Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / d52b0f66939bb4d3d39e10ac4c74591e2c4a7c48^! / . / meta-nuvoton / recipes-bsp / images / npcm8xx-igps.inc
commitd52b0f66939bb4d3d39e10ac4c74591e2c4a7c48[log] [tgz]
authorTim Lee <timlee660101@gmail.com>Mon May 29 10:12:08 2023 +0800
committerPatrick Williams <patrick@stwcx.xyz>Fri Jun 09 17:04:19 2023 +0000
treed78c5dff591085934dd8d0a7213f9e3aa48a0ec9
parenteabfa8b745e9258b04f0bffaa8401c8a50cbe37d [diff] [blame]
meta-phosphor: npcm8xx.bbclass: support sign images feature

Add sign images feature according customer's requirement.
Set "SECURED_IMAGE" to "True" and enable sign images feature.
When sign images feature be enabled. Use default keys to sign
images if customer didn't point their own local keys path.

Note: "SECURED_IMAGE" default is "True".

Tested:
Use default keys sign:
That will use default path and keys from igps to sign.

Use local keys sign:
That will use local path and keys to sign.
When KEY_FOLDER and KEY definition both are valid.

However, when KEY_FOLDER and KEY definition are invalid either,
that will output sign images failed then stop build full images.

Tested: build pass and boot up successfully with signed

Signed-off-by: Tim Lee <timlee660101@gmail.com>
Change-Id: If2b793906ab338aec391062d9bfeae2b1e790078

diff --git a/meta-nuvoton/recipes-bsp/images/npcm8xx-igps.inc b/meta-nuvoton/recipes-bsp/images/npcm8xx-igps.inc
index ace078e..099fa47 100644
--- a/meta-nuvoton/recipes-bsp/images/npcm8xx-igps.inc
+++ b/meta-nuvoton/recipes-bsp/images/npcm8xx-igps.inc

@@ -21,14 +21,26 @@
 
 do_install() {
 	install -d ${DEST}
-	if [ "${TIP_IMAGE}" = "True" ] ; then
-		install py_scripts/ImageGeneration/references/BootBlockAndHeader_${DEVICE_GEN}_${IGPS_MACHINE}.xml ${DEST}
+    if [ "${TIP_IMAGE}" = "True" ] ; then
+        install py_scripts/ImageGeneration/references/BootBlockAndHeader_${DEVICE_GEN}_${IGPS_MACHINE}.xml ${DEST}
 	else
-		install py_scripts/ImageGeneration/references/BootBlockAndHeader_A1_${IGPS_MACHINE}_NoTip.xml ${DEST}
-	fi
+        install py_scripts/ImageGeneration/references/BootBlockAndHeader_${DEVICE_GEN}_${IGPS_MACHINE}_NoTip.xml ${DEST}
+    fi
 	install py_scripts/ImageGeneration/references/UbootHeader_${DEVICE_GEN}.xml ${DEST}
 	install py_scripts/ImageGeneration/inputs/BL31_AndHeader.xml ${DEST}
 	install py_scripts/ImageGeneration/inputs/OpTeeAndHeader.xml ${DEST}
+	install py_scripts/ImageGeneration/asn1.py ${DEST}
+	install py_scripts/ImageGeneration/BinarySignatureGenerator.py ${DEST}
+}
+
+inherit deploy
+
+do_deploy () {
+	# copy default keys to deploy folder
+	install -d ${DEPLOYDIR}
+	cp -vur py_scripts/ImageGeneration/keys/${SIGN_TYPE} ${DEPLOYDIR}/
 }
 
 inherit native
+
+addtask deploy before do_build after do_compile