trustfence-sign-tools: don't encrypt artifacts in ccimx8mn/ccimx8mm projects

Attempting to boot encrypted artifacts on these platforms will result in HAB
events caused by CAAM errors. This is due to the CAAM being configured for
non-secure contexts (in regards to Trustzone) while the HAB expects it to be
configured for secure contexts.

For now, only sign artifacts for these platforms even if the project has the
encryption feature enabled.

https://jira.digi.com/browse/DUB-993

Signed-off-by: Gabriel Valcazar <gabriel.valcazar@digi.com>

meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact.sh

@@ -123,17 +123,11 @@ if [ -z "${CONFIG_RAM_START}" ]; then
 fi
 
 # Get DEK key
-if [ -n "${CONFIG_DEK_PATH}" ]; then
+if [ -n "${CONFIG_DEK_PATH}" ] && [ "${PLATFORM}" != "ccimx8mn" ] && [ "${PLATFORM}" != "ccimx8mm" ]; then
 	if [ ! -f "${CONFIG_DEK_PATH}" ]; then
-		if [ "${PLATFORM}" = "ccimx8mn" ] || [ "${PLATFORM}" = "ccimx8mm" ]; then
-			echo "DEK not found. Generating random 128 bit DEK."
-			[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
-			dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=16 count=1 >/dev/null 2>&1
-		else
-			echo "DEK not found. Generating random 256 bit DEK."
-			[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
-			dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=32 count=1 >/dev/null 2>&1
-		fi
+		echo "DEK not found. Generating random 256 bit DEK."
+		[ -d $(dirname ${CONFIG_DEK_PATH}) ] || mkdir -p $(dirname ${CONFIG_DEK_PATH})
+		dd if=/dev/urandom of="${CONFIG_DEK_PATH}" bs=32 count=1 >/dev/null 2>&1
 	fi
 	dek_size="$((8 * $(stat -L -c %s ${CONFIG_DEK_PATH})))"
 	if [ "${dek_size}" != "128" ] && [ "${dek_size}" != "192" ] && [ "${dek_size}" != "256" ]; then