From 7cf57825eb4366a474ee0a13ef690d460f8c4775 Mon Sep 17 00:00:00 2001 From: Christoph Fritz Date: Mon, 16 Dec 2024 15:59:00 +0100 Subject: [PATCH] imx: hab: fix srktool -c usage by removing spaces The srktool option -c does not allow spaces between certificate filenames. Only commas (',') should separate the filenames. If spaces are incorrectly included, srktool will not display an error or warning message but will only process the first certificate in the list. So adapt documentation accordingly. Signed-off-by: Christoph Fritz --- doc/imx/habv4/introduction_habv4.txt | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/doc/imx/habv4/introduction_habv4.txt b/doc/imx/habv4/introduction_habv4.txt index 25711bbe95a..a2f2d836911 100644 --- a/doc/imx/habv4/introduction_habv4.txt +++ b/doc/imx/habv4/introduction_habv4.txt @@ -240,16 +240,14 @@ root of trust is established and the HAB code can progress with the image authentication. The srktool can be used for generating the SRK Table and its respective SRK -Table Hash. +Table Hash (certificate filenames must be separated by ',' without spaces). - Generating SRK Table and SRK Hash in Linux 64-bit machines: + $ CA_CRT="sha256_2048_65537_v3_ca_crt.pem" $ ../linux64/bin/srktool -h 4 -t SRK_1_2_3_4_table.bin -e \ SRK_1_2_3_4_fuse.bin -d sha256 -c \ - SRK1_sha256_2048_65537_v3_ca_crt.pem,\ - SRK2_sha256_2048_65537_v3_ca_crt.pem,\ - SRK3_sha256_2048_65537_v3_ca_crt.pem,\ - SRK4_sha256_2048_65537_v3_ca_crt.pem + SRK1_"$CA_CRT",SRK2_"$CA_CRT",SRK3_"$CA_CRT",SRK4_"$CA_CRT" The SRK_1_2_3_4_table.bin and SRK_1_2_3_4_fuse.bin files can be used in further steps as explained in HAB guides available under doc/imx/habv4/guides/ -- 2.42.0