summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Dannenberg <dannenberg@ti.com>2016-03-23 18:24:10 -0500
committerTom Rini <trini@konsulko.com>2016-04-01 17:17:41 -0400
commit4c1d5c29b5dec31f838dbe860ea682debaf27efe (patch)
treefb5ca287775b1af58a522a865814c285bfc336df
parent486c39c2e956939125a4a25fbd644b2b620a103d (diff)
doc: clarify openssl-based key and certificate generation process
Add some basic clarification that the dev.key file generated by OpenSSL contains both the public and private key, and further highlight that the certificate generated here contains the public key only. Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
-rw-r--r--doc/uImage.FIT/signature.txt8
1 files changed, 4 insertions, 4 deletions
diff --git a/doc/uImage.FIT/signature.txt b/doc/uImage.FIT/signature.txt
index b2f89fcc65..e4874018fa 100644
--- a/doc/uImage.FIT/signature.txt
+++ b/doc/uImage.FIT/signature.txt
@@ -62,14 +62,14 @@ placed alongside rsa.c, and its functions added to the table in image-sig.c
also.
-Creating an RSA key and certificate
------------------------------------
-To create a new public key, size 2048 bits:
+Creating an RSA key pair and certificate
+----------------------------------------
+To create a new public/private key pair, size 2048 bits:
$ openssl genpkey -algorithm RSA -out keys/dev.key \
-pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537
-To create a certificate for this:
+To create a certificate for this containing the public key:
$ openssl req -batch -new -x509 -key keys/dev.key -out keys/dev.crt