Skip to content

Commit

Permalink
suit: Build system alignments for encryption
Browse files Browse the repository at this point in the history 
The sign script uses numeric key-ids instead of string
key-ids and is invoke by suit-generator.
Changed encryption build system to match this behavior
too.

Signed-off-by: Artur Hadasz <[email protected]>
  • Loading branch information
@ahasztag
ahasztag committed Jan 17, 2025
1 parent 6354857 commit 0cd3d12
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 6 deletions.
4 changes: 2 additions & 2 deletions cmake/sysbuild/suit.cmake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -248,13 +248,13 @@ function(suit_create_package)
endif()

set(SUIT_ENCRYPT_ARGS)
sysbuild_get(encrypt_string_key_id IMAGE ${image} VAR CONFIG_SUIT_ENVELOPE_TARGET_ENCRYPT_STRING_KEY_ID KCONFIG)
sysbuild_get(encrypt_key_id IMAGE ${image} VAR CONFIG_SUIT_ENVELOPE_TARGET_ENCRYPT_KEY_ID KCONFIG)
sysbuild_get(encrypt_key_name IMAGE ${image} VAR CONFIG_SUIT_ENVELOPE_TARGET_ENCRYPT_KEY_NAME KCONFIG)
sysbuild_get(plaintext_hash_alg IMAGE ${image} VAR CONFIG_SUIT_ENVELOPE_TARGET_ENCRYPT_PLAINTEXT_HASH_ALG_NAME KCONFIG)

list(APPEND SUIT_ENCRYPT_ARGS --firmware ${BINARY_DIR}/zephyr/${BINARY_FILE})
list(APPEND SUIT_ENCRYPT_ARGS --key-name ${encrypt_key_name})
list(APPEND SUIT_ENCRYPT_ARGS --string-key-id ${encrypt_string_key_id})
list(APPEND SUIT_ENCRYPT_ARGS --key-id ${encrypt_key_id})
list(APPEND SUIT_ENCRYPT_ARGS --hash-alg ${plaintext_hash_alg})
list(APPEND SUIT_ENCRYPT_ARGS --context ${SB_CONFIG_SUIT_ENVELOPE_KMS_SCRIPT_CONTEXT})
list(APPEND SUIT_ENCRYPT_ARGS --kms-script ${SUIT_KMS_SCRIPT})
Expand Down
9 changes: 5 additions & 4 deletions cmake/sysbuild/suit_utilities.cmake
View file
Original file line number Diff line number Diff line change
Expand Up @@ -189,17 +189,18 @@ function(suit_encrypt_image args output_directory)
endif()

list(APPEND args --output-dir ${output_directory})
list(APPEND args --encrypt-script ${encrypt_script})

set_property(
GLOBAL APPEND PROPERTY SUIT_POST_BUILD_COMMANDS
COMMAND ${CMAKE_COMMAND} -E make_directory ${output_directory}
)

set_property(
GLOBAL APPEND PROPERTY SUIT_POST_BUILD_COMMANDS
COMMAND
PYTHONPATH=${ZEPHYR_SUIT_GENERATOR_MODULE_DIR}${SEP}$ENV{PYTHONPATH}
${PYTHON_EXECUTABLE}
${encrypt_script} encrypt-and-generate
COMMAND ${PYTHON_EXECUTABLE} ${SUIT_GENERATOR_CLI_SCRIPT}
encrypt
encrypt-and-generate
${args}
)
endfunction()
Expand Down

0 comments on commit 0cd3d12

Please sign in to comment.