TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 953a76180dccc85bc921b23f65a5ec4cf1ba7e17^! / . / boot / zephyr / CMakeLists.txt
commit953a76180dccc85bc921b23f65a5ec4cf1ba7e17[log] [tgz]
authorWouter Cappelle <wouter.cappelle@crodeon.com>Mon May 03 16:53:05 2021 +0200
committerDavid Brown <davidb@davidb.org>Thu Jan 13 14:05:30 2022 -0700
treee335eb4f49089933b8111cea64cf363eb644a8f8
parentf9dbf683744b356bef40740d663e7230be83a714 [diff] [blame]
Add support for signed images in single loader mode

Signed-off-by: Wouter Cappelle <wouter.cappelle@crodeon.com>

diff --git a/boot/zephyr/CMakeLists.txt b/boot/zephyr/CMakeLists.txt
index 0530a05..dde8c36 100644
--- a/boot/zephyr/CMakeLists.txt
+++ b/boot/zephyr/CMakeLists.txt

@@ -143,7 +143,7 @@
   )
 endif()
 
-if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256)
+if(CONFIG_BOOT_SIGNATURE_TYPE_ECDSA_P256 OR CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256)
   zephyr_library_include_directories(
     ${MBEDTLS_ASN1_DIR}/include
     )
@@ -158,6 +158,7 @@
     ${BOOT_DIR}/zephyr/include
     ${TINYCRYPT_DIR}/include
     )
+  zephyr_include_directories(${TINYCRYPT_DIR}/include)
 
   zephyr_library_sources(
     ${TINYCRYPT_DIR}/source/ecc.c
@@ -231,7 +232,7 @@
   )
 endif()
 
-if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519)
+if(CONFIG_BOOT_ENCRYPT_EC256 OR CONFIG_BOOT_ENCRYPT_X25519 OR CONFIG_BOOT_SERIAL_ENCRYPT_EC256)
   zephyr_library_sources(
     ${TINYCRYPT_DIR}/source/aes_encrypt.c
     ${TINYCRYPT_DIR}/source/aes_decrypt.c
@@ -304,6 +305,47 @@
   zephyr_library_sources(${GENERATED_PUBKEY})
 endif()
 
+# CONF_FILE points to the KConfig configuration files of the bootloader.
+unset(CONF_DIR)
+foreach(filepath ${CONF_FILE})
+  file(READ ${filepath} temp_text)
+  string(FIND "${temp_text}" ${CONFIG_BOOT_ENCRYPTION_KEY_FILE} match)
+  if(${match} GREATER_EQUAL 0)
+    if(NOT DEFINED CONF_DIR)
+      get_filename_component(CONF_DIR ${filepath} DIRECTORY)
+    else()
+      message(FATAL_ERROR "Encryption key file defined in multiple conf files")
+    endif()
+  endif()
+endforeach()
+
+
+if(NOT CONFIG_BOOT_ENCRYPTION_KEY_FILE STREQUAL "")
+  if(IS_ABSOLUTE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
+    set(KEY_FILE ${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
+  elseif((DEFINED CONF_DIR) AND
+	 (EXISTS ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE}))
+    set(KEY_FILE ${CONF_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
+  else()
+    set(KEY_FILE ${MCUBOOT_DIR}/${CONFIG_BOOT_ENCRYPTION_KEY_FILE})
+  endif()
+  message("MCUBoot bootloader key file: ${KEY_FILE}")
+
+  set(GENERATED_ENCKEY ${ZEPHYR_BINARY_DIR}/autogen-enckey.c)
+  add_custom_command(
+    OUTPUT ${GENERATED_ENCKEY}
+    COMMAND
+    ${PYTHON_EXECUTABLE}
+    ${MCUBOOT_DIR}/scripts/imgtool.py
+    getpriv
+    -k
+    ${KEY_FILE}
+    > ${GENERATED_ENCKEY}
+    DEPENDS ${KEY_FILE}
+    )
+  zephyr_library_sources(${GENERATED_ENCKEY})
+endif()
+
 if(CONFIG_MCUBOOT_CLEANUP_ARM_CORE)
 zephyr_library_sources(
   ${BOOT_DIR}/zephyr/arm_cleanup.c