image_type_phosphor: Support single signature for the tarball contents
Currently the contents of the code update tarball are individually
signed and signature files for each file are created.
In order to ensure that the contents of the tarball are the expected
ones as a full package, it is necessary to create an additional single
signature file bashed on the individual signature files.
(From meta-phosphor rev: 80b9baede615563bc15e5218cb051f57ae451b8d)
Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I6373d4f0387e8f64c2c30be05e0d43af4ed9b913
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/meta-phosphor/classes/image_types_phosphor.bbclass b/meta-phosphor/classes/image_types_phosphor.bbclass
index e466347..fa5d319 100644
--- a/meta-phosphor/classes/image_types_phosphor.bbclass
+++ b/meta-phosphor/classes/image_types_phosphor.bbclass
@@ -332,6 +332,14 @@
openssl dgst -sha256 -sign ${SIGNING_KEY} -out "${file}.sig" $file
signature_files="${signature_files} ${file}.sig"
done
+
+ if [ -n "$signature_files" ]; then
+ sort_signature_files=`echo "$signature_files" | tr ' ' '\n' | sort | tr '\n' ' '`
+ cat $sort_signature_files > image-full
+ openssl dgst -sha256 -sign ${SIGNING_KEY} -out image-full.sig image-full
+ signature_files="${signature_files} image-full.sig"
+ rm -rf image-full
+ fi
}
do_generate_static_alltar() {