From dfda74348e40ef87ce46a27ed99023e6b4928225 Mon Sep 17 00:00:00 2001 From: Arturo Buzarra Date: Tue, 26 Mar 2024 13:06:51 +0100 Subject: [PATCH] trustfence: stm: fix TRUSTFENCE_PASSWORD_FILE initialization for ccmp13 platform Trustfence class was setting the TRUSTFENCE_PASSWORD_FILE variable using the old keys format where a unique key_pass.txt file contains all the key passwords. However, in the new format there are one key_pass file for each key, so using a PKI tree with the new format throws an unexpected error in the FIP generation due to it is not able to find the required key password. This commit sets the TRUSTFENCE_PASSWORD_FILE variable for the ccmp1 platforms on different way. Signed-off-by: Arturo Buzarra --- meta-digi-dey/classes/trustfence.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-digi-dey/classes/trustfence.bbclass b/meta-digi-dey/classes/trustfence.bbclass index 0db6afa1d..2030014d4 100644 --- a/meta-digi-dey/classes/trustfence.bbclass +++ b/meta-digi-dey/classes/trustfence.bbclass @@ -177,9 +177,10 @@ python () { d.setVar("FIP_SIGN_KEY_EXTERNAL", "1") if (d.getVar("DIGI_SOM") == "ccmp15" ): d.setVar("FIP_SIGN_KEY", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/privateKey.pem"); + d.setVar("TRUSTFENCE_PASSWORD_FILE", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/key_pass.txt") elif (d.getVar("DIGI_SOM") == "ccmp13" ): d.setVar("FIP_SIGN_KEY", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/privateKey0%s.pem" % d.getVar("TRUSTFENCE_KEY_INDEX")); - d.setVar("TRUSTFENCE_PASSWORD_FILE", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/key_pass.txt") + d.setVar("TRUSTFENCE_PASSWORD_FILE", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/key_pass0%s.txt" % d.getVar("TRUSTFENCE_KEY_INDEX")) d.appendVar("UBOOT_TF_CONF", "CONFIG_SIGN_IMAGE=y ") if (d.getVar("TRUSTFENCE_SIGN_ARTIFACTS") == "1"):