diff options
| author | Ayoub Zaki <ayoub.zaki@embetrix.com> | 2023-08-26 13:53:29 +0200 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2023-12-20 09:48:17 -0500 |
| commit | ece85cc0202717ee8eaf5acb0772c0912b7f8e9d (patch) | |
| tree | 9f9a9c55d4bca2fa74c8706d08f2fc7e002e16f4 | |
| parent | 05e8e2403c533cc9e7a2a548486e2e41dfd5ce53 (diff) | |
| download | u-boot-ece85cc0202717ee8eaf5acb0772c0912b7f8e9d.zip u-boot-ece85cc0202717ee8eaf5acb0772c0912b7f8e9d.tar.gz u-boot-ece85cc0202717ee8eaf5acb0772c0912b7f8e9d.tar.bz2 | |
rsa: use pkcs11 uri as defined in rfc7512
pkcs11 : change engine uri to use full pk11-URI as defined in:
https://www.rfc-editor.org/rfc/rfc7512.html
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>
| -rw-r--r-- | doc/usage/fit/signature.rst | 2 | ||||
| -rw-r--r-- | lib/rsa/rsa-sign.c | 12 |
2 files changed, 7 insertions, 7 deletions
diff --git a/doc/usage/fit/signature.rst b/doc/usage/fit/signature.rst index 39edba1..03a71b5 100644 --- a/doc/usage/fit/signature.rst +++ b/doc/usage/fit/signature.rst @@ -671,7 +671,7 @@ Create the fitImage:: Sign the fitImage with the hardware key:: $ ./tools/mkimage -F -k \ - "model=PKCS%2315%20emulated;manufacturer=ZeitControl;serial=000xxxxxxxxx;token=OpenPGP%20card%20%28User%20PIN%20%28sig%29%29" \ + "pkcs11:model=PKCS%2315%20emulated;manufacturer=ZeitControl;serial=000xxxxxxxxx;token=OpenPGP%20card%20%28User%20PIN%20%28sig%29%29" \ -K u-boot.dtb -N pkcs11 -r fitImage diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index d20bdb5..7ae163f 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -116,15 +116,15 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name, if (keydir) if (strstr(keydir, "object=")) snprintf(key_id, sizeof(key_id), - "pkcs11:%s;type=public", + "%s;type=public", keydir); else snprintf(key_id, sizeof(key_id), - "pkcs11:%s;object=%s;type=public", + "%s;object=%s;type=public", keydir, name); else snprintf(key_id, sizeof(key_id), - "pkcs11:object=%s;type=public", + "object=%s;type=public", name); } else if (engine_id) { if (keydir) @@ -238,15 +238,15 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name, if (keydir) if (strstr(keydir, "object=")) snprintf(key_id, sizeof(key_id), - "pkcs11:%s;type=private", + "%s;type=private", keydir); else snprintf(key_id, sizeof(key_id), - "pkcs11:%s;object=%s;type=private", + "%s;object=%s;type=private", keydir, name); else snprintf(key_id, sizeof(key_id), - "pkcs11:object=%s;type=private", + "object=%s;type=private", name); } else if (engine_id) { if (keydir && name) |