|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE reference |
|
11 PUBLIC "-//OASIS//DTD DITA Reference//EN" "reference.dtd"> |
|
12 <reference id="GUID-AA555CC1-5CFF-5609-9191-8970F32BA255" xml:lang="en"><title>CreateSIS</title><abstract><p>The <codeph>CreateSIS</codeph> tool is a wrapper around the <codeph>MakeSIS</codeph>, <codeph>SignSIS</codeph> and <codeph>MakeKeys</codeph> tools. </p> <p>This tool supports the creation and signing of SIS files, |
|
13 and generation of keys and certificate pairs for signing. It also displays |
|
14 signatures and certificate chain details of a SIS file. </p></abstract><prolog><metadata><keywords/></metadata></prolog><refbody> |
|
15 <refsyn><title>Syntax</title> <p><userinput>createsis <parmname>[OPTIONS]</parmname> <cmdname> <ARGS></cmdname> </userinput> </p> <p>The following table lists the options supported by the <codeph>CreateSIS</codeph> tool. </p> <table id="GUID-2CD8E0F4-8F71-53CC-8563-9542F1D6F2C2"> |
|
16 <tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/> |
|
17 <thead> |
|
18 <row> |
|
19 <entry>Options</entry> |
|
20 <entry>Description</entry> |
|
21 <entry>Usage</entry> |
|
22 </row> |
|
23 </thead> |
|
24 <tbody> |
|
25 <row> |
|
26 <entry><p> <varname>create</varname> </p> </entry> |
|
27 <entry><p>Creates and signs the SIS file with a trusted key. </p> </entry> |
|
28 <entry><p><userinput>createsis create [-cert <cert>] [-key <key>] [-pass |
|
29 <passphrase>] <pkgfile></userinput> </p> </entry> |
|
30 </row> |
|
31 <row> |
|
32 <entry><p> <varname>sign</varname> </p> </entry> |
|
33 <entry><p>Signs a pre-existing SIS file with a trusted key. </p> <p> <b>Note</b>: |
|
34 The output SIS file created is different from the input SIS file, therefore |
|
35 the original data is not destroyed. </p> </entry> |
|
36 <entry><p><userinput>createsis sign –cert <cert> -key <key> [-pass <passphrase>] |
|
37 <sis_input> <sis_output></userinput> </p> </entry> |
|
38 </row> |
|
39 <row> |
|
40 <entry><p> <varname>dump</varname> </p> </entry> |
|
41 <entry><p>Displays all valid signatures and certificates associated with the |
|
42 SIS file. </p> </entry> |
|
43 <entry><p><userinput>createsis dump <sisfile></userinput> </p> </entry> |
|
44 </row> |
|
45 <row> |
|
46 <entry><p> <varname>strip</varname> </p> </entry> |
|
47 <entry><p>Removes the most recent signatures from the SIS file. </p> </entry> |
|
48 <entry><p><userinput>createsis strip <sisfile></userinput> </p> </entry> |
|
49 </row> |
|
50 </tbody> |
|
51 </tgroup> |
|
52 </table> <p>The following table lists the arguments to be specified with the <codeph>CreateSIS</codeph> tool. </p> <table id="GUID-18BDE074-7F57-5DDE-ABCD-2D5370DF502A"> |
|
53 <tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/> |
|
54 <thead> |
|
55 <row> |
|
56 <entry>Arguments</entry> |
|
57 <entry>Description</entry> |
|
58 </row> |
|
59 </thead> |
|
60 <tbody> |
|
61 <row> |
|
62 <entry><p> <varname>-cert</varname> </p> </entry> |
|
63 <entry><p>Specifies the certificate file used for signing. </p> </entry> |
|
64 </row> |
|
65 <row> |
|
66 <entry><p> <varname>-key</varname> </p> </entry> |
|
67 <entry><p>Specifies private key file of the certificate. </p> </entry> |
|
68 </row> |
|
69 <row> |
|
70 <entry><p> <varname>-pass</varname> </p> </entry> |
|
71 <entry><p>Specifies passphrase of the private key file. </p> </entry> |
|
72 </row> |
|
73 <row> |
|
74 <entry><p> <varname>sis_input</varname> </p> </entry> |
