[Feature] add GA346 baseline version
Change-Id: Ic62933698569507dcf98240cdf5d9931ae34348f
diff --git a/meta/meta-mediatek/recipes-bsp/bl33/files/pbp/sctrlcert.py b/meta/meta-mediatek/recipes-bsp/bl33/files/pbp/sctrlcert.py
new file mode 100755
index 0000000..214703f
--- /dev/null
+++ b/meta/meta-mediatek/recipes-bsp/bl33/files/pbp/sctrlcert.py
@@ -0,0 +1,170 @@
+import sys
+import os
+import struct
+script_folder, script_name = os.path.split(os.path.realpath(__file__))
+sys.path.append(os.path.join(script_folder, "lib"))
+import gfh
+import cert
+
+def get_file_sizeb(file_path):
+ if not os.path.isfile(file_path):
+ return 0
+ file_handle = open(file_path, "rb")
+ file_handle.seek(0, 2)
+ file_size = file_handle.tell()
+ file_handle.close()
+ return file_size
+
+def concatb(file1_path, file2_path):
+ file1_size = get_file_sizeb(file1_path)
+ file2_size = get_file_sizeb(file2_path)
+ file1 = open(file1_path, "ab+")
+ file2 = open(file2_path, "rb")
+ file1.write(file2.read(file2_size))
+ file2.close()
+ file1.close()
+
+class sctrl_cert:
+ def __init__(self, out_path, sctrl_cert_path):
+ self.m_out_path = out_path
+ if not os.path.exists(self.m_out_path):
+ os.makedirs(self.m_out_path)
+ self.m_sctrl_cert_path = sctrl_cert_path
+ self.m_gfh = gfh.image_gfh()
+ self.m_key_path = ""
+ self.m_out_path = out_path
+ self.m_sig_handler = None
+ def create_gfh(self, gfh_config):
+ self.m_gfh.load_ini(gfh_config)
+ self.m_gfh.dump()
+ return
+ def sign(self, key_ini_path, key_cert_path, primary_dbg_config_ini_path, primary_dbg_path, secondary_config_file_path):
+ #tool auth contains only gfh and signature, no extra content
+ self.m_gfh.finalize(0, key_ini_path)
+ #create tbs_sctrl_cert.bin
+ tbs_sctrl_cert_file_path = os.path.join(self.m_out_path, "tbs_sctrl_cert.bin")
+ tbs_sctrl_cert_file = open(tbs_sctrl_cert_file_path, "wb")
+ tbs_sctrl_cert_file.write(self.m_gfh.pack())
+ tbs_sctrl_cert_file.close()
+ print "===sctrl_cert sign==="
+ if self.m_gfh.get_sig_type() == "CERT_CHAIN":
+ self.m_sig_handler = cert.cert_chain_v5()
+ #create key cert
+ if key_cert_path == "":
+ key_cert_path = os.path.join(self.m_out_path, "key_cert.bin")
+ if os.path.isfile(key_ini_path):
+ key_cert_folder_name, key_cert_file_name = os.path.split(os.path.abspath(key_cert_path))
+ self.m_sig_handler.create_key_cert(key_ini_path, self.m_out_path, key_cert_file_name)
+ key_cert_path = os.path.join(self.m_out_path, key_cert_file_name)
+ else:
+ self.m_sig_handler.set_key_cert(key_cert_path)
+ #create primary debug cert
+ if primary_dbg_path == "":
+ primary_dbg_path = "primary_dbg_cert.bin"
+ if os.path.isfile(primary_dbg_config_ini_path):
+ primary_dbg_cert_folder_name, primary_dbg_cert_file_name = os.path.split(os.path.abspath(primary_dbg_path))
+ self.m_sig_handler.create_primary_dbg_cert(primary_dbg_config_ini_path, tbs_sctrl_cert_file_path, self.m_out_path, primary_dbg_cert_file_name)
+ primary_dbg_cert_path = os.path.join(self.m_out_path, primary_dbg_cert_file_name)
+ else:
+ self.m_sig_handler.set_primary_dbg_cert(primary_dbg_path)
+ #create secondary debug cert
+ secondary_dbg_cert_file_name = "secondary_dbg_cert.bin"
