uboot-sign: Fix using wrong KEY_REQ_ARGS

When generating our SPL-verifying certificate, we use FIT_KEY_REQ_ARGS, which is intended for the U-Boot-verifying certificate. Instead, use UBOOT_FIT_KEY_REQ_ARGS. Fixes: 0e6b0fefa0 ("u-boot: Use a different Key for SPL signing") (From OE-Core rev: f01b15fcffd1a628a17caf1e94753c8cd09ea48f) Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit a2d939ccb182a1ad29280d236b9f9e1d09527af1) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Sean Anderson <sean.anderson@seco.com> 2022-10-21 19:37:21 -0400
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-11-09 17:42:14 +0000
commit: 6bded7cb1285070c8d427df157c3c5f279f08f51 (patch)
tree: 32fae6e25b0f132166deccae759af97376634316 /meta
parent: d18ec217b3c38e0a206f6d6e3749c1cd9f0df8ab (diff)
download: poky-6bded7cb1285070c8d427df157c3c5f279f08f51.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass
index debbf23ec6..4b5912a01d 100644
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -298,7 +298,7 @@ do_uboot_generate_rsa_keys() {
                                "${UBOOT_FIT_SIGN_NUMBITS}"
                        echo "Generating certificate for signing U-Boot fitImage"
-                        openssl req ${FIT_KEY_REQ_ARGS} "${UBOOT_FIT_KEY_SIGN_PKCS}" \
+                        openssl req ${UBOOT_FIT_KEY_REQ_ARGS} "${UBOOT_FIT_KEY_SIGN_PKCS}" \
                                -key "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".key \
                                -out "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".crt
                fi
author	Sean Anderson <sean.anderson@seco.com>	2022-10-21 19:37:21 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-11-09 17:42:14 +0000
commit	6bded7cb1285070c8d427df157c3c5f279f08f51 (patch)
tree	32fae6e25b0f132166deccae759af97376634316 /meta
parent	d18ec217b3c38e0a206f6d6e3749c1cd9f0df8ab (diff)
download	poky-6bded7cb1285070c8d427df157c3c5f279f08f51.tar.gz

diff --git a/meta/classes-recipe/uboot-sign.bbclass b/meta/classes-recipe/uboot-sign.bbclass index debbf23ec6..4b5912a01d 100644 --- a/meta/classes-recipe/uboot-sign.bbclass +++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -298,7 +298,7 @@ do_uboot_generate_rsa_keys() {
298	"${UBOOT_FIT_SIGN_NUMBITS}"	298	"${UBOOT_FIT_SIGN_NUMBITS}"
299		299
300	echo "Generating certificate for signing U-Boot fitImage"	300	echo "Generating certificate for signing U-Boot fitImage"
301	openssl req ${FIT_KEY_REQ_ARGS} "${UBOOT_FIT_KEY_SIGN_PKCS}" \	301	openssl req ${UBOOT_FIT_KEY_REQ_ARGS} "${UBOOT_FIT_KEY_SIGN_PKCS}" \
302	-key "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".key \	302	-key "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".key \
303	-out "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".crt	303	-out "${SPL_SIGN_KEYDIR}/${SPL_SIGN_KEYNAME}".crt
304	fi	304	fi