From patchwork Thu Sep  7 15:23:14 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
X-Patchwork-Id: 811070
Return-Path: <swupdate+bncBDIL3GP4WUMRBOOIYXGQKGQE42SQAXA@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=googlegroups.com
	(client-ip=2a00:1450:4010:c07::23f;
	helo=mail-lf0-x23f.google.com;
	envelope-from=swupdate+bncbdil3gp4wumrbooiyxgqkgqe42sqaxa@googlegroups.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=googlegroups.com header.i=@googlegroups.com
	header.b="LwI+Wy7Y"; dkim-atps=neutral
Received: from mail-lf0-x23f.google.com (mail-lf0-x23f.google.com
	[IPv6:2a00:1450:4010:c07::23f])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3xp42P3yBgz9s8J
	for <incoming@patchwork.ozlabs.org>;
	Fri,  8 Sep 2017 01:22:36 +1000 (AEST)
Received: by mail-lf0-x23f.google.com with SMTP id a138sf793282lfb.22
	for <incoming@patchwork.ozlabs.org>;
	Thu, 07 Sep 2017 08:22:36 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1504797754; cv=pass;
	d=google.com; s=arc-20160816;
	b=08mZFP/VfbLH/Qv4hnO+7QY27XIeiElx/bqSJeg8Ln3PRkloT/3KP6wlZ+2Ux/zZUr
	mrqeU9XihDxD1PjRkrQtauMHQ90Bdyri55HrOd1p3e50VzGl2WMvr1inbQafZTc81i2j
	HZzE5d0jQdhO6cskIHnG8pz3kBro4c/cVUPfclyU8i2jUCozN/qq6mf7A+Z0QRzVeQkY
	FB4oBj+kUigkFocAUvuRljhE47cXu+DwtiCSkj1w7hmcVFqDoqZw8kpGGO9tDu72OE6q
	qKo1Rk0JwNPxR2TJv3q1Kx1dsdQTMHvSpAbTIkzD2yolYJtjqfcknsbSPsw6/w8zxQXx
	zavQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:message-id:date:subject:cc:to:from
	:arc-authentication-results:arc-message-signature:mime-version
	:sender:dkim-signature:arc-authentication-results;
	bh=q0QUjTs7X7DD6vjNynlyGAA01QZowFgVJHiSVcbU+yE=;
	b=x0hfN1H3Wqh3YRYE3nCMlc6Gp8C3V7PeDwaMfwalXtxrpS6wK6LTFrJSN537RYbTws
	CRJzwEWM+b2oKwR9DyHdbTNI+cWi7IWjeYN3qzVh+RWsD7eH4Xa3oIZUalZwyQsKAksA
	3Ps1xVpJd9NPrqvrhbP7Z+WsJaxR0vwQVltnLpca//nIZ3euXxFRpvkwhMYYguWXgOh0
	Z5O5JI8D3eCtVNmge8pUblTt0qFtTJHL9ur/N3rLOKUXnsA7yiQgs4GNYyOo2Z4JsWb6
	eZd68vpAXZQGjY9dff2i96j8bu2SyZipoUCBlpjWsIuyCR5joVhI5uwvjo6miUZcjrjD
	Ysjg==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
	spf=neutral (google.com: 79.96.179.35 is neither permitted nor denied
	by best guess record for domain of
	maciej.pijanowski@3mdeb.com)
	smtp.mailfrom=maciej.pijanowski@3mdeb.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlegroups.com; s=20161025;
	h=sender:mime-version:from:to:cc:subject:date:message-id
	:x-original-sender:x-original-authentication-results:precedence
	:mailing-list:list-id:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=q0QUjTs7X7DD6vjNynlyGAA01QZowFgVJHiSVcbU+yE=;
	b=LwI+Wy7YBe/V7bGPiRUHn2Xz77ukeP6XR6UUFvKa5CHEs73pi9wqrglef5f8ZkLunj
	g7Kv2e7CBtD+vnsdDf+e0XTnaN8YbMR4K7cg8Kt06rJcxx8Lz8KtA4ClBz+PRqOB97q0
	7Ed5r5Ka6ANTw6vwnjsnotUpbQWLBQ+8bn+7nkmkmwuP3w/GDHcnxlFPHdxtMVJ+AMD+
