| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
In indpendent mode, there are cases where we want to look for signatures
elsewhere in the cache, if not found in the local cache, that were not
covered previously.
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
|
|
|
|
| |
Test for nonzero value is the default test operation in shell, so it's not
necessary to use -n explicitly in tests. Removing them makes the code a
bit more compact.
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
|
|
|
|
|
|
| |
In cases where input payload or output imagefile are not needed, we previously
required __none to be specified for these properties. But really they can be
omitted, and we can treat it as if __none were specified.
Also, fix a shellcheck warning from a previous commit.
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
|
|
|
|
| |
Add a simple check to crtSignedContainer.sh to make sure basic tools, openssl
commands, and other signtool and signframework executables are found in PATH,
before proceeding.
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
|
|
|
| |
Fix some warnings from shellcheck static analyzer tool, in crtSignedContainer.sh,
mostly regarding double-quoting
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@linux.vnet.ibm.com>
|
| |
|
|
|
|
| |
Helpful for execution under op-build, where command line options are not exposed.
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
|
|
|
| |
On __getkey, the behavior should be to integrate a signature if found, but
skip the request if not found. Currently it skips both.
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |\
| |
| | |
Add --contrHdrOut option to crtSignedContainer.sh
|
| | |
| |
| |
| | |
Adds option to dump the container header (first 4k) without the payload.
|
| |\ \
| |/
|/| |
Make signproject base names configurable via env or INI
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch allows signframework project basenames to be settable via env
or INI. There are three new env properties: SF_HW_SIGNING_PROJECT_BASE,
SF_FW_SIGNING_PROJECT_BASE and SF_GETPUBKEY_PROJECT_BASE. In the INI, there
are three new properties under a new section [signproject]. The defaults
are the values that were previously hardcoded.
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| | |
| |
| |
| | |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |/
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| |
|
|
| |
Signed-off-by: Dave Heller <hellerda@us.ibm.com>
|
| | |
|
| | |
|
| | |
|
| |
|
