Add support for optional images
Add support to allow optional image files in the BMC tarball.
This can be used for example to add a host bios file in a "System"
image, or for elements that as best practice should not be
updated unless necessary like for a bug fix, such as the U-Boot SPL.
This commit provides the ability to add these optional images from
a list of pre-defined names. These files will then go through the
same checks as the default image files such as checking the files
exist and the signature verification (if enabled) passes.
Change-Id: I304b4e28c776db4a51537613888b4e11824cab88
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
diff --git a/image_verify.cpp b/image_verify.cpp
index 6057653..d7b676d 100644
--- a/image_verify.cpp
+++ b/image_verify.cpp
@@ -120,6 +120,30 @@
return false;
}
}
+ // Validate the optional image files.
+ auto optionalImages = getOptionalImages();
+ for (const auto& optionalImage : optionalImages)
+ {
+ // Build Image File name
+ fs::path file(imageDirPath);
+ file /= optionalImage;
+
+ if (fs::exists(file))
+ {
+ // Build Signature File name
+ fs::path sigFile(file);
+ sigFile.replace_extension(SIGNATURE_FILE_EXT);
+
+ // Verify the signature.
+ auto valid = verifyFile(file, sigFile, publicKeyFile, hashType);
+ if (valid == false)
+ {
+ log<level::ERR>("Image file Signature Validation failed",
+ entry("IMAGE=%s", optionalImage.c_str()));
+ return false;
+ }
+ }
+ }
log<level::DEBUG>("Successfully completed Signature vaildation.");