diff options
-rwxr-xr-x | scripts/gen_x509_combined_cert.sh | 56 |
1 files changed, 34 insertions, 22 deletions
diff --git a/scripts/gen_x509_combined_cert.sh b/scripts/gen_x509_combined_cert.sh index c6c596fdb..f7b141ca6 100755 --- a/scripts/gen_x509_combined_cert.sh +++ b/scripts/gen_x509_combined_cert.sh | |||
@@ -43,7 +43,6 @@ VALID_ROM_CORES="r5 m3" | |||
43 | VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11" | 43 | VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11" |
44 | SHA=sha512 | 44 | SHA=sha512 |
45 | CORE=m3 | 45 | CORE=m3 |
46 | LOADADDR=0x00040000 | ||
47 | VALID_MASTERS="rom dmsc" | 46 | VALID_MASTERS="rom dmsc" |
48 | 47 | ||
49 | declare -A sha_oids | 48 | declare -A sha_oids |
@@ -91,6 +90,9 @@ usage() { | |||
91 | echo "Examples of usage:-" | 90 | echo "Examples of usage:-" |
92 | echo "# Example of generation a combined boot image" | 91 | echo "# Example of generation a combined boot image" |
93 | echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin" | 92 | echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin" |
93 | echo | ||
94 | echo "# Example of generation of a split boardcfg image for use with DM firmware" | ||
95 | echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-fs-firmware-j7200-gp.bin -m 0x40000 -d combined-tifs-cfg.bin -n 0x7f000 -t out/soc/j7200/evm/combined-dm-cfg.bin -y 0x41c80000 -k ti-degenerate-key.pem -o tiboot3.bin" | ||
94 | } | 96 | } |
95 | 97 | ||
96 | options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5" | 98 | options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5" |
@@ -99,8 +101,8 @@ options_help[s]="SYSFW: Bin file corresponding to sysfw image" | |||
99 | options_help[m]="SYSFW loadaddress: SYSFW image load address" | 101 | options_help[m]="SYSFW loadaddress: SYSFW image load address" |
100 | options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations" | 102 | options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations" |
101 | options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address" | 103 | options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address" |
102 | options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA." | 104 | options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA. (OPTIONAL)" |
103 | options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address" | 105 | options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address (OPTIONAL)" |
104 | options_help[k]="key_file:file with key inside it. If not provided script generates a random key." | 106 | options_help[k]="key_file:file with key inside it. If not provided script generates a random key." |
105 | 107 | ||
106 | while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt | 108 | while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt |
@@ -191,9 +193,29 @@ SYSFW_DATA_SHA_VAL=`openssl dgst -$SHA -hex $SYSFW_DATA | sed -e "s/^.*= //g"` | |||
191 | SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c` | 193 | SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c` |
192 | SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR` | 194 | SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR` |
193 | 195 | ||
194 | DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"` | 196 | # Only process DM_DATA is variable is provided, or set size to 0 and num_comps to 3 for cert |
195 | DM_DATA_SIZE=`cat $DM_DATA | wc -c` | 197 | if [ -n "$DM_DATA" ]; then |
196 | DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR` | 198 | DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"` |
199 | DM_DATA_SIZE=`cat $DM_DATA | wc -c` | ||
200 | DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR` | ||
201 | NUM_COMPS_COUNT=4 | ||
202 | DM_DATA_EXT_BOOT_SEQUENCE_STRING="dm_data=SEQUENCE:dm_data" | ||
203 | read -r -d '' DM_DATA_EXT_BOOT_BLOCK << EOM | ||
204 | [dm_data]\\ | ||
205 | compType = INTEGER:17\\ | ||
206 | bootCore = INTEGER:16\\ | ||
207 | compOpts = INTEGER:0\\ | ||
208 | destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR\\ | ||
209 | compSize = INTEGER:DM_DATA_IMAGE_SIZE\\ | ||