+ secondary_dbg_cert_file_path = os.path.join(self.m_out_path, secondary_dbg_cert_file_name)
+ self.m_sig_handler.create_secondary_dbg_cert(secondary_config_file_path, self.m_out_path, secondary_dbg_cert_file_name)
+ #create final cert chain
+ sig_name = "sctrl_cert.sig"
+ sig_file_path = os.path.join(self.m_out_path, sig_name)
+ self.m_sig_handler.output(self.m_out_path, sig_name)
+ #create final sctrl cert
+ if os.path.isfile(self.m_sctrl_cert_path):
+ os.remove(self.m_sctrl_cert_path)
+ concatb(self.m_sctrl_cert_path, tbs_sctrl_cert_file_path)
+ concatb(self.m_sctrl_cert_path, sig_file_path)
+ os.remove(secondary_dbg_cert_file_path)
+ elif self.m_gfh.get_sig_type() == "SINGLE":
+ self.m_sig_handler = cert.sig_single(self.m_gfh.get_pad_type())
+ self.m_sig_handler.set_out_path(self.m_out_path)
+ self.m_sig_handler.create(key_ini_path, tbs_sctrl_cert_file_path)
+ self.m_sig_handler.sign()
+ sig_name = "sctrl_cert.sig"
+ sig_file_path = os.path.join(self.m_out_path, sig_name)
+ self.m_sig_handler.output(self.m_out_path, sig_name)
+ #create final toolauth file
+ if os.path.isfile(self.m_sctrl_cert_path):
+ os.remove(self.m_sctrl_cert_path)
+ concatb(self.m_sctrl_cert_path, tbs_sctrl_cert_file_path)
+ concatb(self.m_sctrl_cert_path, sig_file_path)
+ else:
+ print "unknown signature type"
+
+ #clean up
+ os.remove(tbs_sctrl_cert_file_path)
+ os.remove(sig_file_path)
+ return
+
+def main():
+ #parameter parsing
+ idx = 1
+ key_ini_path = ""
+ key_cert_path = ""
+ gfh_config_ini_path = ""
+ primary_dbg_path = ""
+ primary_dbg_config_ini_path = ""
+ secondary_dbg_config_ini_path = ""
+ sctrl_cert_path = ""
+
+ while idx < len(sys.argv):
+ if sys.argv[idx][0] == '-':
+ if sys.argv[idx][1] == 'i':
+ print "key: " + sys.argv[idx + 1]
+ key_ini_path = sys.argv[idx + 1]
+ idx += 2
+ elif sys.argv[idx][1] == 'g':
+ print "gfh config: " + sys.argv[idx + 1]
+ gfh_config_ini_path = sys.argv[idx + 1]
+ idx += 2
+ elif sys.argv[idx][1] == 'p':
+ print "primary dbg cert: " + sys.argv[idx + 1]
+ primary_dbg_path = sys.argv[idx + 1]
+ idx += 2
+ elif sys.argv[idx][1] == 'q':
+ print "primary dbg cert config: " + sys.argv[idx + 1]
+ primary_dbg_config_ini_path = sys.argv[idx + 1]
+ idx += 2
+ elif sys.argv[idx][1] == 's':
+ print "secondary dbg cert config: " + sys.argv[idx + 1]
+ secondary_dbg_config_ini_path = sys.argv[idx + 1]
+ idx += 2
+ elif sys.argv[idx][1] == 'k':
+ print "key cert: " + sys.argv[idx + 1]
+ key_cert_path = sys.argv[idx + 1]
+ idx += 2
+ else:
+ print "unknown input"
+ idx += 2
+ else:
+ sctrl_cert_path = sys.argv[idx]
+ print "sctrl_cert_path: " + sctrl_cert_path
+ idx += 1
+
+ if not key_cert_path and not key_ini_path:
+ print "key path is not given!"
+ return -1
+ if not gfh_config_ini_path:
+ print "sctrl_cert_config_path is not given!"
+ return -1
+ if not sctrl_cert_path:
+ print "sctrl_cert is not given!"
+ return -1
+
+ out_path = os.path.dirname(os.path.abspath(sctrl_cert_path))
+
+ sctrl_cert_obj = sctrl_cert(out_path, sctrl_cert_path)
+ sctrl_cert_obj.create_gfh(gfh_config_ini_path)
+ sctrl_cert_obj.sign(key_ini_path, key_cert_path, primary_dbg_config_ini_path, primary_dbg_path, secondary_dbg_config_ini_path)
+
+ return 0
+
+if __name__ == '__main__':
+ main()
+