	xiG1lfafS4RYG8A2XMLiT+5T77WYAIfgsczHlD1u+N4+c8yDmsQIuMPqG/pIGsX70tYZ
	1L/5XFEUT8KMerUCzFgdg6Kl44S3IB/bxAGSFKPdN12suUgSkwFL0tTc9FRfLoI1NSAs
	/H7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date
	:message-id:x-original-sender:x-original-authentication-results
	:precedence:mailing-list:list-id:x-spam-checked-in-group:list-post
	:list-help:list-archive:list-subscribe:list-unsubscribe;
	bh=q0QUjTs7X7DD6vjNynlyGAA01QZowFgVJHiSVcbU+yE=;
	b=P7mreaKoGtvv5et+K1eZma0NKUPvKyWFNfO8UQivjT8XUzpGUOWMPn4Q72LvN6BU9H
	FmeUR512U2KHeeGwITYJT3FB4WOG6ZWOj986N2xrC2uamJRYsCGCxfh2XvZ0EjcFUhHX
	wD//6iSNO1jtyqnp9Ph79El7A2kJgNrP4xNFjNaZWBkILLMA7XNQ1fq7s0AFdukUvYUU
	BIFKcaebDn/hDbaDs6FIqCM/0Zzt3NlnSeElDZdN+uJbDkQ8+d7MmwlqAnfiC0+eL0Bt
	fmbEipmqcDe7cFNYhDJ8F8+RyIjV6vz6Fvz0ZvwjuwXWwrRsD1vg9wlUw3QlP/qn/THZ
	w6CQ==
Sender: swupdate@googlegroups.com
X-Gm-Message-State: AHPjjUivh2ZmPTE0ElgMyWbxOJl0rk8sJqxpy9kdq4TBLvd+fcNx1KRp
	xdF4Y0HqdNKnDQ==
X-Google-Smtp-Source: 
 AOwi7QCKzUI2q02SVo4ghSI3xEmRqhWcYszvqCnY++XAYJhEl6OfoM4BmgOTl6/aJpW5sNwK6Y0wTA==
X-Received: by 10.25.199.131 with SMTP id x125mr4476lff.16.1504797754077;
	Thu, 07 Sep 2017 08:22:34 -0700 (PDT)
MIME-Version: 1.0
X-BeenThere: swupdate@googlegroups.com
Received: by 10.46.13.1 with SMTP id 1ls79744ljn.15.gmail; Thu, 07 Sep 2017
	08:22:33 -0700 (PDT)
X-Received: by 10.46.88.9 with SMTP id m9mr266134ljb.19.1504797753512;
	Thu, 07 Sep 2017 08:22:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1504797753; cv=none;
	d=google.com; s=arc-20160816;
	b=orRQRjcP+71Yf/aaBUI7/iX90NeKAtMgg6HmwPndrPZIw60XkW+xeD/JbyJ/UqOop4
	FE0ucwYBJYZyP1s0nasfzdph5D/s3wHwNHZxJMNgFQAdvr3D+8WR22iQ8SlCxANc0hc0
	nCvnjtYIS3mkO++ca9GyGMxMSJp3w3xRMxqSVP7cGb8vI5Xxk07fRQRss2qWsy4GL2Lj
	yiczX4I8vZF60mQNxR56XjGGSdVRA2ZI8p8qsZCipZsHUpvXQdLPOwrWSf4ywcunZeya
	HEfNqJmwdr/jDuKMjUzXRnQ4fo0nNuPXIKxA1I63EmLr6QZU14CdEBZCdIyeureXyRLZ
	L+UA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=message-id:date:subject:cc:to:from:arc-authentication-results;
	bh=K/CPObmWVhVTiMQyDy3gvssIFe3kdjQ0X/gLqIDnXHo=;
	b=Nz4pvCTWSX7OzFqINKb7Yvb0Y+PhGo/+zogmUJWcbuaUAQByjMqLNNUjn/g0VNcTvH
	CnF7zwx7toW5fyYLKHmzwB3KfUJVqe79+rkJQQBJyF1XrKnfzT44BXufAf7XDMdwn8/B
	/8e5UxsA2JPG+7gg/xhRakAGsF0T07SFustV5f7q01yCgYqNh9Jp4vHga4FTdRCLAWmo
	IfVxud0b2B07W5AXcxXKqv75Jv4ZCJlRNa93tN4hkMysJNAmSBgk6Tla7qbRk9JT7ztJ
	11mMWKrrgfIDMjk7A7RJ1k3hEXK8ne1ifpjJtAXck6d0MaiP+YEzE1TIKyiiiEfNTZp1
	Fryg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
	spf=neutral (google.com: 79.96.179.35 is neither permitted nor denied
	by best guess record for domain of
	maciej.pijanowski@3mdeb.com)
	smtp.mailfrom=maciej.pijanowski@3mdeb.com
Received: from cloudserver096301.home.net.pl (cloudserver096301.home.net.pl.
