swu-sign: do not expand private sign key in TrustFence class

- Trying to set the complete SWU packages signature key in the TrustFence class was causing a build error when keys were not yet generated. To avoid this, set only the key wildcard in the TrustFence class and expand the variable in the SWU packages recipes, when keys already exist. https://jira.digi.com/browse/DEL-3913 Signed-off-by: David Escalona <david.escalona@digi.com>
2017-03-14 09:28:38 +01:00 · 2017-03-14 09:28:38 +01:00 · 00d22c3d7e
parent e3ce215f67
commit 00d22c3d7e
3 changed files with 16 additions and 3 deletions
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@ -35,7 +35,6 @@ python () {
    import binascii
    import hashlib
    import os
-    import glob

    # Secure console configuration
    if (d.getVar("TRUSTFENCE_CONSOLE_DISABLE", True) == "1"):
@ -80,8 +79,8 @@ python () {
            key_index = int(d.getVar("TRUSTFENCE_KEY_INDEX", True))
        key_index_1 = key_index + 1

-        # Set the private key.
-        d.setVar("SWUPDATE_PRIVATE_KEY", glob.glob(keys_path + "/keys/IMG" + str(key_index_1) + "*key.pem")[0])
+        # Set the private key template, it will be expanded later in 'swu' recipes once keys are generated.
+        d.setVar("SWUPDATE_PRIVATE_KEY_TEMPLATE", keys_path + "/keys/IMG" + str(key_index_1) + "*key.pem")

        # Set the key password.
        d.setVar("SWUPDATE_PASSWORD_FILE", keys_path + "/keys/key_pass.txt")
--- a/meta-digi-dey/recipes-digi/swu-images/core-image-base-swu.bb
+++ b/meta-digi-dey/recipes-digi/swu-images/core-image-base-swu.bb
@ -38,6 +38,13 @@ python () {
    d.setVarFlag("SWUPDATE_IMAGES_FSTYPES", "core-image-base", img_fstypes)
 }

+python do_swuimage_prepend() {
+    import glob
+
+    if (d.getVar('TRUSTFENCE_SIGN', True) == "1"):
+        d.setVar('SWUPDATE_PRIVATE_KEY', glob.glob(d.getVar('SWUPDATE_PRIVATE_KEY_TEMPLATE', True))[0])
+}
+
 do_unpack[postfuncs] += "fill_description"

 fill_description() {
--- a/meta-digi-dey/recipes-digi/swu-images/dey-image-qt-swu.bb
+++ b/meta-digi-dey/recipes-digi/swu-images/dey-image-qt-swu.bb
@ -38,6 +38,13 @@ python () {
    d.setVarFlag("SWUPDATE_IMAGES_FSTYPES", "dey-image-qt-" + d.getVar('GRAPHICAL_BACKEND', True), img_fstypes)
 }

+python do_swuimage_prepend() {
+    import glob
+
+    if (d.getVar('TRUSTFENCE_SIGN', True) == "1"):
+        d.setVar('SWUPDATE_PRIVATE_KEY', glob.glob(d.getVar('SWUPDATE_PRIVATE_KEY_TEMPLATE', True))[0])
+}
+
 do_unpack[postfuncs] += "fill_description"

 fill_description() {