commit | 0a06e97ff30ba125f13bfcbe2adaaeb1e5333a68 | [log] [tgz] |
---|---|---|
author | George Liu <liuxiwei@inspur.com> | Thu Dec 17 09:17:04 2020 +0800 |
committer | George Liu <liuxiwei@inspur.com> | Mon Jan 18 14:29:44 2021 +0800 |
tree | ada1d79f2c9808b49e6791395e590765a48f4678 | |
parent | 574f94bcf122246b991c8b75cf8f314a2f844bbb [diff] |
Add support for tarball contents signature Currently only supported to allow optional image files in BMC tarball. In order to ensure that the contents of the tarball are the expected ones as a full package, an additional signature file has been created for all the signature files in the tarball, (ex: image-full.sig = hash(file1.sig + file2.sig + file3.sig...)). Need to check the existence of the file and the signature verification passed. Also, added unit test case for the mergeFiles method. Tested: Enable `WANT_SIGNATURE_FULL_VERIFY` and ran the following command: curl -k -H "X-Auth-Token: $token" -H "Content-Type: application/octet-stream" -X POST -T obmc-phosphor-image-fp5280g2.static.mtd.tar https://${bmc}/redfish/v1/UpdateService { "@odata.id": "/redfish/v1/TaskService/Tasks/1", "@odata.type": "#Task.v1_4_3.Task", "Id": "1", "TaskState": "Running", "TaskStatus": "OK" } And Log output: `Successfully completed Signature vaildation.` Signed-off-by: George Liu <liuxiwei@inspur.com> Change-Id: I0e658b9dd90ea405a9c8292f29183ab516a0fa31
Phosphor BMC Code Management provides a set of system software management applications. More information can be found at Software Architecture
To build this package, do the following steps:
meson build
ninja -C build
To clean the repository run rm -r build
.