Lukas Funke | 76b08b7 | 2023-07-18 13:53:14 +0200 | [diff] [blame] | 1 | # SPDX-License-Identifier: GPL-2.0+ |
| 2 | # Copyright (C) 2023 Weidmüller Interface GmbH & Co. KG |
| 3 | # Lukas Funke <lukas.funke@weidmueller.com> |
| 4 | # |
| 5 | """Bintool implementation for fdt_add_pubkey""" |
| 6 | |
| 7 | from binman import bintool |
| 8 | |
| 9 | class Bintoolfdt_add_pubkey(bintool.Bintool): |
| 10 | """Add public key to control dtb (spl or u-boot proper) |
| 11 | |
| 12 | This bintool supports running `fdt_add_pubkey`. |
| 13 | |
| 14 | Normally mkimage adds signature information to the control dtb. However |
| 15 | binman images are built independent from each other. Thus it is required |
| 16 | to add the public key separately from mkimage. |
| 17 | """ |
| 18 | def __init__(self, name): |
| 19 | super().__init__(name, 'Generate image for U-Boot') |
| 20 | |
| 21 | # pylint: disable=R0913 |
| 22 | def run(self, input_fname, keydir, keyname, required, algo): |
| 23 | """Run fdt_add_pubkey |
| 24 | |
| 25 | Args: |
| 26 | input_fname (str): dtb file to sign |
| 27 | keydir (str): Directory with public key. Optional parameter, |
| 28 | default value: '.' (current directory) |
| 29 | keyname (str): Public key name. Optional parameter, |
| 30 | default value: key |
| 31 | required (str): If present this indicates that the key must be |
| 32 | verified for the image / configuration to be considered valid. |
| 33 | algo (str): Cryptographic algorithm. Optional parameter, |
| 34 | default value: sha1,rsa2048 |
| 35 | """ |
| 36 | args = [] |
| 37 | if algo: |
| 38 | args += ['-a', algo] |
| 39 | if keydir: |
| 40 | args += ['-k', keydir] |
| 41 | if keyname: |
| 42 | args += ['-n', keyname] |
| 43 | if required: |
| 44 | args += ['-r', required] |
| 45 | |
| 46 | args += [ input_fname ] |
| 47 | |
| 48 | return self.run_cmd(*args) |
| 49 | |
| 50 | def fetch(self, method): |
| 51 | """Fetch handler for fdt_add_pubkey |
| 52 | |
| 53 | This installs fdt_add_pubkey using the apt utility. |
| 54 | |
| 55 | Args: |
| 56 | method (FETCH_...): Method to use |
| 57 | |
| 58 | Returns: |
| 59 | True if the file was fetched and now installed, None if a method |
| 60 | other than FETCH_BIN was requested |
| 61 | |
| 62 | Raises: |
| 63 | Valuerror: Fetching could not be completed |
| 64 | """ |
| 65 | if method != bintool.FETCH_BIN: |
| 66 | return None |
| 67 | return self.apt_install('u-boot-tools') |