From 4af45819d009bf5a0d2f61e044045c6accbb7142 Mon Sep 17 00:00:00 2001 From: Kieran Bingham Date: Wed, 9 Sep 2020 12:56:07 +0100 Subject: libcamera: ipa: Move key generation to utils Move the GPLv2 utilities used for generating public and private keys to the utilities subtree. Signed-off-by: Kieran Bingham Reviewed-by: Laurent Pinchart Reviewed-by: Paul Elder --- utils/gen-ipa-priv-key.sh | 11 +++++++++++ utils/gen-ipa-pub-key.py | 48 +++++++++++++++++++++++++++++++++++++++++++++++ utils/meson.build | 4 ++++ 3 files changed, 63 insertions(+) create mode 100755 utils/gen-ipa-priv-key.sh create mode 100755 utils/gen-ipa-pub-key.py (limited to 'utils') diff --git a/utils/gen-ipa-priv-key.sh b/utils/gen-ipa-priv-key.sh new file mode 100755 index 00000000..919751f2 --- /dev/null +++ b/utils/gen-ipa-priv-key.sh @@ -0,0 +1,11 @@ +#!/bin/sh +# SPDX-License-Identifier: GPL-2.0-or-later +# Copyright (C) 2020, Google Inc. +# +# Author: Laurent Pinchart +# +# gen-ipa-priv-key.sh - Generate an RSA private key to sign IPA modules + +key="$1" + +openssl genpkey -algorithm RSA -out "${key}" -pkeyopt rsa_keygen_bits:2048 diff --git a/utils/gen-ipa-pub-key.py b/utils/gen-ipa-pub-key.py new file mode 100755 index 00000000..a4a1f7b7 --- /dev/null +++ b/utils/gen-ipa-pub-key.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python3 +# SPDX-License-Identifier: GPL-2.0-or-later +# Copyright (C) 2020, Google Inc. +# +# Author: Laurent Pinchart +# +# ipa-gen-key.py - Generate the IPA module signing public key + +import string +import subprocess +import sys + + +def main(argv): + if len(argv) != 4: + print('Usage: %s priv-key template output' % argv[0]) + return 1 + + priv_key = argv[1] + template = argv[2] + output = argv[3] + + try: + ret = subprocess.run(['openssl', 'rsa', '-pubout', '-in', priv_key, + '-outform', 'DER'], + stdout=subprocess.PIPE) + except FileNotFoundError: + print('Please install openssl to sign IPA modules') + return 1 + + ipa_key = ['0x%02x' % c for c in ret.stdout] + ipa_key = [', '.join(ipa_key[bound:bound + 8]) for bound in range(0, len(ipa_key), 8)] + ipa_key = ',\n\t'.join(ipa_key) + data = {'ipa_key': ipa_key} + + template = open(template, 'rb').read() + template = template.decode('utf-8') + template = string.Template(template) + + f = open(output, 'wb') + f.write(template.substitute(data).encode('utf-8')) + f.close() + + return 0 + + +if __name__ == '__main__': + sys.exit(main(sys.argv)) diff --git a/utils/meson.build b/utils/meson.build index ef5507b1..456bf7f8 100644 --- a/utils/meson.build +++ b/utils/meson.build @@ -6,3 +6,7 @@ subdir('ipu3') gen_controls = files('gen-controls.py') gen_formats = files('gen-formats.py') gen_header = files('gen-header.sh') + +## Module signing +gen_ipa_priv_key = files('gen-ipa-priv-key.sh') +gen_ipa_pub_key = files('gen-ipa-pub-key.py') -- cgit v1.2.1