summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9eecc3e)
raw | patch | inline | side by side (parent: 9eecc3e)
author | Andrew Davis <afd@ti.com> | |
Thu, 7 Jul 2022 17:19:12 +0000 (12:19 -0500) | ||
committer | Andrew Davis <afd@ti.com> | |
Thu, 7 Jul 2022 17:19:12 +0000 (12:19 -0500) |
Add a file containing the software revision to use for images signed by
this tool. We put this in a file over using an environment variable or
hard-coding it so the revision can be read by other external tooling.
Set the default to 1, this is lowest revision allowed by ROM on newer
K3 devices.
Signed-off-by: Andrew Davis <afd@ti.com>
this tool. We put this in a file over using an environment variable or
hard-coding it so the revision can be read by other external tooling.
Set the default to 1, this is lowest revision allowed by ROM on newer
K3 devices.
Signed-off-by: Andrew Davis <afd@ti.com>
keys/swrv.txt | [new file with mode: 0644] | patch | blob |
scripts/secure-binary-image.sh | patch | blob | history | |
scripts/x509-template.txt | patch | blob | history |
index 36d5da1ac3500eac28a8cb094a1f6ef944ac0f6a..f17cdfd1f52d8e3c6077acab8fa21d043fcd4387 100755 (executable)
exit 1
}
-# check if M-shield-DK tool is installed
+# check where this tool is installed
PREFIX=..
CUSTOMERKEY=${PREFIX}/keys/custMpk.pem
if [ ! -f ${CUSTOMERKEY} ]; then
HS_SHA_VALUE=$(openssl dgst -sha512 -hex $INPUT_FILE | sed -e "s/^.*= //g")
HS_IMAGE_SIZE=$(cat $INPUT_FILE | wc -c)
+# Get software revision info
+HS_SWRV=$(cat ${PREFIX}/keys/swrv.txt)
+
# Parameters to get populated into the x509 template
HS_SED_OPTS="-e s/TEST_IMAGE_LENGTH/${HS_IMAGE_SIZE}/ "
-HS_SED_OPTS+="-e s/TEST_IMAGE_SHA_VAL/${HS_SHA_VALUE}/"
+HS_SED_OPTS+="-e s/TEST_IMAGE_SHA_VAL/${HS_SHA_VALUE}/ "
+HS_SED_OPTS+="-e s/TEST_SWRV/${HS_SWRV}/ "
TMPX509=$(mktemp) || exit 1
cat ${PREFIX}/scripts/x509-template.txt | sed ${HS_SED_OPTS} > ${TMPX509}
index cb3e5d17a0215f80eca771cf533c59462dc2f21d..4cf37565a086d4b4f83cc38812f53a0b7de079db 100644 (file)
1.3.6.1.4.1.294.1.35 = ASN1:SEQUENCE:sysfw_image_load
[ swrv ]
-swrv = INTEGER:0
+swrv = INTEGER:TEST_SWRV
[ sysfw_image_integrity ]
shaType = OID:2.16.840.1.101.3.4.2.3