diff --git a/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-2.3.2/0004-hab4_pki_tree.sh-usa-a-random-password-for-the-defau.patch b/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-2.3.2/0004-hab4_pki_tree.sh-usa-a-random-password-for-the-defau.patch new file mode 100644 index 000000000..6b668d7c3 --- /dev/null +++ b/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-2.3.2/0004-hab4_pki_tree.sh-usa-a-random-password-for-the-defau.patch @@ -0,0 +1,29 @@ +From: "Diaz de Grenu, Jose" +Date: Fri, 29 Jul 2016 17:20:28 +0200 +Subject: [PATCH] hab4_pki_tree.sh: usa a random password for the default PKI + generation + +Signed-off-by: Diaz de Grenu, Jose +--- + keys/hab4_pki_tree.sh | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/keys/hab4_pki_tree.sh b/keys/hab4_pki_tree.sh +index b2c6b71b604e..93347521cea1 100644 +--- a/keys/hab4_pki_tree.sh ++++ b/keys/hab4_pki_tree.sh +@@ -95,9 +95,10 @@ fi + # Check that the file "key_pass.txt" is present, if not create it with default user/pwd: + if [ ! -f key_pass.txt ] + then +- echo "test" > key_pass.txt +- echo "test" >> key_pass.txt +- echo "A default file 'key_pass.txt' was created with password = test!" ++ password="$(openssl rand -base64 32)" ++ echo "${password}" > key_pass.txt ++ echo "${password}" >> key_pass.txt ++ echo "A file 'key_pass.txt' was created with a random password!" + fi + + # The following is required otherwise OpenSSL complains + diff --git a/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-native_2.3.2.bb b/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-native_2.3.2.bb index ec1d8a6a7..765d5fb0e 100644 --- a/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-native_2.3.2.bb +++ b/meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst-native_2.3.2.bb @@ -14,6 +14,7 @@ SRC_URI = " \ file://0001-gen_auth_encrypted_data-reuse-existing-DEK-file.patch \ file://0002-hab4_pki_tree.sh-automate-script.patch \ file://0003-openssl_helper-use-dev-urandom-as-seed-source.patch \ + file://0004-hab4_pki_tree.sh-usa-a-random-password-for-the-defau.patch \ file://Makefile \ "