libcamera: ipa_manager: Embed IPA module signing public key

In preparation for verifying the signature of IPA modules, generate a
public key from the private signing key and embed it in the IPAManager
class.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>

1 files changed, 46 insertions, 0 deletions

diff --git a/src/libcamera/gen-ipa-pub-key.py b/src/libcamera/gen-ipa-pub-key.py
new file mode 100755
index 00000000..ad575b18
--- /dev/null
+++ b/src/libcamera/gen-ipa-pub-key.py
@@ -0,0 +1,46 @@
+#!/usr/bin/env python3
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2020, Google Inc.
+#
+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+#
+# ipa-gen-key.py - Generate the IPA module signing public key
+
+import string
+import subprocess
+import sys
+
+
+def main(argv):
+    if len(argv) != 4:
+        print('Usage: %s priv-key template output' % argv[0])
+        return 1
+
+    priv_key = argv[1]
+    template = argv[2]
+    output = argv[3]
+
+    try:
+        ret = subprocess.run(['openssl', 'rsa', '-pubout', '-in', priv_key,
+                              '-outform', 'DER'],
+                             stdout=subprocess.PIPE)
+    except FileNotFoundError:
+        print('Please install openssl to sign IPA modules')
+        return 1
+
+    ipa_key = ', '.join(['0x%02x' % c for c in ret.stdout])
+    data = {'ipa_key': ipa_key}
+
+    template = open(template, 'rb').read()
+    template = template.decode('utf-8')
+    template = string.Template(template)
+
+    f = open(output, 'wb')
+    f.write(template.substitute(data).encode('utf-8'))
+    f.close()
+
+    return 0
+
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv))