mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-01-01 13:58:06 +00:00
a825b85363
Add handling of ca-chains which can consist of more than one certificate in a .pem file, which need to be split off, processed and stored separately in the softhsm - as the tool-chain signing.bbclass::signing_import_cert* -> softhsm -> 'extract-cert' only supports one-per-file, due to using/expecting "plain" x509 in-/output. The added signing_import_cert_chain_from_pem function takes a <role> basename, and iterates through the input .pem file, creating numbered <role>_1, _2, ... roles as needed. Afterwards the certificates can be used or extracted one-by-one from the softhsm, using the numbered roles; the only precondition - or limitation - is that the PKI structure has to be known beforhand; e.g. how many certificates are between leaf and root. Signed-off-by: Johannes Schneider <johannes.schneider@leica-geosystems.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> |
||
|---|---|---|
| .. | ||
| breakpad.bbclass | ||
| fitimage.bbclass | ||
| gitpkgv.bbclass | ||
| gitver.bbclass | ||
| gpe.bbclass | ||
| image_types_sparse.bbclass | ||
| image_types_verity.bbclass | ||
| itstool.bbclass | ||
| machine_kernel_pr.bbclass | ||
| scancode.bbclass | ||
| signing.bbclass | ||
| socorro-syms.bbclass | ||