rauc: use known insecure keys by default
Unless overridden in another layer or in local.conf, rauc will bundle
and use a know public key for verifying updates. This allows us to
to have some set of defaults that work out of the box and allow testing
the OTA stack and producing signed update bundles coming out of the CI
system.
The key is insecure and will expire in a year. This is intentional. Over
time we may switch to a reference key that is managed and secured or
re-generate another key for another year.
The insecure key has a fixed name and that name is used to trigger a
bitbake warning. OTA stack will learn to detect that key and similarly
warn users, or perform equally appropriate operations, in order to
reduce the risk of someone accidentally using this key in production.
Signed-off-by: 
Zygmunt Krynicki <zygmunt.krynicki@huawei.com>
Showing
- meta-ohos-core/recipes-core/rauc/files/ostc-insecure-cert.pem 1 addition, 0 deletions...-ohos-core/recipes-core/rauc/files/ostc-insecure-cert.pem
- meta-ohos-core/recipes-core/rauc/files/raspberrypi4/system.conf 1 addition, 2 deletions...hos-core/recipes-core/rauc/files/raspberrypi4/system.conf
- meta-ohos-core/recipes-core/rauc/insecure-keys/cert.pem 33 additions, 0 deletionsmeta-ohos-core/recipes-core/rauc/insecure-keys/cert.pem
- meta-ohos-core/recipes-core/rauc/insecure-keys/cert.pem.license 3 additions, 0 deletions...hos-core/recipes-core/rauc/insecure-keys/cert.pem.license
- meta-ohos-core/recipes-core/rauc/insecure-keys/gen-keys.sh 15 additions, 0 deletionsmeta-ohos-core/recipes-core/rauc/insecure-keys/gen-keys.sh
- meta-ohos-core/recipes-core/rauc/insecure-keys/key.pem 52 additions, 0 deletionsmeta-ohos-core/recipes-core/rauc/insecure-keys/key.pem
- meta-ohos-core/recipes-core/rauc/insecure-keys/key.pem.license 3 additions, 0 deletions...ohos-core/recipes-core/rauc/insecure-keys/key.pem.license
- meta-ohos-core/recipes-core/rauc/rauc_%.bbappend 29 additions, 0 deletionsmeta-ohos-core/recipes-core/rauc/rauc_%.bbappend
Loading
Please register or sign in to comment