diff options
| author | Vadim Bendebury <vbendeb@chromium.org> | 2019-03-18 14:57:42 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-03-21 03:31:41 -0700 |
| commit | d728c3c9a9154893b52e5053387f3625d1132b57 (patch) | |
| tree | fd0c9e0f63cf905e9256ee8df1130182f5925b81 | |
| parent | b6f4defb81d24b696c111abae97648fe303f8322 (diff) | |
| download | vboot-d728c3c9a9154893b52e5053387f3625d1132b57.tar.gz | |
sign_cr50_firmware: use sanitized manifest file
This patch makes sure that Cr50 manifest included in the builder
produced tarball is stripped to remove the comments before it is given
to jq for processing.
Also a little clean up.
BRANCH=none
BUG=b:74100307
TEST=tested as described in the next patch.
Change-Id: I4852fea7c21752c45fcfe4cc60d45f264f142bab
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1529387
Reviewed-by: Mike Frysinger <vapier@chromium.org>
| -rwxr-xr-x | scripts/image_signing/sign_cr50_firmware.sh | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/scripts/image_signing/sign_cr50_firmware.sh b/scripts/image_signing/sign_cr50_firmware.sh index e4f33bdb..ae61cee5 100755 --- a/scripts/image_signing/sign_cr50_firmware.sh +++ b/scripts/image_signing/sign_cr50_firmware.sh @@ -109,8 +109,8 @@ sign_rw() { local rma_key_dir="$4" local elfs=( "$5" "$6" ) local result_file="$7" - local temp_dir="$(make_temp_dir)" + local rma_key_base if [[ ! -f "${result_file}" ]]; then die "${result_file} not found." @@ -118,19 +118,19 @@ sign_rw() { # If signing a chip factory image (version 0.0.22) do not try figuring out the # RMA keys. - local cr50_verson="$(jq '.epoch * 10000 + .major * 100 + .minor' \ - "${manifest_file}") + local cr50_version="$(jq '.epoch * 10000 + .major * 100 + .minor' \ + "${manifest_file}")" - if [[ "${cr50_verson}" != "22" ]]; then + if [[ "${cr50_version}" != "22" ]]; then rma_key_base="$(determine_rma_key_base "${rma_key_dir}" "${elfs[@]}")" else - echo "Ignoring RMA keys for factory branch ${cr50_verson}" + echo "Ignoring RMA keys for factory branch ${cr50_version}" fi local signer_command_params=(--b -x "${fuses_file}" --key "${key_file}") # Swap test public RMA server key with the prod version. - if [[ "${ignore_rma_keys}" != "yes" ]]; then + if [[ -n "${rma_key_base}" ]]; then signer_command_params+=( --swap "${rma_key_base}.test","${rma_key_base}.prod" ) @@ -159,7 +159,7 @@ sign_rw() { "-i ${elf} -o ${signed_file} failed" fi - if [[ "${ignore_rma_keys}" != "yes" ]]; then + if [[ -n "${rma_key_base}" ]]; then if find_blob_in_blob "${signed_file}" "${rma_key_base}.test"; then die "test RMA key in the signed image!" fi @@ -221,7 +221,7 @@ sign_cr50_firmware() { fi local key_file="$1" - local manifest_file="$2" + local manifest_source="$2" local fuses_file="$3" local rma_key_dir="$4" local ro_a_hex="$5" @@ -229,13 +229,20 @@ sign_cr50_firmware() { local rw_a="$7" local rw_b="$8" local output_file="$9" - local temp_dir="$(make_temp_dir)" + local manifest_file # The H1 chip where Cr50 firmware runs has 512K of flash, the generated # image must match the flash size. IMAGE_SIZE="$(( 512 * 1024 ))" + # Sanitize manifest released by the builder. + manifest_file="${temp_dir}/$(basename "${manifest_source}")" + if ! cr50-codesigner --convert-json --input "${manifest_source}" \ + --output "${manifest_file}"; then + die "failed to convert ${manifest_source} into valid json" + fi + dd if=/dev/zero bs="${IMAGE_SIZE}" count=1 status=none | tr '\000' '\377' > "${output_file}" if [[ "$(stat -c '%s' "${output_file}")" != "${IMAGE_SIZE}" ]]; then |