trustfence-cst: fetch cst tarball from Digi FTP

Since cst-3.3.1 is now distributed with a BSD-3-Clause license, it is allowed
to distribute its source code from the Digi FTP.

Fetch the tarball from that location.

Signed-off-by: Gonzalo Ruiz <Gonzalo.Ruiz@digi.com>

meta-digi-arm/recipes-bsp/trustfence-cst/trustfence-cst.inc

@@ -3,7 +3,8 @@ SUMMARY = "NXP Code signing Tool for the High Assurance Boot library"
 DESCRIPTION = "Provides software code signing support designed for use with \
 i.MX processors that integrate the HAB library in the internal boot ROM."
 HOMEPAGE = "https://www.nxp.com/webapp/Download?colCode=IMX_CST_TOOL"
-LICENSE = "CLOSED"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE.bsd3;md5=1fbcd66ae51447aa94da10cbf6271530"
 
 DEPENDS = "openssl byacc flex"
 
@@ -15,7 +16,7 @@ DEPENDS = "openssl byacc flex"
 DEPENDS_append_class-nativesdk = " byacc-native openssl-native"
 
 SRC_URI = " \
-    ${@oe.utils.conditional('TRUSTFENCE_SIGN', '1', 'file://cst-${PV}.tgz', '', d)} \
+    ${@oe.utils.conditional('TRUSTFENCE_SIGN', '1', '${DIGI_PKG_SRC}/cst-${PV}.tgz', '', d)} \
     file://0001-gen_auth_encrypted_data-reuse-existing-DEK-file.patch \
     file://0002-hab4_pki_tree.sh-automate-script.patch \
     file://0003-openssl_helper-use-dev-urandom-as-seed-source.patch \
@@ -25,6 +26,9 @@ SRC_URI = " \
     file://0007-Makefile-statically-link-libcrypto.patch \
 "
 
+SRC_URI[md5sum] = "27ba9c8bc0b8a7f14d23185775c53794"
+SRC_URI[sha256sum] = "8b7e44e3e126f814f5caf8a634646fe64021405302ca59ff02f5c8f3b9a5abb9"
+
 # Usually local files (with file:// protocol) are not checked for
 # premirrors. But in this case we want to be able to download the 'cst'
 # package from a premirror in case it's not already in the DL_DIR, so prepend