diff options
| author | Jimmy Zhang <jimmzhang@nvidia.com> | 2015-10-19 16:01:54 -0700 |
|---|---|---|
| committer | Stephen Warren <swarren@nvidia.com> | 2015-10-19 17:33:18 -0600 |
| commit | dc126cfdc11bccbdb37708598451d6cabb5d02c2 (patch) | |
| tree | b87d69aec7df2db6211a255b17dbfd8671cb9cef /src/set.c | |
| parent | d4d2e8a65ce794836abbe3d0115e13a39c01edf2 (diff) | |
| download | nvidia-cbootimage-dc126cfdc11bccbdb37708598451d6cabb5d02c2.tar.gz | |
Add support for update pubkey and rsa-pss signatures
Create new configuration keywords:
RsaKeyModulusFile: pubkey modulus
RsaPssSigBlFile: bootloader rsa pss signature
RsaPssSigBctFile: bct rsa pss signature
Sample Configuration file update_bl_sig.cfg
RsaKeyModulusFile = pubkey.mod;
RsaPssSigBlFile = bl.sig;
where pubkey.mod and bl.sig are files that contain the public key
modulus and bootloader's rsa-pss signature respectively.
public key modulus and signature are created through utilities
outside cbootimage.
Command line example:
$ cbootimage -s tegra210 -u update_bl_sig.cfg image.bin image.bin-bl-signed
Above three new keywords added in this CL are only implemented to support
for T210.
Signed-off-by: Jimmy Zhang <jimmzhang@nvidia.com>
Signed-off-by: Stephen Warren <swarren@nvidia.com>
Diffstat (limited to 'src/set.c')
| -rw-r--r-- | src/set.c | 44 |
1 files changed, 44 insertions, 0 deletions
@@ -147,6 +147,50 @@ set_mts_image(build_image_context *context, context->mts_entry_point = entry_point; return update_mts_image(context); } + +int +set_rsa_param(build_image_context *context, parse_token token, + char *filename) +{ + int result; + u_int8_t *rsa_storage; /* Holds the rsa param after reading */ + int32_t size; /* Bytes to read */ + u_int32_t actual_size; /* In bytes */ + + if ((size = g_soc_config->get_value_size(token)) <= 0) { + printf("Error: Unsupported token %d for value size.\n", token); + exit(1); + } + + /* Read the image into memory. */ + result = read_from_image(filename, + 0, + (u_int32_t)size, + &rsa_storage, + &actual_size, + file_type_bin); + + if (result) { + printf("Error reading file %s.\n", filename); + exit(1); + } + + if (actual_size != size) { + printf("Error: invalid size, file %s.\n", filename); + exit(1); + } + + if (enable_debug) + printf("Updating token %d with file %s\n", (int)token, filename); + + /* set to appropriate bct field */ + result = g_soc_config->set_value(token, + rsa_storage, context->bct); + + free(rsa_storage); + return result; +} + #define DEFAULT() \ default: \ printf("Unexpected token %d at line %d\n", \ |