def gen_pub_key_hash_store (signing_key, pub_key_hash_list, hash_alg, sign_scheme, svn, pub_key_dir, out_file): # Build key hash blob key_hash_buf = bytearray () idx = 0 for usage, key_file in pub_key_hash_list: pub_key_file = os.path.dirname(out_file) + '/PUBKEY%02d.bin' % idx gen_pub_key (os.path.join(pub_key_dir, key_file), pub_key_file) key_hash_alg = adjust_hash_type (pub_key_file) hash_data = gen_hash_file (pub_key_file, key_hash_alg, None, True) key_hash_entry = HashStoreData() key_hash_entry.Usage = usage key_hash_entry.HashAlg = HASH_TYPE_VALUE[key_hash_alg] key_hash_entry.DigestLen = len(hash_data) key_hash_buf.extend (bytearray(key_hash_entry) + hash_data) idx += 1 key_store_bin_file = out_file + '.raw' gen_file_from_object (key_store_bin_file, key_hash_buf) key_store_cnt_file = os.path.basename(out_file) key_store_bin_file = os.path.basename(key_store_bin_file) key_type = get_key_type(signing_key) sign_scheme = sign_scheme[sign_scheme.index("_")+1:] auth_type = key_type + '_' + sign_scheme + '_' + hash_alg hash_store = [('KEYH', key_store_cnt_file, '', auth_type, signing_key, 0x10, 0, svn)] hash_store.append ((HashStoreTable.HASH_STORE_SIGNATURE.decode(), key_store_bin_file, '', hash_alg, '', 0x10, 0, svn)) out_dir = os.path.dirname(out_file) gen_container_bin ([hash_store], out_dir, out_dir, '', '')
def gen_payload_bin(fv_dir, arch_dir, pld_list, pld_bin, priv_key, hash_alg, sign_scheme, brd_name=None): fv_dir = os.path.dirname(pld_bin) for idx, pld in enumerate(pld_list): if pld['file'] in ['OsLoader.efi', 'FirmwareUpdate.efi']: pld_base_name = pld['file'].split('.')[0] src_file = "../%s/PayloadPkg/%s/%s/OUTPUT/%s.efi" % ( arch_dir, pld_base_name, pld_base_name, pld_base_name) src_file = os.path.join(fv_dir, src_file) else: src_file = os.path.join(os.environ['PLT_SOURCE'], 'Platform', brd_name, 'Binaries', pld['file']) if (brd_name is None) or (not os.path.exists(src_file)): src_file = os.path.join("PayloadPkg", "PayloadBins", pld['file']) if not os.path.exists(src_file): src_file = os.path.join(fv_dir, pld['file']) if idx == 0: dst_path = pld_bin else: dst_path = os.path.join(fv_dir, os.path.basename(src_file)) if not os.path.exists(src_file): raise Exception("Cannot find payload file '%s' !" % src_file) if src_file != dst_path: shutil.copy(src_file, dst_path) epld_bin = 'E' + os.path.basename(pld_bin) ext_list = pld_list[1:] if len(ext_list) == 0: # Create a empty EPAYLOAD.bin open(os.path.join(fv_dir, epld_bin), 'wb').close() return # E-payloads container format svn = 0x0 alignment = 0x10 key_dir = os.path.dirname(priv_key) key_type = get_key_type(priv_key) sign_scheme = sign_scheme[sign_scheme.index("_") + 1:] auth_type = key_type + '_' + sign_scheme + '_' + hash_alg pld_list = [('EPLD', '%s' % epld_bin, '', auth_type, '%s' % os.path.basename(priv_key), alignment, 0, svn)] for pld in ext_list: pld_list.append( (pld['name'], pld['file'], pld['algo'], hash_alg, '', 0, 0, svn)) gen_container_bin([pld_list], fv_dir, fv_dir, key_dir, '')
def gen_payload_bin(fv_dir, pld_list, pld_bin, priv_key, brd_name=None): fv_dir = os.path.dirname(pld_bin) for idx, pld in enumerate(pld_list): if pld['file'] in ['OsLoader.efi', 'FirmwareUpdate.efi']: pld_base_name = pld['file'].split('.')[0] src_file = "../IA32/PayloadPkg/%s/%s/OUTPUT/%s.efi" % ( pld_base_name, pld_base_name, pld_base_name) src_file = os.path.join(fv_dir, src_file) else: src_file = os.path.join(os.environ['PLT_SOURCE'], 'Platform', brd_name, 'Binaries', pld['file']) if (brd_name is None) or (not os.path.exists(src_file)): src_file = os.path.join("PayloadPkg", "PayloadBins", pld['file']) if not os.path.exists(src_file): src_file = os.path.join(fv_dir, pld['file']) if idx == 0: dst_path = pld_bin else: dst_path = os.path.join(fv_dir, os.path.basename(src_file)) if not os.path.exists(src_file): raise Exception("Cannot find payload file '%s' !" % src_file) if src_file != dst_path: shutil.copy(src_file, dst_path) epld_bin = 'E' + os.path.basename(pld_bin) ext_list = pld_list[1:] if len(ext_list) == 0: # Create a empty EPAYLOAD.bin open(os.path.join(fv_dir, epld_bin), 'wb').close() return # E-payloads container format alignment = 0x10 key_dir = os.path.dirname(priv_key) pld_list = [('EPLD', '%s' % epld_bin, '0x%x' % alignment, 'RSA2048', '%s' % os.path.basename(priv_key), 0)] for pld in ext_list: pld_list.append( (pld['name'], pld['file'], pld['algo'], 'SHA2_256', '', 0)) gen_container_bin([pld_list], fv_dir, fv_dir, key_dir, '')