Message ID | 1504797794-31605-1-git-send-email-maciej.pijanowski@3mdeb.com |
---|---|
State | Accepted |
Headers | show |
Series | building-with-yocto.rst: update signed images section | expand |
On 07/09/2017 17:23, Maciej Pijanowski wrote: > Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> > --- > doc/source/building-with-yocto.rst | 16 ++++++++++++---- > 1 file changed, 12 insertions(+), 4 deletions(-) > > diff --git a/doc/source/building-with-yocto.rst b/doc/source/building-with-yocto.rst > index 0e0702c710cb..80c1301c8a1f 100644 > --- a/doc/source/building-with-yocto.rst > +++ b/doc/source/building-with-yocto.rst > @@ -56,13 +56,21 @@ generating the SWU. The class defines new variables, all of them have the prefix > > SWUPDATE_IMAGES_NOAPPEND_MACHINE[my-image] = "1" > > -- **SWUPDATE_SIGNING** : if set, the SWU is signed. > +- **SWUPDATE_SIGNING** : if set, the SWU is signed. There are 3 allowed values: > + RSA, CMS, CUSTOM. This value determines used signing mechanism. > - **SWUPDATE_SIGN_TOOL** : instead of using openssl, use SWUPDATE_SIGN_TOOL to sign > - the image. A typical use case is together with a hardware key. > + the image. A typical use case is together with a hardware key. It is > + available if SWUPDATE_SIGNING is set to CUSTOM > - **SWUPDATE_PRIVATE_KEY** : this is the file with the private key used to sign the > - image. > + image using RSA mechanism. Is available if SWUPDATE_SIGNING is set to RSA. > - **SWUPDATE_PASSWORD_FILE** : an optional file containing the password for the private > - key. > + key. It is available if SWUPDATE_SIGNING is set to RSA. > +- **SWUPDATE_CMS_KEY** : this is the file with the private key used in signing > + process using CMS mechanism. It is available if SWUPDATE_SIGNING is set to > + CMS. > +- **SWUPDATE_CMS_CERT** : this is the file with the certificate used in signing > + process using using CMS method. It is available if SWUPDATE_SIGNING is > + set to CMS. > > Automatic sha256 in sw-description > ---------------------------------- > Applied to master, thanks ! Best regards, Stefano Babic
diff --git a/doc/source/building-with-yocto.rst b/doc/source/building-with-yocto.rst index 0e0702c710cb..80c1301c8a1f 100644 --- a/doc/source/building-with-yocto.rst +++ b/doc/source/building-with-yocto.rst @@ -56,13 +56,21 @@ generating the SWU. The class defines new variables, all of them have the prefix SWUPDATE_IMAGES_NOAPPEND_MACHINE[my-image] = "1" -- **SWUPDATE_SIGNING** : if set, the SWU is signed. +- **SWUPDATE_SIGNING** : if set, the SWU is signed. There are 3 allowed values: + RSA, CMS, CUSTOM. This value determines used signing mechanism. - **SWUPDATE_SIGN_TOOL** : instead of using openssl, use SWUPDATE_SIGN_TOOL to sign - the image. A typical use case is together with a hardware key. + the image. A typical use case is together with a hardware key. It is + available if SWUPDATE_SIGNING is set to CUSTOM - **SWUPDATE_PRIVATE_KEY** : this is the file with the private key used to sign the - image. + image using RSA mechanism. Is available if SWUPDATE_SIGNING is set to RSA. - **SWUPDATE_PASSWORD_FILE** : an optional file containing the password for the private - key. + key. It is available if SWUPDATE_SIGNING is set to RSA. +- **SWUPDATE_CMS_KEY** : this is the file with the private key used in signing + process using CMS mechanism. It is available if SWUPDATE_SIGNING is set to + CMS. +- **SWUPDATE_CMS_CERT** : this is the file with the certificate used in signing + process using using CMS method. It is available if SWUPDATE_SIGNING is + set to CMS. Automatic sha256 in sw-description ----------------------------------
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> --- doc/source/building-with-yocto.rst | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-)