andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tools: cert_create: Create only requested certificates 

The certification tool creates all the certificates mentioned
statically in the code rather than taking explicit certificate
requests from the command line parameters.

Code is optimized to avoid unnecessary attempts to create
non-requested certificates.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I78feac25bc701bf8f08c6aa5a2e1590bec92d0f2
This commit is contained in:
Manish V Badarkhe 2021-01-26 10:55:49 +00:00
parent 70311692f1
commit 294e26566b
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
tools/cert_create/src/main.c
View File

@ -473,6 +473,11 @@ int main(int argc, char *argv[])
cert = &certs[i];
if (cert->fn == NULL) {
/* Certificate not requested. Skip to the next one */
continue;
}
/* Create a new stack of extensions. This stack will be used
* to create the certificate */
CHECK_NULL(sk, sk_X509_EXTENSION_new_null());
@ -534,7 +539,7 @@ int main(int argc, char *argv[])
}
/* Create certificate. Signed with corresponding key */
if (cert->fn && !cert_new(hash_alg, cert, VAL_DAYS, 0, sk)) {
if (!cert_new(hash_alg, cert, VAL_DAYS, 0, sk)) {
ERROR("Cannot create %s\n", cert->cn);
exit(1);
}