TA dev kit: add support for TA encryption Add CFG_ENCRYPT_TA as TA build time configuration option to enable encryption of TA using encryption key provided via TA_ENC_KEY build time option. The default value of TA_ENC_KEY is derived from 16 zero bytes default hardware unique key. Also rename scripts/sign.py to scripts/sign_encrypt.py to reflect optional encryption support along with signing of TAs. Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

commit: 2de17fda55d2d902123e25b1036cd6ae00b7ea77 [log] [tgz]
author: Sumit Garg <sumit.garg@linaro.org> Wed Oct 23 12:47:24 2019 +0530
committer: Jérôme Forissier <jerome@forissier.org> Fri Nov 22 14:19:21 2019 +0100
tree: 824385e12558f8513928bdcc983af7b0d0222720
parent: e1afc43988aa7f8de9d0cab3ee77abf79cc5e3ee [diff] [blame]
diff --git a/mk/lib.mk b/mk/lib.mk
index 13ace45..c5d07a2 100644
--- a/mk/lib.mk
+++ b/mk/lib.mk

@@ -43,7 +43,7 @@
 libnames	:= $(libname) $(libnames)
 libdeps		:= $(lib-libfile) $(libdeps)
 
-SIGN = scripts/sign.py
+SIGN = scripts/sign_encrypt.py
 TA_SIGN_KEY ?= keys/default_ta.pem
 
 define process-lib
commit	2de17fda55d2d902123e25b1036cd6ae00b7ea77	[log] [tgz]
author	Sumit Garg <sumit.garg@linaro.org>	Wed Oct 23 12:47:24 2019 +0530
committer	Jérôme Forissier <jerome@forissier.org>	Fri Nov 22 14:19:21 2019 +0100
tree	824385e12558f8513928bdcc983af7b0d0222720
parent	e1afc43988aa7f8de9d0cab3ee77abf79cc5e3ee [diff] [blame]