.pem | 7 |
1 files changed, 0 insertions, 7 deletions
diff --git a/projectroot/etc/rauc/ca.cert.pem b/projectroot/etc/rauc/ca.cert.pem deleted file mode 100644 index be1aa7c30..000000000 --- a/projectroot/etc/rauc/ca.cert.pem +++ /dev/null @@ -1,7 +0,0 @@ -# This is a dummy keyring file. Please overwrite this with one that matches -# your X.509 infrastructure if you intend to use RAUC for secure updates! -# -# If you really do not intend to actively use the security features (or for -# testing purpose) you may create a development certificate by executing the -# script `rauc-gen-test-certs.sh` from the `scripts` folder in your PTXdist -# installation. |