cr50: use codesigner from chroot

Source code for Cr50 codesigner has been added to the chroot and the executable is installed as /usr/bin/cr50-codesigner when cros sdk is created/updated. Let's use the 'official' version instead of outdated local one. BRANCH=cr50,cr50-mp BUG=b:73296144 TEST=verified that properly signed Cr50 images can be built. Change-Id: Ibc68340a26011c7d5ac028bbee73cd0f2c39c291 Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/996512 Reviewed-by: Mary Ruthven <mruthven@chromium.org>
2026-01-13 03:15:06 +00:00 · 2018-04-04 09:01:52 -07:00
parent bf6be57ca2
commit 9e50bb0473
3 changed files with 2 additions and 18 deletions
--- a/chip/g/build.mk
+++ b/chip/g/build.mk
@@ -114,14 +114,10 @@ dirs-y += chip/g/dcrypto
 dirs-y += chip/g/loader
 endif

-$(out)/RO/ec.RO.flat: $(out)/util/signer
-$(out)/RW/ec.RW.flat: $(out)/util/signer
-
 %.hex: %.flat

 ifneq ($(CONFIG_RW_B),)
 $(out)/$(PROJECT).obj: $(out)/RW/ec.RW_B.flat
-$(out)/RW/ec.RW_B.flat: $(out)/util/signer
 endif

 ifneq ($(CR50_DEV),)
@@ -130,13 +126,13 @@ endif

 MANIFEST := util/signer/ec_RW-manifest-dev.json
 CR50_RO_KEY ?= rom-testkey-A.pem
+SIGNER = /usr/bin/cr50-codesigner
+
 ifeq ($(H1_DEVIDS),)
 CR50_RW_KEY = loader-testkey-A.pem
-SIGNER = $(out)/util/signer
 SIGNER_EXTRAS =
 SIGNER_MANIFEST := $(MANIFEST)
 else
-SIGNER = sudo $(HOME)/bin/codesigner
 CR50_RW_KEY = cr50_rom0-dev-blsign.pem.pub
 RW_SIGNER_EXTRAS = -x util/signer/fuses.xml

--- a/util/signer/.gitignore
+++ b/util/signer/.gitignore
@@ -1 +0,0 @@
-signer
--- a/util/signer/build.mk
+++ b/util/signer/build.mk
@@ -3,17 +3,6 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

-signer_LIBS := -lcrypto -lelf -lusb-1.0 -lxml2
-signer_ROOT := util/signer
-signer_INC := $(addprefix common/, aes.h  ecdh.h  gnubby.h  \
-	image.h  publickey.h  signed_header.h)
-signer_SRC := codesigner.cc publickey.cc image.cc gnubby.cc aes.cc ecdh.cc
-SIGNER_DEPS := $(addprefix $(signer_ROOT)/, $(signer_SRC) $(signer_INC))
-
-HOST_CXXFLAGS += -I/usr/include/libxml2 -I $(out)
-$(out)/util/signer: $(SIGNER_DEPS)  $(out)/pmjp.h
-	$(call quiet,cxx_to_host,HOSTCXX)
-
 # When building self signed Cr50 images we still want the epoch/major/minor
 # fields come from the dev manifest. Since a full blown JSON parser for C is
 # not readily available, this rule generates a small .h file with only the