summaryrefslogtreecommitdiff
path: root/src/ipa
diff options
context:
space:
mode:
authorLaurent Pinchart <laurent.pinchart@ideasonboard.com>2020-03-29 04:48:59 +0300
committerLaurent Pinchart <laurent.pinchart@ideasonboard.com>2020-04-14 02:03:09 +0300
commitec9231889156fc9b5debcdb99605fe32964ebaaa (patch)
treebce651032ef06ecdad3e705a087cb518ad8e4d95 /src/ipa
parente62bc9db73531462dc4b28b42596d0ae26369cbd (diff)
libcamera: Add IPA module signing infrastructure
Add infrastructure to generate an RSA private key and sign IPA modules. The signatures are stored in separate files with a .sign suffix. Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Reviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>
Diffstat (limited to 'src/ipa')
-rwxr-xr-xsrc/ipa/gen-ipa-priv-key.sh11
-rwxr-xr-xsrc/ipa/ipa-sign.sh13
-rw-r--r--src/ipa/meson.build2
-rw-r--r--src/ipa/rkisp1/meson.build25
-rw-r--r--src/ipa/vimc/meson.build12
5 files changed, 54 insertions, 9 deletions
diff --git a/src/ipa/gen-ipa-priv-key.sh b/src/ipa/gen-ipa-priv-key.sh
new file mode 100755
index 00000000..919751f2
--- /dev/null
+++ b/src/ipa/gen-ipa-priv-key.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2020, Google Inc.
+#
+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+#
+# gen-ipa-priv-key.sh - Generate an RSA private key to sign IPA modules
+
+key="$1"
+
+openssl genpkey -algorithm RSA -out "${key}" -pkeyopt rsa_keygen_bits:2048
diff --git a/src/ipa/ipa-sign.sh b/src/ipa/ipa-sign.sh
new file mode 100755
index 00000000..8673dad1
--- /dev/null
+++ b/src/ipa/ipa-sign.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2020, Google Inc.
+#
+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+#
+# ipa-sign.sh - Generate a signature for an IPA module
+
+key="$1"
+input="$2"
+output="$3"
+
+openssl dgst -sha256 -sign "${key}" -out "${output}" "${input}"
diff --git a/src/ipa/meson.build b/src/ipa/meson.build
index 73278a60..cb4e3ab3 100644
--- a/src/ipa/meson.build
+++ b/src/ipa/meson.build
@@ -10,6 +10,8 @@ config_h.set('IPA_MODULE_DIR',
subdir('libipa')
+ipa_sign = find_program('ipa-sign.sh')
+
ipas = ['rkisp1', 'vimc']
foreach pipeline : get_option('pipelines')
diff --git a/src/ipa/rkisp1/meson.build b/src/ipa/rkisp1/meson.build
index 521518bd..6ccadcfb 100644
--- a/src/ipa/rkisp1/meson.build
+++ b/src/ipa/rkisp1/meson.build
@@ -1,8 +1,17 @@
-rkisp1_ipa = shared_module('ipa_rkisp1',
- 'rkisp1.cpp',
- name_prefix : '',
- include_directories : [ipa_includes, libipa_includes],
- dependencies : libcamera_dep,
- link_with : libipa,
- install : true,
- install_dir : ipa_install_dir)
+ipa_name = 'ipa_rkisp1'
+
+mod = shared_module(ipa_name,
+ 'rkisp1.cpp',
+ name_prefix : '',
+ include_directories : [ipa_includes, libipa_includes],
+ dependencies : libcamera_dep,
+ link_with : libipa,
+ install : true,
+ install_dir : ipa_install_dir)
+
+custom_target(ipa_name + '.so.sign',
+ input : mod,
+ output : ipa_name + '.so.sign',
+ command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
+ install : true,
+ install_dir : ipa_install_dir)
diff --git a/src/ipa/vimc/meson.build b/src/ipa/vimc/meson.build
index e827e75f..3097a12f 100644
--- a/src/ipa/vimc/meson.build
+++ b/src/ipa/vimc/meson.build
@@ -1,4 +1,7 @@
-ipa = shared_module('ipa_vimc', 'vimc.cpp',
+ipa_name = 'ipa_vimc'
+
+mod = shared_module(ipa_name,
+ 'vimc.cpp',
name_prefix : '',
include_directories : [ipa_includes, libipa_includes],
dependencies : libcamera_dep,
@@ -6,3 +9,10 @@ ipa = shared_module('ipa_vimc', 'vimc.cpp',
install : true,
install_dir : ipa_install_dir,
cpp_args : '-DLICENSE="LGPL-2.1-or-later"')
+
+custom_target(ipa_name + '.so.sign',
+ input : mod,
+ output : ipa_name + '.so.sign',
+ command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
+ install : true,
+ install_dir : ipa_install_dir)