build: Allow signing SYSFW with custom key on non-HS devices
authorAndreas Dannenberg <dannenberg@ti.com>
Wed, 5 Jun 2019 20:08:06 +0000 (15:08 -0500)
committerAndreas Dannenberg <dannenberg@ti.com>
Mon, 10 Jun 2019 16:41:17 +0000 (11:41 -0500)
Enable the existing make variable KEY that was introduced to specify
the signing key used to sign SYSFW for use on HS devices to also be
used to sign SYSFW images destined for GP devices, overriding the
default random key that is used for signing.

Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Reviewed-by: Suman Anna <s-anna@ti.com>
Makefile

index 95ee273183305153d10c0e3ba14b8e4227d7f14d..586873023a8cdc4ec14c3a2ec1fd7a246e7db5c5 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -117,8 +117,13 @@ sysfw.bin: $(SYSFW_HS_CERTS_PATH) $(SYSFW_HS_PATH)
        cat $^ > $@
 else
 sysfw.bin: $(SYSFW_PATH) sysfw_version
-       @echo "Signing the SYSFW release image with random key..."
-       ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000
+       @if [ -n "$(KEY)" ]; then \
+               echo "Signing the SYSFW release image with $(KEY) key..."; \
+               ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000 -k $(KEY); \
+       else \
+               echo "Signing the SYSFW release image with random key..."; \
+               ./gen_x509_cert.sh -c m3 -b $< -o $@ -l 0x40000; \
+       fi
 endif
 
 $(ITS): $(BINS)