| Brad Bishop | bec4ebc | 2022-08-03 09:55:16 -0400 | [diff] [blame] | 1 | # Signing host images using TF-M tools |
| 2 | |
| 3 | DEPENDS += "python3-imgtool-native fiptool-native" |
| 4 | |
| 5 | # |
| 6 | # sign_host_image |
| 7 | # |
| 8 | # Description: |
| 9 | # |
| 10 | # A generic function that signs a host image |
| 11 | # using MCUBOOT format |
| 12 | # |
| 13 | # Arguments: |
| 14 | # |
| 15 | # $1 ... host binary to sign |
| 16 | # $2 ... host binary path |
| 17 | # $3 ... load address of the given binary |
| 18 | # $4 ... signed binary size |
| 19 | # |
| 20 | # Note: The signed binary is copied to ${D}/firmware |
| 21 | # |
| 22 | sign_host_image() { |
| 23 | |
| 24 | host_binary_filename="`basename -s .bin ${1}`" |
| 25 | host_binary_layout="${host_binary_filename}_ns" |
| 26 | |
| 27 | cat << EOF > ${B}/${host_binary_layout} |
| 28 | enum image_attributes { |
| 29 | RE_IMAGE_LOAD_ADDRESS = ${3}, |
| 30 | RE_SIGN_BIN_SIZE = ${4}, |
| 31 | }; |
| 32 | EOF |
| 33 | |
| 34 | host_binary="${2}/`basename ${1}`" |
| 35 | host_binary_signed="${D}/firmware/signed_`basename ${1}`" |
| 36 | |
| 37 | ${PYTHON} ${S}/bl2/ext/mcuboot/scripts/wrapper/wrapper.py \ |
| 38 | -v ${RE_LAYOUT_WRAPPER_VERSION} \ |
| 39 | --layout ${B}/${host_binary_layout} \ |
| 40 | -k ${TFM_SIGN_PRIVATE_KEY} \ |
| 41 | --public-key-format full \ |
| 42 | --align 1 \ |
| 43 | --pad \ |
| 44 | --pad-header \ |
| 45 | -H ${RE_IMAGE_OFFSET} \ |
| 46 | -s auto \ |
| 47 | ${host_binary} \ |
| 48 | ${host_binary_signed} |
| 49 | |
| 50 | } |