[PATCH v3 2/3] keytoc: add support to handle single env keyspec
Marco Felsch
m.felsch at pengutronix.de
Mon Aug 18 10:08:14 PDT 2025
Since commit 685cc602e0ad ("keytoc: allow __ENV__ lookup for keyname
hint") the hint and key can be specified via two environment variables.
Using two environment variables for a single keyspec is not very
intuitive. Therefore this commit adds the support to specify the keyspec
via a single environment variable:
For example:
FITKEY = "<hint>:<key>"
CONFIG_CRYPTO_PUBLIC_KEYS="__ENV__FITKEY"
Signed-off-by: Marco Felsch <m.felsch at pengutronix.de>
---
Changelog:
v3:
- keep Basti's use-case to provide the keyhint+key via two env-variables
v2:
- no changes
scripts/keytoc.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/scripts/keytoc.c b/scripts/keytoc.c
index 617317d6607e..67e2db3386db 100644
--- a/scripts/keytoc.c
+++ b/scripts/keytoc.c
@@ -737,6 +737,10 @@ int main(int argc, char *argv[])
char *keyname = NULL;
char *path = NULL;
+ keyspec = try_resolve_env(keyspec);
+ if (!keyspec)
+ exit(1);
+
if (!strncmp(keyspec, "pkcs11:", 7))
path = strdup(keyspec);
else
--
2.39.5
More information about the barebox
mailing list