From 8544d2a4a570ea109bc6b78c1e51ebc1d57b985d Mon Sep 17 00:00:00 2001
From: Jia Zhang <lans.zhang2008@gmail.com>
Date: Sat, 19 Aug 2017 12:48:03 +0800
Subject: sign_rpm_ext.bbclass: use the default setting from meta-signing-key

Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
---
 meta-integrity/classes/sign_rpm_ext.bbclass            |  5 +++--
 meta-integrity/recipes-core/meta/signing-keys.bbappend | 12 ------------
 meta-signing-key/conf/layer.conf                       |  4 ++--
 3 files changed, 5 insertions(+), 16 deletions(-)

diff --git a/meta-integrity/classes/sign_rpm_ext.bbclass b/meta-integrity/classes/sign_rpm_ext.bbclass
index 4b52d6a..5a579ee 100644
--- a/meta-integrity/classes/sign_rpm_ext.bbclass
+++ b/meta-integrity/classes/sign_rpm_ext.bbclass
@@ -1,8 +1,6 @@
 # RPM_GPG_NAME and RPM_GPG_PASSPHRASE must be configured in your build
 # environment. By default, the values for the sample keys are configured
 # in meta-signing-key.
-RPM_GPG_NAME ?= "SecureCore"
-RPM_GPG_PASSPHRASE ?= "SecureCore"
 
 RPM_GPG_BACKEND ?= "local"
 # SHA-256 is used for the file checksum digest.
@@ -17,6 +15,9 @@ RPM_FSK_PASSWORD ?= "password"
 inherit sign_rpm user-key-store
 
 python () {
+    if d.getVar('RPM_SIGN_FILES', True) != '1':
+        return
+
     gpg_path = d.getVar('GPG_PATH', True)
     if not gpg_path:
         gpg_path = d.getVar('DEPLOY_DIR_IMAGE', True) + '/.gnupg'
diff --git a/meta-integrity/recipes-core/meta/signing-keys.bbappend b/meta-integrity/recipes-core/meta/signing-keys.bbappend
index 2c6ce7b..dd8a9ba 100644
--- a/meta-integrity/recipes-core/meta/signing-keys.bbappend
+++ b/meta-integrity/recipes-core/meta/signing-keys.bbappend
@@ -1,17 +1,5 @@
 python check_public_keys () {
     gpg_path = d.getVar('GPG_PATH', True)
-    if not gpg_path:
-        gpg_path = d.getVar('DEPLOY_DIR_IMAGE', True) + '/.gnupg'
-
-        if not os.path.exists(gpg_path):
-            cmd = ' '.join(('mkdir -p', gpg_path))
-            status, output = oe.utils.getstatusoutput(cmd)
-            if status:
-                raise bb.build.FuncFailed('Failed to create gpg keying %s: %s' %
-                                          (gpg_path, output))
-
-        d.setVar('GPG_PATH', gpg_path)
-
     gpg_bin = d.getVar('GPG_BIN', True) or \
               bb.utils.which(os.getenv('PATH'), 'gpg')
     gpg_keyid = d.getVar('RPM_GPG_NAME', True)
diff --git a/meta-signing-key/conf/layer.conf b/meta-signing-key/conf/layer.conf
index 8b18e82..e0b171b 100644
--- a/meta-signing-key/conf/layer.conf
+++ b/meta-signing-key/conf/layer.conf
@@ -41,8 +41,8 @@ VENDOR_UUID = "1f7b9654-2107-4697-8f1c-0cbc38874588"
 UEFI_SIG_OWNER_GUID ??= "${VENDOR_UUID}"
 
 SAMPLE_RPM_KEYNAME ??= "SecureCore"
-RPM_GPG_NAME ??= "${SAMPLE_RPM_KEYNAME}"
-RPM_GPG_PASSPHRASE ??= "SecureCore"
+RPM_GPG_NAME ?= "${SAMPLE_RPM_KEYNAME}"
+RPM_GPG_PASSPHRASE ?= "SecureCore"
 
 BB_HASHBASE_WHITELIST_append += " IMA_SIGNING_BLACKLIST IMA_KEYS_DIR \
                                   RPM_KEYS_DIR UEFI_SB_KEYS_DIR EV_CERT \
-- 
cgit v1.2.3-54-g00ecf