* [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider
@ 2021-02-28 23:48 Roland Hieber
2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
2021-03-05 7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich
0 siblings, 2 replies; 4+ messages in thread
From: Roland Hieber @ 2021-02-28 23:48 UTC (permalink / raw)
To: ptxdist; +Cc: Roland Hieber
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
---
doc/dev_code_signing.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/doc/dev_code_signing.rst b/doc/dev_code_signing.rst
index d47002e8c380..56ac0e3b3217 100644
--- a/doc/dev_code_signing.rst
+++ b/doc/dev_code_signing.rst
@@ -49,6 +49,7 @@ material in case SoftHSM is used.
When ``PTXCONF_CODE_SIGNING`` is enabled exactly one code signing provider is
active during each invocation of PTXdist.
+The active provider can be selected in the ``platformconfig`` menu.
PTXdist comes equipped with a development code signing provider "devel"
implemented via the package ``host-ptx-code-signing-dev``.
--
2.29.2
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 4+ messages in thread
* [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails
2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
@ 2021-02-28 23:48 ` Roland Hieber
2021-03-05 7:26 ` [ptxdist] [APPLIED] " Michael Olbrich
2021-03-05 7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich
1 sibling, 1 reply; 4+ messages in thread
From: Roland Hieber @ 2021-02-28 23:48 UTC (permalink / raw)
To: ptxdist; +Cc: Roland Hieber
Instead of relying on users to grep in the PTXdist source code for this
line, tell them directly what is checked here.
Also fix a typo in the previous-to-last line.
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
---
rules/rauc.make | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/rules/rauc.make b/rules/rauc.make
index 66c967d44b83..08df6336a7cd 100644
--- a/rules/rauc.make
+++ b/rules/rauc.make
@@ -50,8 +50,10 @@ RAUC_CONF_OPT := \
$(STATEDIR)/rauc.prepare:
@$(call targetinfo)
- @test ! -e "$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)" || \
- ptxd_bailout "Please use the signing provider infrastructure desribed in:" \
+ @keyfile="$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)"; \
+ test ! -e "$${keyfile}" || \
+ ptxd_bailout "Legacy RAUC keyring exists at $${keyfile}!" \
+ "Please use the signing provider infrastructure instead, as described in:" \
"https://www.ptxdist.org/doc/dev_code_signing.html"
@$(call world/prepare, RAUC)
@$(call touch)
--
2.29.2
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider
2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
@ 2021-03-05 7:26 ` Michael Olbrich
1 sibling, 0 replies; 4+ messages in thread
From: Michael Olbrich @ 2021-03-05 7:26 UTC (permalink / raw)
To: ptxdist; +Cc: Roland Hieber
Thanks, applied as dd524817b207b8de40fede2ac183e336030d995b.
Michael
[sent from post-receive hook]
On Fri, 05 Mar 2021 08:26:13 +0100, Roland Hieber <rhi@pengutronix.de> wrote:
> Signed-off-by: Roland Hieber <rhi@pengutronix.de>
> Message-Id: <20210228234809.5294-1-rhi@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/doc/dev_code_signing.rst b/doc/dev_code_signing.rst
> index d47002e8c380..56ac0e3b3217 100644
> --- a/doc/dev_code_signing.rst
> +++ b/doc/dev_code_signing.rst
> @@ -49,6 +49,7 @@ material in case SoftHSM is used.
>
> When ``PTXCONF_CODE_SIGNING`` is enabled exactly one code signing provider is
> active during each invocation of PTXdist.
> +The active provider can be selected in the ``platformconfig`` menu.
>
> PTXdist comes equipped with a development code signing provider "devel"
> implemented via the package ``host-ptx-code-signing-dev``.
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ptxdist] [APPLIED] rauc: be more verbose why the check for legacy keyring fails
2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
@ 2021-03-05 7:26 ` Michael Olbrich
0 siblings, 0 replies; 4+ messages in thread
From: Michael Olbrich @ 2021-03-05 7:26 UTC (permalink / raw)
To: ptxdist; +Cc: Roland Hieber
Thanks, applied as 73c6cbfbac24ddcbe013b4647314a47d81adecec.
Michael
[sent from post-receive hook]
On Fri, 05 Mar 2021 08:26:14 +0100, Roland Hieber <rhi@pengutronix.de> wrote:
> Instead of relying on users to grep in the PTXdist source code for this
> line, tell them directly what is checked here.
>
> Also fix a typo in the previous-to-last line.
>
> Signed-off-by: Roland Hieber <rhi@pengutronix.de>
> Message-Id: <20210228234809.5294-2-rhi@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/rauc.make b/rules/rauc.make
> index 66c967d44b83..08df6336a7cd 100644
> --- a/rules/rauc.make
> +++ b/rules/rauc.make
> @@ -50,8 +50,10 @@ RAUC_CONF_OPT := \
>
> $(STATEDIR)/rauc.prepare:
> @$(call targetinfo)
> - @test ! -e "$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)" || \
> - ptxd_bailout "Please use the signing provider infrastructure desribed in:" \
> + @keyfile="$(call ptx/in-platformconfigdir, config/rauc/rauc.key.pem)"; \
> + test ! -e "$${keyfile}" || \
> + ptxd_bailout "Legacy RAUC keyring exists at $${keyfile}!" \
> + "Please use the signing provider infrastructure instead, as described in:" \
> "https://www.ptxdist.org/doc/dev_code_signing.html"
> @$(call world/prepare, RAUC)
> @$(call touch)
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-03-05 7:26 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-28 23:48 [ptxdist] [PATCH 1/2] doc: dev_code_signing: mention where to select the signing provider Roland Hieber
2021-02-28 23:48 ` [ptxdist] [PATCH 2/2] rauc: be more verbose why the check for legacy keyring fails Roland Hieber
2021-03-05 7:26 ` [ptxdist] [APPLIED] " Michael Olbrich
2021-03-05 7:26 ` [ptxdist] [APPLIED] doc: dev_code_signing: mention where to select the signing provider Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox