From 4af45819d009bf5a0d2f61e044045c6accbb7142 Mon Sep 17 00:00:00 2001
From: Kieran Bingham <kieran.bingham@ideasonboard.com>
Date: Wed, 9 Sep 2020 12:56:07 +0100
Subject: libcamera: ipa: Move key generation to utils

Move the GPLv2 utilities used for generating public and private keys to
the utilities subtree.

Signed-off-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Reviewed-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Paul Elder <paul.elder@ideasonboard.com>
---
 utils/gen-ipa-priv-key.sh | 11 +++++++++++
 utils/gen-ipa-pub-key.py  | 48 +++++++++++++++++++++++++++++++++++++++++++++++
 utils/meson.build         |  4 ++++
 3 files changed, 63 insertions(+)
 create mode 100755 utils/gen-ipa-priv-key.sh
 create mode 100755 utils/gen-ipa-pub-key.py

(limited to 'utils')

diff --git a/utils/gen-ipa-priv-key.sh b/utils/gen-ipa-priv-key.sh
new file mode 100755
index 00000000..919751f2
--- /dev/null
+++ b/utils/gen-ipa-priv-key.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2020, Google Inc.
+#
+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+#
+# gen-ipa-priv-key.sh - Generate an RSA private key to sign IPA modules
+
+key="$1"
+
+openssl genpkey -algorithm RSA -out "${key}" -pkeyopt rsa_keygen_bits:2048
diff --git a/utils/gen-ipa-pub-key.py b/utils/gen-ipa-pub-key.py
new file mode 100755
index 00000000..a4a1f7b7
--- /dev/null
+++ b/utils/gen-ipa-pub-key.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python3
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2020, Google Inc.
+#
+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
+#
+# ipa-gen-key.py - Generate the IPA module signing public key
+
+import string
+import subprocess
+import sys
+
+
+def main(argv):
+    if len(argv) != 4:
+        print('Usage: %s priv-key template output' % argv[0])
+        return 1
+
+    priv_key = argv[1]
+    template = argv[2]
+    output = argv[3]
+
+    try:
+        ret = subprocess.run(['openssl', 'rsa', '-pubout', '-in', priv_key,
+                              '-outform', 'DER'],
+                             stdout=subprocess.PIPE)
+    except FileNotFoundError:
+        print('Please install openssl to sign IPA modules')
+        return 1
+
+    ipa_key = ['0x%02x' % c for c in ret.stdout]
+    ipa_key = [', '.join(ipa_key[bound:bound + 8]) for bound in range(0, len(ipa_key), 8)]
+    ipa_key = ',\n\t'.join(ipa_key)
+    data = {'ipa_key': ipa_key}
+
+    template = open(template, 'rb').read()
+    template = template.decode('utf-8')
+    template = string.Template(template)
+
+    f = open(output, 'wb')
+    f.write(template.substitute(data).encode('utf-8'))
+    f.close()
+
+    return 0
+
+
+if __name__ == '__main__':
+    sys.exit(main(sys.argv))
diff --git a/utils/meson.build b/utils/meson.build
index ef5507b1..456bf7f8 100644
--- a/utils/meson.build
+++ b/utils/meson.build
@@ -6,3 +6,7 @@ subdir('ipu3')
 gen_controls = files('gen-controls.py')
 gen_formats = files('gen-formats.py')
 gen_header = files('gen-header.sh')
+
+## Module signing
+gen_ipa_priv_key = files('gen-ipa-priv-key.sh')
+gen_ipa_pub_key = files('gen-ipa-pub-key.py')
-- 
cgit v1.2.1