aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xscripts/gen_x509_combined_cert.sh56
1 files changed, 34 insertions, 22 deletions
diff --git a/scripts/gen_x509_combined_cert.sh b/scripts/gen_x509_combined_cert.sh
index c6c596fdb..f7b141ca6 100755
--- a/scripts/gen_x509_combined_cert.sh
+++ b/scripts/gen_x509_combined_cert.sh
@@ -43,7 +43,6 @@ VALID_ROM_CORES="r5 m3"
43VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11" 43VALID_DMSC_CORES="r5-00 r5-01 a53-00 a53-01 a53-10 a53-11"
44SHA=sha512 44SHA=sha512
45CORE=m3 45CORE=m3
46LOADADDR=0x00040000
47VALID_MASTERS="rom dmsc" 46VALID_MASTERS="rom dmsc"
48 47
49declare -A sha_oids 48declare -A sha_oids
@@ -91,6 +90,9 @@ usage() {
91 echo "Examples of usage:-" 90 echo "Examples of usage:-"
92 echo "# Example of generation a combined boot image" 91 echo "# Example of generation a combined boot image"
93 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin" 92 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-sci-firmware-j7200-gp-vlab.bin -m 0x40000 -d combined-cfg.bin -n 0x7f000 -o tiboot3.bin"
93 echo
94 echo "# Example of generation of a split boardcfg image for use with DM firmware"
95 echo " $0 -b u-boot-spl.bin -l 0x41c00000 -s ti-fs-firmware-j7200-gp.bin -m 0x40000 -d combined-tifs-cfg.bin -n 0x7f000 -t out/soc/j7200/evm/combined-dm-cfg.bin -y 0x41c80000 -k ti-degenerate-key.pem -o tiboot3.bin"
94} 96}
95 97
96options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5" 98options_help[b]="Boot Loader:Bin file corresponding to boot loader on R5"
@@ -99,8 +101,8 @@ options_help[s]="SYSFW: Bin file corresponding to sysfw image"
99options_help[m]="SYSFW loadaddress: SYSFW image load address" 101options_help[m]="SYSFW loadaddress: SYSFW image load address"
100options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations" 102options_help[d]="SYSFW_DATA: Bin file corresponding to combined board configurations"
101options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address" 103options_help[n]="SYSFW_DATA loadaddr: Combine board configuration load address"
102options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA." 104options_help[t]="DM_DATA: Bin file corresponding to combined board configurations for RM and PM. If this is used, RM and PM do not need to be provided as part of SYSFW_DATA. (OPTIONAL)"
103options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address" 105options_help[y]="DM_DATA loadaddr: Combine RM and PM blob board configuration load address (OPTIONAL)"
104options_help[k]="key_file:file with key inside it. If not provided script generates a random key." 106options_help[k]="key_file:file with key inside it. If not provided script generates a random key."
105 107
106while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt 108while getopts "b:l:s:m:d:n:k:o:h:t:y:" opt
@@ -191,9 +193,29 @@ SYSFW_DATA_SHA_VAL=`openssl dgst -$SHA -hex $SYSFW_DATA | sed -e "s/^.*= //g"`
191SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c` 193SYSFW_DATA_SIZE=`cat $SYSFW_DATA | wc -c`
192SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR` 194SYSFW_DATA_ADDR=`printf "%08x" $SYSFW_DATA_LOADADDR`
193 195
194DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"` 196# Only process DM_DATA is variable is provided, or set size to 0 and num_comps to 3 for cert
195DM_DATA_SIZE=`cat $DM_DATA | wc -c` 197if [ -n "$DM_DATA" ]; then
196DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR` 198 DM_DATA_SHA_VAL=`openssl dgst -$SHA -hex $DM_DATA | sed -e "s/^.*= //g"`
199 DM_DATA_SIZE=`cat $DM_DATA | wc -c`
200 DM_DATA_ADDR=`printf "%08x" $DM_DATA_LOADADDR`
201 NUM_COMPS_COUNT=4
202 DM_DATA_EXT_BOOT_SEQUENCE_STRING="dm_data=SEQUENCE:dm_data"
203read -r -d '' DM_DATA_EXT_BOOT_BLOCK << EOM
