Enable encrypted image update with SWUpdate
47 views
Skip to first unread message
Pratik Manvar
Jun 19, 2024, 8:11:20 AMJun 19
to swupdate
Hello,
I am trying to enable the the image encryption using SWUpdate by following https://sbabic.github.io/swupdate/encrypted_images.html
I enabled below configurations in my recipe which generates .swu file.
```
SWUPDATE_AES_FILE = "${THISDIR}/files/swu-keys/SWUPDATE_AES_FILE"
IMAGE_FSTYPES:append = "enc"
```
But seems like swu_encrypt_file() is not getting called which is defined in swupdate-enc.bbclass.
Can you please help me, what am I missing here? Thank you.
Thanks & Regards,
Pratik Manvar
Michael Glembotzki
Jun 19, 2024, 12:37:49 PMJun 19
to swupdate
Hi Pratik,
have you set SWUPDATE_IMAGES_ENCRYPTED and "inherit swupdate" bbclass ?
Best reards,
Best reards,
Michael
Pratik Manvar
Jun 20, 2024, 12:59:35 AM (14 days ago) Jun 20
to swupdate
Hi Michael,
Thanks for your quick response.
Yes, I tried adding below line, but it did not work.
```
SWUPDATE_IMAGES_ENCRYPTED[imx-image-full.ext4.zst] = "1"
```
Is that the correct syntax? I am not sure, I did not find much reference about it.
Is that the correct syntax? I am not sure, I did not find much reference about it.
Yes, I inherited both `swupdate` and `swupdate-enc` bbclass.
Thanks & Regards,
Pratik Manvar
Stefano Babic
Jun 20, 2024, 3:07:27 AM (14 days ago) Jun 20
to Pratik Manvar, swupdate
On 20.06.24 06:59, Pratik Manvar wrote:
> Hi Michael,
> Thanks for your quick response.
>
> Yes, I tried adding below line, but it did not work.
> ```
> SWUPDATE_IMAGES_ENCRYPTED[imx-image-full.ext4.zst] = "1"
^--- package / image name
> Hi Michael,
> Thanks for your quick response.
>
> Yes, I tried adding below line, but it did not work.
> ```
> SWUPDATE_IMAGES_ENCRYPTED[imx-image-full.ext4.zst] = "1"
You should not add here the extension:
SWUPDATE_IMAGES_ENCRYPTED[imx-image-full] = "1"
SWUPDATE_IMAGES_FSTYPES[imx-image-full] = ".ext4.zst"
> ```
> Is that the correct syntax? I am not sure, I did not find much reference
> about it.
> Yes, I inherited both `swupdate` and `swupdate-enc` bbclass.
You just need to inherit swupdate or swupdate-image.
> about it.
> Yes, I inherited both `swupdate` and `swupdate-enc` bbclass.
Best regards,
Stefanbo Babic
>
> Thanks & Regards,
> Pratik Manvar
>
> On Wednesday, June 19, 2024 at 10:07:49 PM UTC+5:30 Michael Glembotzki
> wrote:
>
> Hi Pratik,
>
> have you set SWUPDATE_IMAGES_ENCRYPTED and "inherit swupdate" bbclass ?
>
> Best reards,
> Michael
>
> Pratik Manvar schrieb am Mittwoch, 19. Juni 2024 um 14:11:20 UTC+2:
>
> Hello,
>
> I am trying to enable the the image encryption using SWUpdate by
> following
> https://sbabic.github.io/swupdate/encrypted_images.html
> <https://sbabic.github.io/swupdate/encrypted_images.html>
> I enabled below configurations in my recipe which generates .swu
> file.
>
> ```
> /
> /IMAGE_FSTYPES:append = "enc"/
> /```/
> /
> /
> /But seems like swu_encrypt_file() is not getting called which
> is defined in swupdate-enc.bbclass./
> /
> /
> /Can you please help me, what am I missing here? Thank you./
> /
> /
> /Thanks & Regards,/
> /Pratik Manvar/
>
> --
> You received this message because you are subscribed to the Google
> Groups "swupdate" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to swupdate+u...@googlegroups.com
> <mailto:swupdate+u...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/swupdate/db8d71b2-9a8a-4df7-bdd4-27596bf684e6n%40googlegroups.com <https://groups.google.com/d/msgid/swupdate/db8d71b2-9a8a-4df7-bdd4-27596bf684e6n%40googlegroups.com?utm_medium=email&utm_source=footer>.
Pratik Manvar
Jun 20, 2024, 6:42:09 AM (14 days ago) Jun 20
to swupdate
Hi Stefano,
Yes, I did that mistake. Thanks for pointing this out.
Isn't that the good idea to add `.enc` extension to the encrypted image?
I tried doing some changes to achieve this (attached patch), can you please take a look into this? Thank you.
Thanks & Regards,
Pratik Manvar
Reply all
Reply to author
Forward
0 new messages