	[79.96.179.35]) by gmr-mx.google.com with ESMTPS id
	d82si36579wmd.1.2017.09.07.08.22.32 for <swupdate@googlegroups.com>
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Thu, 07 Sep 2017 08:22:32 -0700 (PDT)
Received-SPF: neutral (google.com: 79.96.179.35 is neither permitted nor
	denied by best guess record for domain of
	maciej.pijanowski@3mdeb.com) client-ip=79.96.179.35;
Received: from 81-95-197-197.metrolink.pl (81.95.197.197) (HELO
	localhost.localdomain)
	by serwer1539010.home.pl (79.96.179.35) with SMTP (IdeaSmtpServer
	0.82) id 01bf2a44f703d6be; Thu, 7 Sep 2017 17:22:31 +0200
From: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
To: swupdate@googlegroups.com
Cc: piotr.krol@3mdeb.com,
	Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Subject: [swupdate] [PATCH] building-with-yocto.rst: update signed images
	section
Date: Thu,  7 Sep 2017 17:23:14 +0200
Message-Id: <1504797794-31605-1-git-send-email-maciej.pijanowski@3mdeb.com>
X-Mailer: git-send-email 2.7.4
X-Original-Sender: maciej.pijanowski@3mdeb.com
X-Original-Authentication-Results: gmr-mx.google.com;       spf=neutral
	(google.com: 79.96.179.35 is neither permitted nor denied by best
	guess
	record for domain of maciej.pijanowski@3mdeb.com)
	smtp.mailfrom=maciej.pijanowski@3mdeb.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
	contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
	<mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
	<mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
	<mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
	<https://groups.google.com/group/swupdate/subscribe>

Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
---
 doc/source/building-with-yocto.rst | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/doc/source/building-with-yocto.rst b/doc/source/building-with-yocto.rst
index 0e0702c710cb..80c1301c8a1f 100644
--- a/doc/source/building-with-yocto.rst
+++ b/doc/source/building-with-yocto.rst
@@ -56,13 +56,21 @@ generating the SWU. The class defines new variables, all of them have the prefix
 
         SWUPDATE_IMAGES_NOAPPEND_MACHINE[my-image] = "1"
 
-- **SWUPDATE_SIGNING** : if set, the SWU is signed.
+- **SWUPDATE_SIGNING** : if set, the SWU is signed. There are 3 allowed values:
+  RSA, CMS, CUSTOM. This value determines used signing mechanism.
 - **SWUPDATE_SIGN_TOOL** : instead of using openssl, use SWUPDATE_SIGN_TOOL to sign
-  the image. A typical use case is together with a hardware key.
+  the image. A typical use case is together with a hardware key. It is
+  available if SWUPDATE_SIGNING is set to CUSTOM
 - **SWUPDATE_PRIVATE_KEY** : this is the file with the private key used to sign the
-  image.
+  image using RSA mechanism. Is available if SWUPDATE_SIGNING is set to RSA.
 - **SWUPDATE_PASSWORD_FILE** : an optional file containing the password for the private
-  key.
+  key. It is available if SWUPDATE_SIGNING is set to RSA.
+- **SWUPDATE_CMS_KEY** : this is the file with the private key used in signing
+  process using CMS mechanism. It is available if SWUPDATE_SIGNING is set to
+  CMS.
+- **SWUPDATE_CMS_CERT** : this is the file with the certificate used in signing
+  process using using CMS method. It is available if SWUPDATE_SIGNING is
+  set to CMS.
 
 Automatic sha256 in sw-description
 ----------------------------------