aboutsummaryrefslogtreecommitdiff
path: root/ubifs-utils/mkfs.ubifs/sign.c
AgeCommit message (Collapse)Author
2020-10-18mkfs.ubifs: remove OPENSSL_no_config()Torben Hohn
Especially for the pkcs11 engine, a configuration is required because the provider has to be configured. Its not clear why OPENSSL_no_config() is called. Remove OPENSSL_no_config() and call OPENSSL_config(NULL) instead. Signed-off-by: Torben Hohn <torben.hohn@linutronix.de> Signed-off-by: Bastian Germann <bage@linutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-19mkfs.ubifs: Add authentication supportSascha Hauer
This adds support for authenticated UBIFS images. In authenticated images all UBIFS nodes are hashed as described in the UBIFS authentication whitepaper. Additionally the superblock node contains a hash of the master node and itself is cryptographically signed in a node following the superblock node. The signature is in PKCS #7 CMS format. To generate an authenticated image these options are necessary: --hash-algo=NAME hash algorithm to use for signed images (Valid options include sha1, sha256, sha512) --auth-key=FILE filename or PKCS #11 uri containing the authentication key for signing --auth-cert=FILE Authentication certificate filename for signing. Unused when certificate is provided via PKCS #11 Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 23:52:22 +0000