1
0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00

makefiles/suit: allow multiple SUIT_SECs

This commit is contained in:
Benjamin Valentin 2022-08-15 19:32:19 +02:00
parent abb5d0fab6
commit 2a3c8bf8e3

View File

@ -18,13 +18,11 @@ else
SUIT_KEY_DIR ?= $(XDG_DATA_HOME)/RIOT/keys
endif
# Enable user to encrypt private key with a password
ifneq (,$(SUIT_SEC_PASSWORD))
SUIT_TOOL_ARGS += -p $(SUIT_SEC_PASSWORD)
endif
SUIT_SEC ?= $(SUIT_KEY_DIR)/$(SUIT_KEY).pem
# Multiple keys can be specified with "key0:pw0 key1:pw1 …" (pw may be empty)
SUIT_SECS ?= $(SUIT_SEC):$(SUIT_SEC_PASSWORD)
SUIT_PUB_HDR = $(BINDIR)/riotbuild/public_key.h
SUIT_PUB_HDR_DIR = $(dir $(SUIT_PUB_HDR))
CFLAGS += -I$(SUIT_PUB_HDR_DIR)
@ -40,7 +38,21 @@ $(SUIT_SEC): | $(CLEAN)
# key's mtime is too far back).
$(SUIT_PUB_HDR): $(SUIT_SEC) FORCE | $(CLEAN)
$(Q)mkdir -p $(SUIT_PUB_HDR_DIR)
$(Q)$(SUIT_TOOL) pubkey $(SUIT_TOOL_ARGS) -f header -k $(SUIT_SEC) \
| '$(LAZYSPONGE)' $(LAZYSPONGE_FLAGS) '$@'
$(Q)( \
echo "const uint8_t public_key[][32] = {"; \
for i in $(SUIT_SECS); do \
key=$${i%:*}; \
pw=$${i#*:}; \
if [ "$$key" = "$$pw" ]; then \
unset pw; \
fi; \
if [ -z "$$pw" ]; then \
$(SUIT_TOOL) pubkey -f header -k $$key; \
else \
$(SUIT_TOOL) pubkey -f header -k $$key -p $$pw; \
fi \
done; \
echo "};" \
) | '$(LAZYSPONGE)' $(LAZYSPONGE_FLAGS) '$@'
suit/genkey: $(SUIT_SEC)