204 [dm_data]\\
205 compType = INTEGER:17\\
206 bootCore = INTEGER:16\\
207 compOpts = INTEGER:0\\
208 destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR\\
209 compSize = INTEGER:DM_DATA_IMAGE_SIZE\\
210 shaType = OID:DM_DATA_IMAGE_SHA_OID\\
211 shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL
212EOM
213else
214 DM_DATA_SIZE=`printf "%08x" 0`
215 NUM_COMPS_COUNT=3
216 DM_DATA_EXT_BOOT_SEQUENCE_STRING=""
217 DM_DATA_EXT_BOOT_BLOCK=""
218fi
197 219
198TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE) 220TOTAL_SIZE=$(expr $SBL_SIZE + $SYSFW_SIZE + $SYSFW_DATA_SIZE + $DM_DATA_SIZE)
199 221
@@ -226,11 +248,11 @@ cat << 'EOF' > $TEMP_X509
226 248
227 [ext_boot_info] 249 [ext_boot_info]
228 extImgSize=INTEGER:TOTAL_IMAGE_LENGTH 250 extImgSize=INTEGER:TOTAL_IMAGE_LENGTH
229 numComp=INTEGER:4 251 numComp=INTEGER:NUM_COMPS_COUNT
230 sbl=SEQUENCE:sbl 252 sbl=SEQUENCE:sbl
231 sysfw=SEQUENCE:sysfw 253 sysfw=SEQUENCE:sysfw
232 sysfw_data=SEQUENCE:sysfw_data 254 sysfw_data=SEQUENCE:sysfw_data
233 dm_data=SEQUENCE:dm_data 255 DM_DATA_EXT_BOOT_SEQUENCE_STRING
234 256
235 [sbl] 257 [sbl]
236 compType = INTEGER:1 258 compType = INTEGER:1
@@ -258,21 +280,14 @@ cat << 'EOF' > $TEMP_X509
258 compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE 280 compSize = INTEGER:SYSFW_DATA_IMAGE_SIZE
259 shaType = OID:SYSFW_DATA_IMAGE_SHA_OID 281 shaType = OID:SYSFW_DATA_IMAGE_SHA_OID
260 shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL 282 shaValue = FORMAT:HEX,OCT:SYSFW_DATA_IMAGE_SHA_VAL
261 283 DM_DATA_EXT_BOOT_BLOCK
262 [dm_data]
263 compType = INTEGER:17
264 bootCore = INTEGER:16
265 compOpts = INTEGER:0
266 destAddr = FORMAT:HEX,OCT:DM_DATA_DEST_ADDR
267 compSize = INTEGER:DM_DATA_IMAGE_SIZE
268 shaType = OID:DM_DATA_IMAGE_SHA_OID
269 shaValue = FORMAT:HEX,OCT:DM_DATA_IMAGE_SHA_VAL
270EOF 284EOF
271} 285}
272 286
273gen_cert() { 287gen_cert() {
274 echo "Certificate being generated :" 288 echo "Certificate being generated :"
275 #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL 289 #echo $SBL_ADDR $SBL_SIZE $SBL_SHA_VAL
290 sed -i "s/NUM_COMPS_COUNT/$NUM_COMPS_COUNT/" $TEMP_X509
276 sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509 291 sed -i "s/SBL_DEST_ADDR/$SBL_ADDR/" $TEMP_X509
277 sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509 292 sed -i "s/SBL_IMAGE_SIZE/$SBL_SIZE/" $TEMP_X509
278 sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 293 sed -i "s/SBL_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
@@ -288,6 +303,8 @@ gen_cert() {
288 sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 303 sed -i "s/SYSFW_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
289 sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509 304 sed -i "s/SYSFW_DATA_IMAGE_SHA_VAL/$SYSFW_DATA_SHA_VAL/" $TEMP_X509
290 #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL 305 #echo $DM_DATA_ADDR $DM_DATA_SIZE $DM_DATA_SHA_VAL
306 sed -i "s/DM_DATA_EXT_BOOT_BLOCK/$DM_DATA_EXT_BOOT_BLOCK/" $TEMP_X509
307 sed -i "s/DM_DATA_EXT_BOOT_SEQUENCE_STRING/$DM_DATA_EXT_BOOT_SEQUENCE_STRING/" $TEMP_X509
291 sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509 308 sed -i "s/DM_DATA_DEST_ADDR/$DM_DATA_ADDR/" $TEMP_X509
292 sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509 309 sed -i "s/DM_DATA_IMAGE_SIZE/$DM_DATA_SIZE/" $TEMP_X509
293 sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509 310 sed -i "s/DM_DATA_IMAGE_SHA_OID/$SHA_OID/" $TEMP_X509
@@ -303,8 +320,3 @@ cat $CERT $SBL $SYSFW $SYSFW_DATA $DM_DATA > $OUTPUT
303 320
304echo "SUCCESS: Image $OUTPUT generated." 321echo "SUCCESS: Image $OUTPUT generated."
305 322
306# Remove all intermediate files
307rm $TEMP_X509 $CERT
308if [ "$KEY" == "$RAND_KEY" ]; then
309 rm $RAND_KEY
310fi