blob: 49af35683db085623a93eb8efe315c739db4454c [file] [log] [blame]
# Signing host images using TF-M tools
DEPENDS += "python3-imgtool-native fiptool-native"
#
# sign_host_image
#
# Description:
#
# A generic function that signs a host image
# using MCUBOOT format
#
# Arguments:
#
# $1 ... host binary to sign
# $2 ... host binary path
# $3 ... load address of the given binary
# $4 ... signed binary size
#
# Note: The signed binary is copied to ${D}/firmware
#
sign_host_image() {
host_binary_filename="`basename -s .bin ${1}`"
host_binary_layout="${host_binary_filename}_ns"
cat << EOF > ${B}/${host_binary_layout}
enum image_attributes {
RE_IMAGE_LOAD_ADDRESS = ${3},
RE_SIGN_BIN_SIZE = ${4},
};
EOF
host_binary="${2}/`basename ${1}`"
host_binary_signed="${D}/firmware/signed_`basename ${1}`"
${PYTHON} ${S}/bl2/ext/mcuboot/scripts/wrapper/wrapper.py \
-v ${RE_LAYOUT_WRAPPER_VERSION} \
--layout ${B}/${host_binary_layout} \
-k ${TFM_SIGN_PRIVATE_KEY} \
--public-key-format full \
--align 1 \
--pad \
--pad-header \
-H ${RE_IMAGE_OFFSET} \
-s auto \
${host_binary} \
${host_binary_signed}
}