Commit 9df69ba3 authored by dp-arm's avatar dp-arm
Browse files

fiptool: Add support for printing the sha256 digest with info command

This feature allows one to quickly verify that the expected
image is contained in the FIP without extracting the image and
running sha256sum(1) on it.

The sha256 digest is only shown when the verbose flag is used.

This change requires libssl-dev to be installed in order to build
Trusted Firmware. Previously, libssl-dev was optionally needed only
to support Trusted Board Boot configurations.

Fixes ARM-Software/tf-issues#124

Change-Id: Ifb1408d17f483d482bb270a589ee74add25ec5a6
parent 77b05323
...@@ -64,7 +64,7 @@ Cygwin, and Msys (MinGW) shells, using version 4.9.1 of the GNU toolchain. ...@@ -64,7 +64,7 @@ Cygwin, and Msys (MinGW) shells, using version 4.9.1 of the GNU toolchain.
Install the required packages to build Trusted Firmware with the following Install the required packages to build Trusted Firmware with the following
command: command:
sudo apt-get install build-essential gcc make git sudo apt-get install build-essential gcc make git libssl-dev
Download and install the AArch64 little-endian GCC cross compiler as indicated Download and install the AArch64 little-endian GCC cross compiler as indicated
in the [Linaro instructions][Linaro SW Instructions]. in the [Linaro instructions][Linaro SW Instructions].
...@@ -74,8 +74,6 @@ In addition, the following optional packages and tools may be needed: ...@@ -74,8 +74,6 @@ In addition, the following optional packages and tools may be needed:
* `device-tree-compiler` package if you need to rebuild the Flattened Device * `device-tree-compiler` package if you need to rebuild the Flattened Device
Tree (FDT) source files (`.dts` files) provided with this software. Tree (FDT) source files (`.dts` files) provided with this software.
* `libssl-dev` package if Trusted Board Boot is enabled in the build.
* For debugging, ARM [Development Studio 5 (DS-5)][DS-5]. * For debugging, ARM [Development Studio 5 (DS-5)][DS-5].
......
...@@ -44,6 +44,7 @@ ifeq (${DEBUG},1) ...@@ -44,6 +44,7 @@ ifeq (${DEBUG},1)
else else
CFLAGS += -O2 CFLAGS += -O2
endif endif
LDLIBS := -lcrypto
ifeq (${V},0) ifeq (${V},0)
Q := @ Q := @
...@@ -62,7 +63,7 @@ all: ${PROJECT} fip_create ...@@ -62,7 +63,7 @@ all: ${PROJECT} fip_create
${PROJECT}: ${OBJECTS} Makefile ${PROJECT}: ${OBJECTS} Makefile
@echo " LD $@" @echo " LD $@"
${Q}${CC} ${OBJECTS} -o $@ ${Q}${CC} ${OBJECTS} -o $@ ${LDLIBS}
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
@echo "Built $@ successfully" @echo "Built $@ successfully"
@${ECHO_BLANK_LINE} @${ECHO_BLANK_LINE}
......
...@@ -42,6 +42,8 @@ ...@@ -42,6 +42,8 @@
#include <string.h> #include <string.h>
#include <unistd.h> #include <unistd.h>
#include <openssl/sha.h>
#include "fiptool.h" #include "fiptool.h"
#include "firmware_image_package.h" #include "firmware_image_package.h"
#include "tbbr_config.h" #include "tbbr_config.h"
...@@ -354,6 +356,14 @@ static void add_opt(struct option *opts, int idx, char *name, ...@@ -354,6 +356,14 @@ static void add_opt(struct option *opts, int idx, char *name,
opts[idx].val = val; opts[idx].val = val;
} }
static void md_print(unsigned char *md, size_t len)
{
size_t i;
for (i = 0; i < len; i++)
printf("%02x", md[i]);
}
static int info_cmd(int argc, char *argv[]) static int info_cmd(int argc, char *argv[])
{ {
image_t *image; image_t *image;
...@@ -391,10 +401,16 @@ static int info_cmd(int argc, char *argv[]) ...@@ -391,10 +401,16 @@ static int info_cmd(int argc, char *argv[])
(unsigned long long)image_offset, (unsigned long long)image_offset,
(unsigned long long)image_size); (unsigned long long)image_size);
if (image->toc_entry != NULL) if (image->toc_entry != NULL)
printf(", cmdline=\"--%s\"\n", printf(", cmdline=\"--%s\"",
image->toc_entry->cmdline_name); image->toc_entry->cmdline_name);
else if (verbose) {
putchar('\n'); unsigned char md[SHA256_DIGEST_LENGTH];
SHA256(image->buffer, image_size, md);
printf(", sha256=");
md_print(md, sizeof(md));
}
putchar('\n');
image_offset += image_size; image_offset += image_size;
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment