From a3162777b1baec1a4df5919156f51fef492b0f6f Mon Sep 17 00:00:00 2001 From: Brian Woods Date: Thu, 2 Sep 2021 16:52:18 -0700 Subject: Add FIT signing options to config Also add [-f] to the help message as it was missing. Signed-off-by: Brian Woods Reviewed-by: Stefano Stabellini Signed-off-by: Stefano Stabellini --- README.md | 10 ++++++++++ scripts/uboot-script-gen | 14 +++++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index bf6e374..b87a199 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,8 @@ UBOOT_SOURCE="boot.source" UBOOT_SCRIPT="boot.scr" FDTEDIT="imagebuilder.dtb" FIT="boot.fit" +FIT_ENC_KEY_DIR="dir/key" +FIT_ENC_UB_DTB="uboot.dtb" ``` Where: @@ -133,6 +135,14 @@ Where: - FIT is an optional and is off by default. Specifies using a fit image for booting rather than individual files. +- FIT_ENC_KEY_DIR is optional but specifies the directory and hint used + for signing a FIT image. The CLI arguments overwrite what's in the + config. See the -u option below for more information. + +- FIT_ENC_UB_DTB is optional but specifies the u-boot dtb to modify and + include the public key in. This can only be used with + FIT_ENC_KEY_DIR. See the -u option below for more information. + Then you can invoke uboot-script-gen as follows: ``` diff --git a/scripts/uboot-script-gen b/scripts/uboot-script-gen index e3f2753..3677b20 100755 --- a/scripts/uboot-script-gen +++ b/scripts/uboot-script-gen @@ -272,7 +272,7 @@ function print_help { script=`basename "$0"` echo "usage:" - echo " $script -c CONFIG_FILE -d DIRECTORY [-t LOAD_CMD] [-o FILE] [-k KEY_DIR/HINT [-u U-BOOT_DTB]] [-e]" + echo " $script -c CONFIG_FILE -d DIRECTORY [-t LOAD_CMD] [-o FILE] [-k KEY_DIR/HINT [-u U-BOOT_DTB]] [-e] [-f]" echo " $script -h" echo "where:" echo " CONFIG_FILE - configuration file" @@ -323,10 +323,10 @@ while getopts ":c:t:d:ho:k:u:ef" opt; do UBOOT_SCRIPT_ARG=$OPTARG ;; k ) - FIT_ENC_KEY_DIR=$OPTARG + fits_keyd_opt=$OPTARG ;; u ) - FIT_ENC_UB_DTB=$OPTARG + fits_dtb_opt=$OPTARG ;; e ) efi_opt=y @@ -444,6 +444,14 @@ then FIT="${UBOOT_SOURCE%.source}.fit" fi +if test "$fits_keyd_opt" +then + FIT_ENC_KEY_DIR="$fits_keyd_opt" +fi +if test "$fits_dtb_opt" +then + FIT_ENC_UB_DTB="$fits_dtb_opt" +fi fit_algo=$'hash {\n algo = "md5";\n };' if test "$FIT_ENC_KEY_DIR" || test "$FIT_ENC_UB_DTB" then -- cgit v1.2.3