cr50: prepare using blobs as RMA key sources

This patch brings in both prod and test RMA server public keys as two
binary files.

A bash script for converting binary blob into C definition is also
provided.

BRANCH=cr50, cr50-mp
BUG=b:73296144, b:74100307
TEST=none yet

Change-Id: I2edd78164b8c912408ac7eda2e0a3a0262a8e81f
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/990782
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
(cherry picked from commit 44c81deec45960c4e3f7f6b11999c28419f6c2ef)
Reviewed-on: https://chromium-review.googlesource.com/1015611

4 files changed, 48 insertions, 0 deletions

diff --git a/board/cr50/rma_key_blob.README.md b/board/cr50/rma_key_blob.README.md
new file mode 100644
index 0000000000..8270086bfe
--- /dev/null
+++ b/board/cr50/rma_key_blob.README.md
@@ -0,0 +1,6 @@
+The rma_key_blob.{prod,test} files in this directory are 33 byte binary blobs
+concatenating the 32 byte of respective public key used by prod or test RMA
+server and one byte of the key ID.
+
+The util/bin2h.sh script is used to convert these binary blobs into .h
+file containing a #define statement which is suitable for use in C.
diff --git a/board/cr50/rma_key_blob.prod b/board/cr50/rma_key_blob.prod
new file mode 100644
index 0000000000..54e8fd5a1d
--- /dev/null
+++ b/board/cr50/rma_key_blob.prod
diff --git a/board/cr50/rma_key_blob.test b/board/cr50/rma_key_blob.test
new file mode 100644
index 0000000000..c8b0062e64
--- /dev/null
+++ b/board/cr50/rma_key_blob.test
@@ -0,0 +1 @@
+®-,#às
Ó·’¬TÅý~œð¨ë~*µÛôy_Š(?
\ No newline at end of file
diff --git a/util/bin2h.sh b/util/bin2h.sh
new file mode 100755
index 0000000000..1507bc4004
--- /dev/null
+++ b/util/bin2h.sh
@@ -0,0 +1,41 @@
+#!/bin/bash
+#
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+#
+# This script converts input binary blob into output .h file,
+#
+# The three command line arguments are:
+#
+#  - name of the variable to define in the output .h file
+#  - input binary blob to be converted to hex ASCII
+#  - name of the output file
+#
+# The output file contains a C #define statement assigning the variable to hex
+# dump of the input file.
+#
+# This script is supposed to be invoked from the make file, no command line
+# argument verification is done.
+
+# Make sure the user is alerted if not enough command line arguments are
+# supplied.
+set -u
+
+variable_name="${1}"
+input_file="${2}"
+output_file="${3}"
+
+key_dump="$(od -An -tx1 -w8 ${input_file} | \
+    sed 's/^ /\t0x/;s/ /, 0x/g;s/$/, \\/')"
+
+cat > ${output_file} <<EOF
+/*
+ * This is a generated file, do not edit.
+ */
+
+#define ${variable_name} { \\
+${key_dump}
+}
+
+EOF