Private information file
A sample private information file is always generated by the getSampleConfigs command, but is optional to use. It allows you to separate sensitive information that requires elevated security from the product and manufacturing information files. A private information file can be stored securely, for example, on an encrypted flash drive. If this file is not used, passphrases can be entered directly onto the command line in plain text when you use the createPpkg command.
The data in the file is formatted using the JSON standard. The redirection of field values from a configuration file to the private information file works like this:
In the product or manufacturing configuration file, the redirected value is provided as a file path to the private information file.
An
@delimiter at the end of the filename is followed by a user-defined field name.This field name is used in the private information file to find the corresponding value, for example a passphrase.
This diagram shows an example of how the passphrase for the OEM identity file is redirected from the manufacturing configuration file to the private information file:
For security reasons, the values of any redirected passphrase fields must be base64-encoded with padding before being added to the private information file. Most text editors are capable of base64-encoding text, but due to the sensitivity of the information, we recommend that you use a local editor and not an online tool.