Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openpower-pnor-code-mgmt / 2b2d2298f5c6e9e596ed3ae84326a6ae804c46a4^! / . / activation.cpp
commit2b2d2298f5c6e9e596ed3ae84326a6ae804c46a4[log] [tgz]
authorLei YU <mine260309@gmail.com>Mon Mar 18 15:22:56 2019 +0800
committerGunnar Mills <gmills@us.ibm.com>Thu Apr 04 20:13:55 2019 +0000
tree29dbffbb025678743a19d2fac3ca0f4cf64be017
parent799eb1972c141271068cd4ea1010753e0347d8ab [diff] [blame]
Static layout: support image verification

Add support of image verification for static layout PNOR code update.

Tested: Verify the PNOR code update succeeds with valid-signed PNOR;
        and fails with invalid-signed PNOR or a PNOR tarball without
        signature.

Change-Id: I1aafeb4e8e07eaa16c170f33f4f21940f7c9c146
Signed-off-by: Lei YU <mine260309@gmail.com>

diff --git a/activation.cpp b/activation.cpp
index 2c05ea7..b9cd5ba 100644
--- a/activation.cpp
+++ b/activation.cpp

@@ -176,12 +176,13 @@
 }
 
 #ifdef WANT_SIGNATURE_VERIFY
-bool Activation::validateSignature()
+bool Activation::validateSignature(const std::string& pnorFileName)
 {
     using Signature = openpower::software::image::Signature;
     fs::path imageDir(IMG_DIR);
 
-    Signature signature(imageDir / versionId, PNOR_SIGNED_IMAGE_CONF_PATH);
+    Signature signature(imageDir / versionId, pnorFileName,
+                        PNOR_SIGNED_IMAGE_CONF_PATH);
 
     // Validate the signed image.
     if (signature.verify())