key-store: rename ima private key and certificate on target

If sample keys are selected, key-store service will deploy IMA private
key during first boot, but beople may be confused if we deploy a sample
private key like "xxx.crt", so this commit is making sure key/cert on
target are consistent with key files on build system.

Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com>
This commit is contained in:
Yunguo Wei
2018-10-26 10:16:42 +08:00
committed by Jia Zhang
parent bf314c0d0c
commit 37a59625e5
4 changed files with 18 additions and 5 deletions
@@ -19,5 +19,5 @@ CONFIG_IMA_APPRAISE_BOOTPARAM=y
CONFIG_IMA_TRUSTED_KEYRING=y
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_IMA_BLACKLIST_KEYRING=y
CONFIG_IMA_X509_PATH="/etc/keys/x509_evm.der"
CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der"
# CONFIG_IMA_APPRAISE_SIGNED_INIT is not set