image: use ucert to append signature

author Daniel Golle <daniel@makrotopia.org>

Mon, 6 Aug 2018 19:20:57 +0000 (21:20 +0200)

committer Jo-Philipp Wich <jo@mein.io>

Tue, 18 Dec 2018 16:47:45 +0000 (17:47 +0100)
author Daniel Golle <daniel@makrotopia.org>
Mon, 6 Aug 2018 19:20:57 +0000 (21:20 +0200)
committer Jo-Philipp Wich <jo@mein.io>
Tue, 18 Dec 2018 16:47:45 +0000 (17:47 +0100)
diff --git a/include/image-commands.mk b/include/image-commands.mk

index 28b39c310e499caea4fe8a6d9ad6dceb5d95363b..01040138a48a9d07d4e1a122ae6ce9545b27c62b 100644 (file)
--- a/include/image-commands.mk
+++ b/include/image-commands.mk
@@ -309,6 +309,12 @@ metadata_json = \
  
  define Build/append-metadata
         $(if $(SUPPORTED_DEVICES),-echo $(call metadata_json,$(SUPPORTED_DEVICES)) | fwtool -I - $@)
+       [ -s "$(BUILD_KEY)" -a -s "$(BUILD_KEY).ucert" ] && { \
+               cp "$(BUILD_KEY).ucert" "$@.ucert" ;\
+               usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\
+               ucert -A -c "$@.ucert" -x "$@.sig" ;\
+               fwtool -S "$@.ucert" "$@" ;\
+       }
  endef
  
  define Build/kernel2minor
author	Daniel Golle <daniel@makrotopia.org>
	Mon, 6 Aug 2018 19:20:57 +0000 (21:20 +0200)
committer	Jo-Philipp Wich <jo@mein.io>
	Tue, 18 Dec 2018 16:47:45 +0000 (17:47 +0100)