diff options
author | davidcunado-arm <david.cunado@arm.com> | 2017-06-22 15:12:20 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-06-22 15:12:20 +0100 |
commit | dac22c65597f6c630dc8949802a17fb29da342f5 (patch) | |
tree | a383212b8d752297ebb8a198e89e506b586c89e5 | |
parent | 41605ffe2af2adeb1dd851eb0b739cbb8a3da5ab (diff) | |
parent | 63634800fcd82c3395959bcc88328427f6c06308 (diff) |
Merge pull request #990 from masahir0y/uniphier
uniphier: embed ROTPK hash into BL1/BL2
-rw-r--r-- | plat/socionext/uniphier/platform.mk | 18 | ||||
-rw-r--r-- | plat/socionext/uniphier/uniphier_rotpk.S | 15 | ||||
-rw-r--r-- | plat/socionext/uniphier/uniphier_tbbr.c | 6 |
3 files changed, 38 insertions, 1 deletions
diff --git a/plat/socionext/uniphier/platform.mk b/plat/socionext/uniphier/platform.mk index af8e3ace..7ea0f108 100644 --- a/plat/socionext/uniphier/platform.mk +++ b/plat/socionext/uniphier/platform.mk @@ -86,11 +86,29 @@ TBB_SOURCES := drivers/auth/auth_mod.c \ drivers/auth/img_parser_mod.c \ drivers/auth/tbbr/tbbr_cot.c \ plat/common/tbbr/plat_tbbr.c \ + $(PLAT_PATH)/uniphier_rotpk.S \ $(PLAT_PATH)/uniphier_tbbr.c BL1_SOURCES += $(TBB_SOURCES) BL2_SOURCES += $(TBB_SOURCES) +ROT_KEY = $(BUILD_PLAT)/rot_key.pem +ROTPK_HASH = $(BUILD_PLAT)/rotpk_sha256.bin + +$(eval $(call add_define_val,ROTPK_HASH,'"$(ROTPK_HASH)"')) +$(BUILD_PLAT)/bl1/uniphier_rotpk.o: $(ROTPK_HASH) +$(BUILD_PLAT)/bl2/uniphier_rotpk.o: $(ROTPK_HASH) + +certificates: $(ROT_KEY) +$(ROT_KEY): + @echo " OPENSSL $@" + $(Q)openssl genrsa 2048 > $@ 2>/dev/null + +$(ROTPK_HASH): $(ROT_KEY) + @echo " OPENSSL $@" + $(Q)openssl rsa -in $< -pubout -outform DER 2>/dev/null |\ + openssl dgst -sha256 -binary > $@ 2>/dev/null + endif .PHONY: bl1_gzip diff --git a/plat/socionext/uniphier/uniphier_rotpk.S b/plat/socionext/uniphier/uniphier_rotpk.S new file mode 100644 index 00000000..0045a349 --- /dev/null +++ b/plat/socionext/uniphier/uniphier_rotpk.S @@ -0,0 +1,15 @@ +/* + * Copyright (c) 2017, ARM Limited and Contributors. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + + .global uniphier_rotpk_hash + .global uniphier_rotpk_hash_end +uniphier_rotpk_hash: + /* DER header */ + .byte 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48 + .byte 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 + /* SHA256 */ + .incbin ROTPK_HASH +uniphier_rotpk_hash_end: diff --git a/plat/socionext/uniphier/uniphier_tbbr.c b/plat/socionext/uniphier/uniphier_tbbr.c index cafe1a37..1c834111 100644 --- a/plat/socionext/uniphier/uniphier_tbbr.c +++ b/plat/socionext/uniphier/uniphier_tbbr.c @@ -6,10 +6,14 @@ #include <platform.h> +extern char uniphier_rotpk_hash[], uniphier_rotpk_hash_end[]; + int plat_get_rotpk_info(void *cookie, void **key_ptr, unsigned int *key_len, unsigned int *flags) { - *flags = ROTPK_NOT_DEPLOYED; + *key_ptr = uniphier_rotpk_hash; + *key_len = uniphier_rotpk_hash_end - uniphier_rotpk_hash; + *flags = ROTPK_IS_HASH; return 0; } |