from Common.Uefi.Capsule.UefiCapsuleHeader import UefiCapsuleHeaderClass\r
from Common.Uefi.Capsule.FmpCapsuleHeader import FmpCapsuleHeaderClass\r
from Common.Uefi.Capsule.FmpAuthHeader import FmpAuthHeaderClass\r
+from Common.Uefi.Capsule.CapsuleDependency import CapsuleDependencyClass\r
from Common.Edk2.Capsule.FmpPayloadHeader import FmpPayloadHeaderClass\r
\r
#\r
OpenSslOtherPublicCertFile = ConvertJsonValue (Config, 'OpenSslOtherPublicCertFile', os.path.expandvars, Required = False, Default = None, Open = True)\r
OpenSslTrustedPublicCertFile = ConvertJsonValue (Config, 'OpenSslTrustedPublicCertFile', os.path.expandvars, Required = False, Default = None, Open = True)\r
SigningToolPath = ConvertJsonValue (Config, 'SigningToolPath', os.path.expandvars, Required = False, Default = None)\r
+ DepexExp = ConvertJsonValue (Config, 'Dependencies', str, Required = False, Default = None)\r
\r
#\r
# Read binary input file\r
OpenSslSignerPrivateCertFile,\r
OpenSslOtherPublicCertFile,\r
OpenSslTrustedPublicCertFile,\r
- SigningToolPath\r
+ SigningToolPath,\r
+ DepexExp\r
))\r
\r
def GenerateOutputJson (PayloadJsonDescriptorList):\r
"OpenSslSignerPrivateCertFile": str(PayloadDescriptor.OpenSslSignerPrivateCertFile),\r
"OpenSslOtherPublicCertFile": str(PayloadDescriptor.OpenSslOtherPublicCertFile),\r
"OpenSslTrustedPublicCertFile": str(PayloadDescriptor.OpenSslTrustedPublicCertFile),\r
- "SigningToolPath": str(PayloadDescriptor.SigningToolPath)\r
+ "SigningToolPath": str(PayloadDescriptor.SigningToolPath),\r
+ "Dependencies" : str(PayloadDescriptor.DepexExp)\r
}for PayloadDescriptor in PayloadJsonDescriptorList\r
]\r
}\r
OpenSslSignerPrivateCertFile = None,\r
OpenSslOtherPublicCertFile = None,\r
OpenSslTrustedPublicCertFile = None,\r
- SigningToolPath = None\r
+ SigningToolPath = None,\r
+ DepexExp = None\r
):\r
self.Payload = Payload\r
self.Guid = Guid\r
self.OpenSslOtherPublicCertFile = OpenSslOtherPublicCertFile\r
self.OpenSslTrustedPublicCertFile = OpenSslTrustedPublicCertFile\r
self.SigningToolPath = SigningToolPath\r
+ self.DepexExp = DepexExp\r
\r
self.UseSignTool = self.SignToolPfxFile is not None\r
self.UseOpenSsl = (self.OpenSslSignerPrivateCertFile is not None and\r
self.AnyOpenSsl = (self.OpenSslSignerPrivateCertFile is not None or\r
self.OpenSslOtherPublicCertFile is not None or\r
self.OpenSslTrustedPublicCertFile is not None)\r
+ self.UseDependency = self.DepexExp is not None\r
\r
def Validate(self, args):\r
if self.UseSignTool and self.AnyOpenSsl:\r
args.OpenSslSignerPrivateCertFile,\r
args.OpenSslOtherPublicCertFile,\r
args.OpenSslTrustedPublicCertFile,\r
- args.SigningToolPath\r
+ args.SigningToolPath,\r
+ None\r
))\r
for SinglePayloadDescriptor in PayloadDescriptorList:\r
try:\r
except:\r
print ('GenerateCapsule: error: can not encode FMP Payload Header')\r
sys.exit (1)\r
+ if SinglePayloadDescriptor.UseDependency:\r
+ CapsuleDependency.Payload = Result\r
+ CapsuleDependency.DepexExp = SinglePayloadDescriptor.DepexExp\r
+ Result = CapsuleDependency.Encode ()\r