210 | shaType = OID:DM_DATA_IMAGE_SHA_OID\\ | ||
211 | shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL | ||
212 | EOM | ||
213 | else | ||
214 | DM_DATA_SIZE=`printf "%08x" 0` | ||
215 | NUM_COMPS_COUNT=3 | ||
216 | DM_DATA_EXT_BOOT_SEQUENCE_STRING="" | ||
217 | DM_DATA_EXT_BOOT_BLOCK="" | ||
218 | fi | ||
197 | 219 | ||
198 | TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE) | 220 | TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE) |
199 | 221 | ||
@@ -226,11 +248,11 @@ cat << 'EOF' > $TEMP_X509 | |||
226 | 248 | ||
227 | [ext_boot_info] | 249 | [ext_boot_info] |
228 | extImgSize=INTEGER:TOTAL_IMAGE_LENGTH | 250 | extImgSize=INTEGER:TOTAL_IMAGE_LENGTH |
229 | numComp=INTEGER:4 | 251 | numComp=INTEGER:NUM_COMPS_COUNT |
230 | sbl=SEQUENCE:sbl | 252 | sbl=SEQUENCE:sbl |
231 | sysfw=SEQUENCE:sysfw | 253 | sysfw=SEQUENCE:sysfw |
232 | sysfw_data=SEQUENCE:sysfw_data | 254 | sysfw_data=SEQUENCE:sysfw_data |
233 | dm_data=SEQUENCE:dm_data | 255 | DM_DATA_EXT_BOOT_SEQUENCE_STRING |
234 | 256 | ||
235 | [sbl] | 257 | [sbl] |
236 | compType = INTEGER:1 | 258 | compType = INTEGER:1 |
@@ -258,21 +280,14 @@ cat << 'EOF' > $TEMP_X509 | |||
258 | compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE | 280 | compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE |
259 | shaType = OID:SYSFW_DATA_IMAGE_SHA_OID | 281 | shaType = OID:SYSFW_DATA_IMAGE_SHA_OID |
260 | shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL | 282 | shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL |
261 | 283 | DM_DATA_EXT_BOOT_BLOCK | |
262 | [dm_data] | ||
263 | compType = INTEGER:17 | ||
264 | bootCore = INTEGER:16 | ||
265 | compOpts = INTEGER:0 | ||
266 | destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR | ||
267 | compSize = INTEGER:DM_DATA_IMAGE_SIZE | ||
268 | shaType = OID:DM_DATA_IMAGE_SHA_OID | ||
269 | shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL | ||
270 | EOF | 284 | EOF |
271 | } | 285 | } |
272 | 286 | ||
273 | gen_cert() { | 287 | gen_cert() { |
274 | echo "Certificate being generated :" | 288 | echo "Certificate being generated :" |
275 | #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL | 289 | #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL |
290 | sed -i "s/NUM_COMPS_COUNT/$NUM_COMPS_COUNT/" $TEMP_X509 | ||
276 | sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509 | 291 | sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509 |
277 | sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509 | 292 | sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509 |
278 | sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 | 293 | sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 |
@@ -288,6 +303,8 @@ gen_cert() { | |||
288 | sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 | 303 | sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 |
289 | sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509 | 304 | sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509 |
290 | #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL | 305 | #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL |
306 | sed -i "s/DM_DATA_EXT_BOOT_BLOCK/$DM_DATA_EXT_BOOT_BLOCK/" $TEMP_X509 | ||
307 | sed -i "s/DM_DATA_EXT_BOOT_SEQUENCE_STRING/$DM_DATA_EXT_BOOT_SEQUENCE_STRING/" $TEMP_X509 | ||
291 | sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509 | 308 | sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509 |
292 | sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509 | 309 | sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509 |
293 | sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 | 310 | sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 |
@@ -303,8 +320,3 @@ cat $CERT $SBL $SYSFW $SYSFW_DATA $DM_DATA > $OUTPUT | |||
303 | 320 | ||
304 | echo "SUCCESS: Image $OUTPUT generated." | 321 | echo "SUCCESS: Image $OUTPUT generated." |
305 | 322 | ||
306 | # Remove all intermediate files | ||
307 | rm $TEMP_X509 $CERT | ||
308 | if [ "$KEY" == "$RAND_KEY" ]; then | ||
309 | rm $RAND_KEY | ||
310 | fi | ||