diff options
| -rw-r--r-- | meta-oe/classes/signing.bbclass | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/meta-oe/classes/signing.bbclass b/meta-oe/classes/signing.bbclass index 6fde22bf22..5068360ca7 100644 --- a/meta-oe/classes/signing.bbclass +++ b/meta-oe/classes/signing.bbclass | |||
| @@ -231,35 +231,6 @@ signing_get_root_cert() { | |||
| 231 | echo "${cert_name}" | 231 | echo "${cert_name}" |
| 232 | } | 232 | } |
| 233 | 233 | ||
| 234 | # signing_import_cert_chain_from_pem <role> <pem> | ||
| 235 | # | ||
| 236 | # Import a certificate *chain* from a PEM file to a role. | ||
| 237 | # (e.g. multiple ones concatenated in one file) | ||
| 238 | # | ||
| 239 | # Due to limitations in the toolchain: | ||
| 240 | # signing class -> softhsm -> 'extract-cert' | ||
| 241 | # the input certificate is split into a sequentially numbered list of roles, | ||
| 242 | # starting at <role>_1 | ||
| 243 | # | ||
| 244 | # (The limitations are the conversion step from x509 to a plain .der, and | ||
| 245 | # extract-cert expecting a x509 and then producing only plain .der again) | ||
| 246 | signing_import_cert_chain_from_pem() { | ||
| 247 | local role="${1}" | ||
| 248 | local pem="${2}" | ||
| 249 | local i=1 | ||
| 250 | |||
| 251 | cat "${pem}" | \ | ||
| 252 | while openssl x509 -inform pem -outform der -out ${B}/temp_${i}.der; do | ||
| 253 | signing_import_define_role "${role}_${i}" | ||
| 254 | signing_pkcs11_tool --type cert \ | ||
| 255 | --write-object ${B}/temp_${i}.der \ | ||
| 256 | --label "${role}_${i}" | ||
| 257 | rm ${B}/temp_${i}.der | ||
| 258 | echo "imported ${pem} under role: ${role}_${i}" | ||
| 259 | i=$(awk "BEGIN {print $i+1}") | ||
| 260 | done | ||
| 261 | } | ||
| 262 | |||
| 263 | # signing_import_cert_from_pem <cert_name> <pem> | 234 | # signing_import_cert_from_pem <cert_name> <pem> |
| 264 | # | 235 | # |
| 265 | # Import a certificate from PEM file to a cert_name. | 236 | # Import a certificate from PEM file to a cert_name. |