the signer doesn't know anything about key file names nor should it.  it is specifically designed to be a black box.  it is up to the scripts in vboot_reference/ to do the right thing with the keysets it generates and the artifacts/keysets it is given.

this is a bug/desync in the vboot script expectations and the artifacts produced by the ebuilds.  i don't really have an opinion on how that's resolved, but it isn't a bug in the signer.

If the signer instructions specify a key name, and that key name is then discarded, that a bug. It's not a regression, it's always been broken.

Note that git blame suggests that you also own the vboot script, which I would consider part of the signer? But if you have a different name for it, let me know.

The signer appears to specifiy the key file names in the signer instructions, I believe?

you're confused about the function of the keyset name.  it's used to select a directory of keys.  how the signing scripts choose to process that directory is up to the signing scripts.  the signer hasn't "discarded" anything.

wrt firmware accessory signing, i did not implement the signing process, nor does my name show up in blame.  Vincent & Nicolas did a lot of this work.

Do you have the link to the docs?

which docs ?

Docs describing the signer functionality referenced in #5. 

If you say someone is confused about build functionality, as build TL, your responsibility is to point to the appropriate docs, or explain how it works.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform/vboot_reference/+/e2ff36430b3e915d2c9a76a1f85889cbe68d788b

commit e2ff36430b3e915d2c9a76a1f85889cbe68d788b
Author: Nick Sanders <nsanders@chromium.org>
Date: Fri Jul 20 12:31:35 2018

signer: fix accessory_rwsig signing

Require that the container passed in is the one containing
the specified key, and no other key. So if only one key is
present it must be the specified key.

BUG= chromium:863464 
TEST=run locally
BRANCH=None

Change-Id: Ieeca5773f35b7bf92beae8a2192ed6e6fd9008e6
Reviewed-on: https://chromium-review.googlesource.com/1136910
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Nick Sanders <nsanders@chromium.org>
Reviewed-by: Bob Moragues <moragues@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/e2ff36430b3e915d2c9a76a1f85889cbe68d788b/scripts/image_signing/sign_official_build.sh

The following revision refers to this bug:
  https://chrome-internal.googlesource.com/chromeos/cros-signing/+/fbab259a55cffae4a23252d98ee2706d221d3785

commit fbab259a55cffae4a23252d98ee2706d221d3785
Author: Mike Frysinger <vapier@chromium.org>
Date: Fri Jul 20 19:51:53 2018

i requeued all the failed jobs and they passed this time.  assuming we're all set now after Nick's help.