The srktool option -c does not allow spaces between certificate
filenames. Only commas (',') should separate the filenames. If spaces
are incorrectly included, srktool will not display an error or warning
message but will only process the first certificate in the list.So adapt documentation accordingly. Signed-off-by: Christoph Fritz <[email protected]> --- doc/imx/habv4/introduction_habv4.txt | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/doc/imx/habv4/introduction_habv4.txt b/doc/imx/habv4/introduction_habv4.txt index 25711bbe95a..53c54b2a88f 100644 --- a/doc/imx/habv4/introduction_habv4.txt +++ b/doc/imx/habv4/introduction_habv4.txt @@ -240,16 +240,17 @@ root of trust is established and the HAB code can progress with the image authentication. The srktool can be used for generating the SRK Table and its respective SRK -Table Hash. +Table Hash (certificate filenames must be separated by ',' with no spaces). - Generating SRK Table and SRK Hash in Linux 64-bit machines: + $ CERTS="SRK1_sha256_2048_65537_v3_ca_crt.pem" + $ CERTS="$CERTS,SRK2_sha256_2048_65537_v3_ca_crt.pem" + $ CERTS="$CERTS,SRK3_sha256_2048_65537_v3_ca_crt.pem" + $ CERTS="$CERTS,SRK4_sha256_2048_65537_v3_ca_crt.pem" + $ ../linux64/bin/srktool -h 4 -t SRK_1_2_3_4_table.bin -e \ - SRK_1_2_3_4_fuse.bin -d sha256 -c \ - SRK1_sha256_2048_65537_v3_ca_crt.pem,\ - SRK2_sha256_2048_65537_v3_ca_crt.pem,\ - SRK3_sha256_2048_65537_v3_ca_crt.pem,\ - SRK4_sha256_2048_65537_v3_ca_crt.pem + SRK_1_2_3_4_fuse.bin -d sha256 -c "$CERTS" The SRK_1_2_3_4_table.bin and SRK_1_2_3_4_fuse.bin files can be used in further steps as explained in HAB guides available under doc/imx/habv4/guides/ -- 2.39.5