|
75 <entry><p>Specifies the SIS file to be signed, unsigned or investigated. </p> </entry> |
|
76 </row> |
|
77 <row> |
|
78 <entry><p> <varname>sis_output</varname> </p> </entry> |
|
79 <entry><p>Specifies the name of the output SIS file. </p> </entry> |
|
80 </row> |
|
81 <row> |
|
82 <entry><p> <varname>pkgfile</varname> </p> </entry> |
|
83 <entry><p>Specifies the PKG file, for which a SIS file is generated. </p> </entry> |
|
84 </row> |
|
85 <row> |
|
86 <entry><p> <varname>sisfile</varname> </p> </entry> |
|
87 <entry><p>Specifies the name of the output SIS file to be generated. </p> <p> <b>Note</b>: |
|
88 If not specified, is derived from the name of the PKG file, but with a <filepath>SIS</filepath> file |
|
89 extension. </p> </entry> |
|
90 </row> |
|
91 </tbody> |
|
92 </tgroup> |
|
93 </table> </refsyn> |
|
94 <example id="GUID-939FFCE6-1155-5539-8B04-8DB2A0980514"><title> Examples</title> <p>The |
|
95 following examples illustrate the usage of the <codeph>CreateSIS</codeph> tool: </p> <ul> |
|
96 <li id="GUID-C64C6EAF-63DC-54C8-9A37-6DB6DF810A62"><p> <b>To create and sign |
|
97 a SIS file using a trusted key</b> </p> <p>You can specify the trusted End |
|
98 Entity (EE) certificate and matching key using the <codeph>-cert</codeph> and <codeph>-key</codeph> parameters |
|
99 while creating the SIS file. Optionally, you can specify a passphrase to decrypt |
|
100 the private key using the <codeph>-pass</codeph> parameter. </p> <p>The trusted |
|
101 EE Certificate is one that chains back to a trusted root in the target device |
|
102 SWI certstore. </p> <codeblock id="GUID-92E43CF0-EFF5-529D-A0B1-669A59625D93" xml:space="preserve">createsis create -cert trustedchain.pem -key eecertkey.key mypackage.pkg</codeblock> </li> |
|
103 <li id="GUID-F9218BC9-97BA-5488-84AA-8375F635FD81"><p> <b>To sign a pre-existing |
|
104 SIS file with a trusted key</b> </p> <p>You can sign and re-sign a pre-existing |
|
105 SIS file using the <codeph>sign</codeph> method. To sign a package, a key |
|
106 and certificate chain must be provided on the command line. The output SIS |
|
107 file is different from the input SIS file, so the original data is not destroyed. </p> <codeblock id="GUID-BCCA34C3-F780-5AF0-B713-A7D328D9EB32" xml:space="preserve">createsis sign -cert trustedchain.pem -key eecertkey.key mysis.sis mysis-signed.sis</codeblock> </li> |
|
108 <li id="GUID-C659BE6E-AA48-5AED-8AD4-ADAF667BDD1C"><p> <b>To sign a pre-existing |
|
109 SIS file with a self-signed certificate</b> </p> <p>When using <codeph>sign</codeph> method |
|
110 if key-certificate pair is not provided then CreateSIS signs the specified |
|
111 SIS file with an automatically generated self-signed certificate. </p> <codeblock id="GUID-B9EB4F8F-5C22-5BAF-96C6-ED9507A047B7" xml:space="preserve">createsis sign mysis.sis mysis-signed.sis</codeblock> </li> |
|
112 </ul> </example> |
|
113 </refbody><related-links> |
|
114 <link href="GUID-43B4B4E7-413E-5D18-811C-4B9E38CDEB69.dita"><linktext>PKG Format</linktext> |
|
115 </link> |
|
116 <link href="GUID-4BDC9F63-83A1-53A5-91A0-B092AA821755.dita"><linktext>MakeSIS</linktext> |
|
117 </link> |
|
118 <link href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita"><linktext>SignSIS</linktext> |
|
119 </link> |
|
120 <link href="GUID-03BBEA31-3266-5B1C-9017-4EE7EA4AF1A8.dita"><linktext>Creating |
|
121 and Signing an Installation File</linktext></link> |
|
122 </related-links></reference> |