summaryrefslogtreecommitdiffstats
path: root/meta/classes/kernel-fitimage.bbclass
diff options
context:
space:
mode:
Diffstat (limited to 'meta/classes/kernel-fitimage.bbclass')
-rw-r--r--meta/classes/kernel-fitimage.bbclass58
1 files changed, 0 insertions, 58 deletions
diff --git a/meta/classes/kernel-fitimage.bbclass b/meta/classes/kernel-fitimage.bbclass
index b9d8270027..6b7c1c3a7d 100644
--- a/meta/classes/kernel-fitimage.bbclass
+++ b/meta/classes/kernel-fitimage.bbclass
@@ -53,30 +53,6 @@ python __anonymous () {
53 d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' %s:do_populate_sysroot' % uboot_pn) 53 d.appendVarFlag('do_assemble_fitimage_initramfs', 'depends', ' %s:do_populate_sysroot' % uboot_pn)
54} 54}
55 55
56# Options for the device tree compiler passed to mkimage '-D' feature:
57UBOOT_MKIMAGE_DTCOPTS ??= ""
58
59# fitImage Hash Algo
60FIT_HASH_ALG ?= "sha256"
61
62# fitImage Signature Algo
63FIT_SIGN_ALG ?= "rsa2048"
64
65# Generate keys for signing fitImage
66FIT_GENERATE_KEYS ?= "0"
67
68# Size of private key in number of bits
69FIT_SIGN_NUMBITS ?= "2048"
70
71# args to openssl genrsa (Default is just the public exponent)
72FIT_KEY_GENRSA_ARGS ?= "-F4"
73
74# args to openssl req (Default is -batch for non interactive mode and
75# -new for new certificate)
76FIT_KEY_REQ_ARGS ?= "-batch -new"
77
78# Standard format for public key certificate
79FIT_KEY_SIGN_PKCS ?= "-x509"
80 56
81# Description string 57# Description string
82FIT_DESC ?= "U-Boot fitImage for ${DISTRO_NAME}/${PV}/${MACHINE}" 58FIT_DESC ?= "U-Boot fitImage for ${DISTRO_NAME}/${PV}/${MACHINE}"
@@ -84,13 +60,6 @@ FIT_DESC ?= "U-Boot fitImage for ${DISTRO_NAME}/${PV}/${MACHINE}"
84# Sign individual images as well 60# Sign individual images as well
85FIT_SIGN_INDIVIDUAL ?= "0" 61FIT_SIGN_INDIVIDUAL ?= "0"
86 62
87# mkimage command
88UBOOT_MKIMAGE ?= "uboot-mkimage"
89UBOOT_MKIMAGE_SIGN ?= "${UBOOT_MKIMAGE}"
90
91# Arguments passed to mkimage for signing
92UBOOT_MKIMAGE_SIGN_ARGS ?= ""
93
94# 63#
95# Emit the fitImage ITS header 64# Emit the fitImage ITS header
96# 65#
@@ -698,33 +667,6 @@ do_assemble_fitimage_initramfs() {
698 667
699addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs 668addtask assemble_fitimage_initramfs before do_deploy after do_bundle_initramfs
700 669
701do_generate_rsa_keys() {
702 if [ "${UBOOT_SIGN_ENABLE}" = "0" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
703 bbwarn "FIT_GENERATE_KEYS is set to 1 eventhough UBOOT_SIGN_ENABLE is set to 0. The keys will not be generated as they won't be used."
704 fi
705
706 if [ "${UBOOT_SIGN_ENABLE}" = "1" ] && [ "${FIT_GENERATE_KEYS}" = "1" ]; then
707
708 # Generate keys only if they don't already exist
709 if [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key ] || \
710 [ ! -f "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt]; then
711
712 # make directory if it does not already exist
713 mkdir -p "${UBOOT_SIGN_KEYDIR}"
714
715 echo "Generating RSA private key for signing fitImage"
716 openssl genrsa ${FIT_KEY_GENRSA_ARGS} -out \
717 "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
718 "${FIT_SIGN_NUMBITS}"
719
720 echo "Generating certificate for signing fitImage"
721 openssl req ${FIT_KEY_REQ_ARGS} "${FIT_KEY_SIGN_PKCS}" \
722 -key "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".key \
723 -out "${UBOOT_SIGN_KEYDIR}/${UBOOT_SIGN_KEYNAME}".crt
724 fi
725 fi
726}
727
728addtask generate_rsa_keys before do_assemble_fitimage after do_compile 670addtask generate_rsa_keys before do_assemble_fitimage after do_compile
729 671
730kernel_do_deploy[vardepsexclude] = "DATETIME" 672kernel_do_deploy[vardepsexclude] = "DATETIME"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-07 04:41:31 +0000