From b478540413084e19789bed9891993d09fef51184 Mon Sep 17 00:00:00 2001
From: Denis Pynkin <denis.pynkin@collabora.com>
Date: Sun, 9 Feb 2020 23:54:43 +0300
Subject: [PATCH] armhf: FIT and CSF templates

Added templates for single FIT image generation and signing.

Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
---
 sign/imx6/fit_image.template     | 55 ++++++++++++++++++++++++++++++++
 sign/imx6/fit_image_csf.template | 32 +++++++++++++++++++
 2 files changed, 87 insertions(+)
 create mode 100644 sign/imx6/fit_image.template
 create mode 100644 sign/imx6/fit_image_csf.template

diff --git a/sign/imx6/fit_image.template b/sign/imx6/fit_image.template
new file mode 100644
index 00000000..1a1863a1
--- /dev/null
+++ b/sign/imx6/fit_image.template
@@ -0,0 +1,55 @@
+/dts-v1/;
+
+/ {
+    description = "Apertis armhf kernel with dtb and initramfs";
+
+    images {
+        kernel-0 {
+            description = "Linux Kernel";
+            data = /incbin/("{{kernel}}");
+            type = "kernel";
+            arch = "arm";
+            os = "linux";
+            compression = "none";
+            load = <0x10800000>;
+            entry = <0x10800000>;
+            hash-1 {
+                algo = "sha1";
+            };
+        };
+        ramdisk-0 {
+            description = "ramdisk";
+            data = /incbin/("{{ramdisk}}");
+            type = "ramdisk";
+            arch = "arm";
+            os = "linux";
+            compression = "none";
+            load = <0x15000000>;
+            hash-1 {
+                algo = "sha1";
+            };
+        };
+        fdt-0 {
+            description = "Flattened Device Tree blob";
+            data = /incbin/("{{dtb}}");
+            type = "flat_dt";
+            arch = "arm";
+            compression = "none";
+            hash-1 {
+                algo = "sha1";
+            };
+        };
+    };
+    configurations {
+        default = "conf-0";
+        conf-0 {
+            description = "Boot Apertis";
+            kernel = "kernel-0";
+            ramdisk = "ramdisk-0";
+            fdt = "fdt-0";
+            hash-0 {
+                algo = "sha1";
+            };
+        };
+    };
+};
diff --git a/sign/imx6/fit_image_csf.template b/sign/imx6/fit_image_csf.template
new file mode 100644
index 00000000..a236e836
--- /dev/null
+++ b/sign/imx6/fit_image_csf.template
@@ -0,0 +1,32 @@
+[Header]
+    Version = 4
+    Hash Algorithm = sha256
+    Engine Configuration = 0
+    Certificate Format = X509
+    Signature Format = CMS
+    Engine = CAAM
+
+[Install SRK]
+    # Index of the key location in the SRK table to be installed
+    File = "SRK_1_2_3_4_table.bin"
+    Source index = 0
+
+[Install CSFK]
+    # Key used to authenticate the CSF data
+    File = "CSF1_1_sha256_2048_65537_v3_usr_crt.pem"
+
+[Authenticate CSF]
+
+[Install Key]
+    # Key slot index used to authenticate the key to be installed
+    Verification index = 0
+    # Target key slot in HAB key store where key will be installed
+    Target Index = 2
+    # Key to install
+    File= "IMG1_1_sha256_2048_65537_v3_usr_crt.pem"
+
+[Authenticate Data]
+    # Key slot index used to authenticate the image data
+    Verification index = 2
+    # Authenticate Start Address, Offset, Length and file
+    Blocks = {{loadaddr}} {{offset}} {{length}} "{{image}}"
-- 
GitLab