From: Bastian Krause <bst@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Bastian Krause <bst@pengutronix.de>
Subject: [ptxdist] [PATCH 03/13] ptxd_lib_imx_hab: fix srk fuse file and table generation
Date: Thu, 14 May 2020 15:42:50 +0200 [thread overview]
Message-ID: <20200514134300.16105-3-bst@pengutronix.de> (raw)
In-Reply-To: <20200514134300.16105-1-bst@pengutronix.de>
srktool's help text states "certificate filenames must be separated by
a ',' with no spaces". Line continuating using "\" with the next line
being indented leads to a space being inserted between the SRK2
certificate and the SRK3 certificate.
srktool does not fail, but ignores everything after the space silently.
Thus only the first two certicates end up in the fuse file and table.
Fix this by specifying all certs on a single line.
Signed-off-by: Bastian Krause <bst@pengutronix.de>
---
scripts/lib/ptxd_lib_imx_hab.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/scripts/lib/ptxd_lib_imx_hab.sh b/scripts/lib/ptxd_lib_imx_hab.sh
index 8be376ff1..034bf82b2 100644
--- a/scripts/lib/ptxd_lib_imx_hab.sh
+++ b/scripts/lib/ptxd_lib_imx_hab.sh
@@ -43,8 +43,7 @@ ptxd_make_imx_habv4_gen_table_impl() {
--table "${table_bin}" \
--efuses "${srk_fuse_bin}" \
--digest sha256 \
- --certs ${tmpdir}/srk1.pem,${tmpdir}/srk2.pem,\
- ${tmpdir}/srk3.pem,${tmpdir}/srk4.pem
+ --certs ${tmpdir}/srk1.pem,${tmpdir}/srk2.pem,${tmpdir}/srk3.pem,${tmpdir}/srk4.pem
}
export -f ptxd_make_imx_habv4_gen_table_impl
--
2.26.2
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
next prev parent reply other threads:[~2020-05-14 13:42 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 13:42 [ptxdist] [PATCH 01/13] host-genimage: version bump 11 -> 13 Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 02/13] ptxd_lib_code_signing: return error string in cs_get_uri for make error case Bastian Krause
2020-05-14 13:42 ` Bastian Krause [this message]
2020-05-14 13:42 ` [ptxdist] [PATCH 04/13] ptxd_lib_code_signing: introduce CA helper Bastian Krause
2020-05-15 10:36 ` Michael Olbrich
2020-05-15 11:21 ` Bastian Krause
2020-05-15 11:41 ` Jan Lübbe
2020-05-14 13:42 ` [ptxdist] [PATCH 05/13] host-ptx-code-signing-dev: version bump 0.2 -> 0.4 Bastian Krause
2020-05-14 16:00 ` Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 06/13] ptxd_lib_imx_hab/template-barebox-imx-habv4: use cs_get_ca helper Bastian Krause
2020-05-15 10:37 ` Michael Olbrich
2020-05-15 11:22 ` Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 07/13] ptxd_lib_imx_hab/template-barebox-imx-habv4: make number of SRKs configurable Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 08/13] ptxd_make_fit_image: call mkimage with ptxd_exec Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 09/13] u-boot/ptxd_make_fit_image: avoid overriding object name Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 10/13] rauc/image-rauc: use code signing infrastructure for key retrieval Bastian Krause
2020-05-15 10:40 ` Michael Olbrich
2020-05-15 11:23 ` Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 11/13] image-rauc: enable keyring verification Bastian Krause
2020-05-15 7:58 ` Michael Olbrich
2020-05-15 11:23 ` Bastian Krause
2020-05-14 13:42 ` [ptxdist] [PATCH 12/13] code-signing: move code-signing.in to platforms/ Bastian Krause
2020-05-14 13:43 ` [ptxdist] [PATCH 13/13] code-signing: introduce for ptxconfig, add sanity check Bastian Krause
2020-05-14 15:36 ` Bastian Krause
2020-05-15 7:55 ` Michael Olbrich
2020-05-15 11:24 ` Bastian Krause
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200514134300.16105-3-bst@pengutronix.de \
--to=bst@pengutronix.de \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox