From 024732f8cc068f9b48c4a2d9c24052b9e07b456f Mon Sep 17 00:00:00 2001
From: Mike Engel <Mike.Engel@digi.com>
Date: Tue, 22 Dec 2020 20:09:12 +0100
Subject: [PATCH] trustfence: create 128Bit dek when using MX8MN.

This commit creates a 128Bit DEK, which is the max supported
length at the moment for the iMX8M.

Signed-off-by: Mike Engel <Mike.Engel@digi.com>
---
 .../trustfence-sign-artifact.sh                      | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact.sh b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact.sh
index 21ba2b42d..1d4247756 100755
--- a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact.sh
+++ b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact.sh
@@ -128,9 +128,15 @@ if [ "${CONFIG_SIGN_MODE}" = "HAB" ]; then
 	DEK_BLOB_OFFSET="0x100"
 	if [ -n "${CONFIG_DEK_PATH}" ]; then
 		if [ ! -f "${CONFIG_DEK_PATH}" ]; then
-			echo "DEK not found. Generating random 256 bit DEK."
-			[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
-			dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=32 count=1 >/dev/null 2>&1
+			if [ "${PLATFORM}" = "ccimx8mn" ]; then
+				echo "DEK not found. Generating random 128 bit DEK."
+				[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
+				dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=16 count=1 >/dev/null 2>&1
+			else
+				echo "DEK not found. Generating random 256 bit DEK."
+				[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
+				dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=32 count=1 >/dev/null 2>&1
+			fi
 		fi
 		dek_size="$((8 * $(stat -L -c %s ${CONFIG_DEK_PATH})))"
 		if [ "${dek_size}" != "128" ] && [ "${dek_size}" != "192" ] && [ "${dek_size}" != "256" ]; then