diff options
| author | Jimmy Zhang <jimmzhang@nvidia.com> | 2015-10-19 16:01:54 -0700 |
|---|---|---|
| committer | Stephen Warren <swarren@nvidia.com> | 2015-10-19 17:33:18 -0600 |
| commit | dc126cfdc11bccbdb37708598451d6cabb5d02c2 (patch) | |
| tree | b87d69aec7df2db6211a255b17dbfd8671cb9cef /src/parse.c | |
| parent | d4d2e8a65ce794836abbe3d0115e13a39c01edf2 (diff) | |
| download | cbootimage-dc126cfdc11bccbdb37708598451d6cabb5d02c2.tar.gz | |
Add support for update pubkey and rsa-pss signatures
Create new configuration keywords:
RsaKeyModulusFile: pubkey modulus
RsaPssSigBlFile: bootloader rsa pss signature
RsaPssSigBctFile: bct rsa pss signature
Sample Configuration file update_bl_sig.cfg
RsaKeyModulusFile = pubkey.mod;
RsaPssSigBlFile = bl.sig;
where pubkey.mod and bl.sig are files that contain the public key
modulus and bootloader's rsa-pss signature respectively.
public key modulus and signature are created through utilities
outside cbootimage.
Command line example:
$ cbootimage -s tegra210 -u update_bl_sig.cfg image.bin image.bin-bl-signed
Above three new keywords added in this CL are only implemented to support
for T210.
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Diffstat (limited to 'src/parse.c')
| -rw-r--r-- | src/parse.c | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/src/parse.c b/src/parse.c index 8c98244..667895c 100644 --- a/src/parse.c +++ b/src/parse.c @@ -65,6 +65,8 @@ parse_bootloader(build_image_context *context, parse_token token, char *rest); static int parse_mts_image(build_image_context *context, parse_token token, char *rest); static int +parse_rsa_param(build_image_context *context, parse_token token, char *rest); +static int parse_value_u32(build_image_context *context, parse_token token, char *rest); static int parse_value_chipuid(build_image_context *context, @@ -116,6 +118,9 @@ static parse_item s_top_level_items[] = { { "ChipUid=", token_unique_chip_id, parse_value_chipuid }, { "JtagCtrl=", token_secure_jtag_control, parse_value_u32 }, { "DebugCtrl=", token_secure_debug_control, parse_value_u32 }, + { "RsaKeyModulusFile=", token_rsa_key_modulus, parse_rsa_param }, + { "RsaPssSigBlFile=", token_rsa_pss_sig_bl, parse_rsa_param }, + { "RsaPssSigBctFile=", token_rsa_pss_sig_bct, parse_rsa_param }, { NULL, 0, NULL } /* Must be last */ }; @@ -480,6 +485,36 @@ static int parse_mts_image(build_image_context *context, } /* + * Parse the given rsa modulus/key/signature file name + * then call set_rsa_settings to set proper rsa field. + * + * @param context The main context pointer + * @param token The parse token value + * @param rest String to parse + * @return 0 and 1 for success and failure + */ +static int parse_rsa_param(build_image_context *context, + parse_token token, + char *rest) +{ + char filename[MAX_BUFFER]; + + assert(context != NULL); + assert(rest != NULL); + + if (context->generate_bct != 0) + return 0; + + /* Parse the file name. */ + rest = parse_filename(rest, filename, MAX_BUFFER); + if (rest == NULL) + return 1; + + /* Parsing has finished - set the bootloader */ + return set_rsa_param(context, token, filename); +} + +/* * Parse the given string and find the array items in config file. * * @param context The main context pointer @@ -939,3 +974,8 @@ void process_config_file(build_image_context *context, u_int8_t simple_parse) printf("Error parsing: %s\n", buffer); exit(1); } + +int bct_get_unsupported(parse_token id) +{ + return -ENODATA; +} |