+ if args.Verbose:\r
+ CapsuleDependency.DumpInfo ()\r
if SinglePayloadDescriptor.UseOpenSsl or SinglePayloadDescriptor.UseSignTool:\r
#\r
# Sign image with 64-bit MonotonicCount appended to end of image\r
args.OpenSslSignerPrivateCertFile,\r
args.OpenSslOtherPublicCertFile,\r
args.OpenSslTrustedPublicCertFile,\r
- args.SigningToolPath\r
+ args.SigningToolPath,\r
+ None\r
))\r
#\r
# Perform additional verification on payload descriptors\r
PayloadDescriptorList[Index].OpenSslSignerPrivateCertFile,\r
PayloadDescriptorList[Index].OpenSslOtherPublicCertFile,\r
PayloadDescriptorList[Index].OpenSslTrustedPublicCertFile,\r
- PayloadDescriptorList[Index].SigningToolPath\r
+ PayloadDescriptorList[Index].SigningToolPath,\r
+ None\r
))\r
else:\r
PayloadDescriptorList[0].Payload = FmpCapsuleHeader.GetFmpCapsuleImageHeader (0).Payload\r
None,\r
None,\r
None,\r
+ None,\r
None\r
))\r
GUID = FmpCapsuleHeader.GetFmpCapsuleImageHeader (Index).UpdateImageTypeId\r
PayloadDescriptorList[Index].OpenSslSignerPrivateCertFile,\r
PayloadDescriptorList[Index].OpenSslOtherPublicCertFile,\r
PayloadDescriptorList[Index].OpenSslTrustedPublicCertFile,\r
- PayloadDescriptorList[Index].SigningToolPath\r
+ PayloadDescriptorList[Index].SigningToolPath,\r
+ None\r
))\r
JsonIndex = 0\r
for SinglePayloadDescriptor in PayloadDescriptorList:\r
if args.Verbose:\r
print ('--------')\r
print ('No EFI_FIRMWARE_IMAGE_AUTHENTICATION')\r
+\r
+ PayloadSignature = struct.unpack ('<I', SinglePayloadDescriptor.Payload[0:4])\r
+ if PayloadSignature != FmpPayloadHeader.Signature:\r
+ SinglePayloadDescriptor.UseDependency = True\r
+ try:\r
+ SinglePayloadDescriptor.Payload = CapsuleDependency.Decode (SinglePayloadDescriptor.Payload)\r
+ PayloadJsonDescriptorList[JsonIndex].DepexExp = CapsuleDependency.DepexExp\r
+ if args.Verbose:\r
+ print ('--------')\r
+ CapsuleDependency.DumpInfo ()\r
+ except Exception as Msg:\r
+ print ('GenerateCapsule: error: invalid dependency expression')\r
+ else:\r
+ if args.Verbose:\r
+ print ('--------')\r
+ print ('No EFI_FIRMWARE_IMAGE_DEP')\r
+\r
try:\r
SinglePayloadDescriptor.Payload = FmpPayloadHeader.Decode (SinglePayloadDescriptor.Payload)\r
PayloadJsonDescriptorList[JsonIndex].FwVersion = FmpPayloadHeader.FwVersion\r
except:\r
print ('--------')\r
print ('No EFI_FIRMWARE_IMAGE_AUTHENTICATION')\r
+\r
+ PayloadSignature = struct.unpack ('<I', Result[0:4])\r
+ if PayloadSignature != FmpPayloadHeader.Signature:\r
+ try:\r
+ Result = CapsuleDependency.Decode (Result)\r
+ print ('--------')\r
+ CapsuleDependency.DumpInfo ()\r
+ except:\r
+ print ('GenerateCapsule: error: invalid dependency expression')\r
+ else:\r
+ print ('--------')\r
+ print ('No EFI_FIRMWARE_IMAGE_DEP')\r
try:\r
Result = FmpPayloadHeader.Decode (Result)\r
print ('--------')\r
FmpCapsuleHeader = FmpCapsuleHeaderClass ()\r
FmpAuthHeader = FmpAuthHeaderClass ()\r
FmpPayloadHeader = FmpPayloadHeaderClass ()\r
+ CapsuleDependency = CapsuleDependencyClass ()\r
\r
EmbeddedDriverDescriptorList = []\r
PayloadDescriptorList = []\r