~funderscore blog cgit wiki get in touch
aboutsummaryrefslogtreecommitdiff
blob: a50774200c99c3de3bf77577633eda6d0ceb16e2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
# SPDX-License-Identifier: GPL-2.0+
# Copyright (C) 2023 Weidmüller Interface GmbH & Co. KG
# Lukas Funke <lukas.funke@weidmueller.com>
#
"""Bintool implementation for fdt_add_pubkey"""

from binman import bintool

class Bintoolfdt_add_pubkey(bintool.Bintool):
    """Add public key to control dtb (spl or u-boot proper)

    This bintool supports running `fdt_add_pubkey`.

    Normally mkimage adds signature information to the control dtb. However
    binman images are built independent from each other. Thus it is required
    to add the public key separately from mkimage.
    """
    def __init__(self, name):
        super().__init__(name, 'Generate image for U-Boot')

    # pylint: disable=R0913
    def run(self, input_fname, keydir, keyname, required, algo):
        """Run fdt_add_pubkey

        Args:
            input_fname (str): dtb file to sign
            keydir (str): Directory with public key. Optional parameter,
                default value: '.' (current directory)
            keyname (str): Public key name. Optional parameter,
                default value: key
            required (str): If present this indicates that the key must be
                verified for the image / configuration to be considered valid.
            algo (str): Cryptographic algorithm. Optional parameter,
                default value: sha1,rsa2048
        """
        args = []
        if algo:
            args += ['-a', algo]
        if keydir:
            args += ['-k', keydir]
        if keyname:
            args += ['-n', keyname]
        if required:
            args += ['-r', required]

        args += [ input_fname ]

        return self.run_cmd(*args)

    def fetch(self, method):
        """Fetch handler for fdt_add_pubkey

        This installs fdt_add_pubkey using the apt utility.

        Args:
            method (FETCH_...): Method to use

        Returns:
            True if the file was fetched and now installed, None if a method
            other than FETCH_BIN was requested

        Raises:
            Valuerror: Fetching could not be completed
        """
        if method != bintool.FETCH_BIN:
            return None
        return self.apt_install('u-boot-tools')