def gen_pub_key_hash_store (signing_key, pub_key_hash_list, hash_alg, sign_scheme, svn, pub_key_dir, out_file):
# Build key hash blob
key_hash_buf = bytearray ()
idx = 0
for usage, key_file in pub_key_hash_list:
pub_key_file = os.path.dirname(out_file) + '/PUBKEY%02d.bin' % idx
gen_pub_key (os.path.join(pub_key_dir, key_file), pub_key_file)
key_hash_alg = adjust_hash_type (pub_key_file)
hash_data = gen_hash_file (pub_key_file, key_hash_alg, None, True)
key_hash_entry = HashStoreData()
key_hash_entry.Usage = usage
key_hash_entry.HashAlg = HASH_TYPE_VALUE[key_hash_alg]
key_hash_entry.DigestLen = len(hash_data)
key_hash_buf.extend (bytearray(key_hash_entry) + hash_data)
idx += 1
key_store_bin_file = out_file + '.raw'
gen_file_from_object (key_store_bin_file, key_hash_buf)
key_store_cnt_file = os.path.basename(out_file)
key_store_bin_file = os.path.basename(key_store_bin_file)
key_type = get_key_type(signing_key)
sign_scheme = sign_scheme[sign_scheme.index("_")+1:]
auth_type = key_type + '_' + sign_scheme + '_' + hash_alg
hash_store = [('KEYH', key_store_cnt_file, '', auth_type, signing_key, 0x10, 0, svn)]
hash_store.append ((HashStoreTable.HASH_STORE_SIGNATURE.decode(), key_store_bin_file, '', hash_alg, '', 0x10, 0, svn))
out_dir = os.path.dirname(out_file)
gen_container_bin ([hash_store], out_dir, out_dir, '', '')
def gen_payload_bin(fv_dir,
arch_dir,
pld_list,
pld_bin,
priv_key,
hash_alg,
sign_scheme,
brd_name=None):
fv_dir = os.path.dirname(pld_bin)
for idx, pld in enumerate(pld_list):
if pld['file'] in ['OsLoader.efi', 'FirmwareUpdate.efi']:
pld_base_name = pld['file'].split('.')[0]
src_file = "../%s/PayloadPkg/%s/%s/OUTPUT/%s.efi" % (
arch_dir, pld_base_name, pld_base_name, pld_base_name)
src_file = os.path.join(fv_dir, src_file)
else:
src_file = os.path.join(os.environ['PLT_SOURCE'], 'Platform',
brd_name, 'Binaries', pld['file'])
if (brd_name is None) or (not os.path.exists(src_file)):
src_file = os.path.join("PayloadPkg", "PayloadBins",
pld['file'])
if not os.path.exists(src_file):
src_file = os.path.join(fv_dir, pld['file'])
if idx == 0:
dst_path = pld_bin
else:
dst_path = os.path.join(fv_dir, os.path.basename(src_file))
if not os.path.exists(src_file):
raise Exception("Cannot find payload file '%s' !" % src_file)
if src_file != dst_path:
shutil.copy(src_file, dst_path)
epld_bin = 'E' + os.path.basename(pld_bin)
ext_list = pld_list[1:]
if len(ext_list) == 0:
# Create a empty EPAYLOAD.bin
open(os.path.join(fv_dir, epld_bin), 'wb').close()
return
# E-payloads container format
svn = 0x0
alignment = 0x10
key_dir = os.path.dirname(priv_key)
key_type = get_key_type(priv_key)
sign_scheme = sign_scheme[sign_scheme.index("_") + 1:]
auth_type = key_type + '_' + sign_scheme + '_' + hash_alg
pld_list = [('EPLD', '%s' % epld_bin, '', auth_type,
'%s' % os.path.basename(priv_key), alignment, 0, svn)]
for pld in ext_list:
pld_list.append(
(pld['name'], pld['file'], pld['algo'], hash_alg, '', 0, 0, svn))
gen_container_bin([pld_list], fv_dir, fv_dir, key_dir, '')
def gen_payload_bin(fv_dir, pld_list, pld_bin, priv_key, brd_name=None):
fv_dir = os.path.dirname(pld_bin)
for idx, pld in enumerate(pld_list):
if pld['file'] in ['OsLoader.efi', 'FirmwareUpdate.efi']:
pld_base_name = pld['file'].split('.')[0]
src_file = "../IA32/PayloadPkg/%s/%s/OUTPUT/%s.efi" % (
pld_base_name, pld_base_name, pld_base_name)
src_file = os.path.join(fv_dir, src_file)
else:
src_file = os.path.join(os.environ['PLT_SOURCE'], 'Platform',
brd_name, 'Binaries', pld['file'])
if (brd_name is None) or (not os.path.exists(src_file)):
src_file = os.path.join("PayloadPkg", "PayloadBins",
pld['file'])
if not os.path.exists(src_file):
src_file = os.path.join(fv_dir, pld['file'])
if idx == 0:
dst_path = pld_bin
else:
dst_path = os.path.join(fv_dir, os.path.basename(src_file))
if not os.path.exists(src_file):
raise Exception("Cannot find payload file '%s' !" % src_file)
if src_file != dst_path:
shutil.copy(src_file, dst_path)
epld_bin = 'E' + os.path.basename(pld_bin)
ext_list = pld_list[1:]
if len(ext_list) == 0:
# Create a empty EPAYLOAD.bin
open(os.path.join(fv_dir, epld_bin), 'wb').close()
return
# E-payloads container format
alignment = 0x10
key_dir = os.path.dirname(priv_key)
pld_list = [('EPLD', '%s' % epld_bin, '0x%x' % alignment, 'RSA2048',
'%s' % os.path.basename(priv_key), 0)]
for pld in ext_list:
pld_list.append(
(pld['name'], pld['file'], pld['algo'], 'SHA2_256', '', 0))
gen_container_bin([pld_list], fv_dir, fv_dir, key_dir, '')
