1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-13 19:18:56 +00:00

tools: update how vtrust is being passed to build_vendorheader

This commit is contained in:
Pavol Rusnak 2018-01-10 20:47:07 +01:00
parent 4d065df376
commit 2317aaedb9
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
3 changed files with 18 additions and 7 deletions

View File

@ -181,11 +181,11 @@ gdb_firmware: $(FIRMWARE_BUILD_DIR)/firmware.elf ## start remote gdb session to
## misc commands:
vendorheader: ## construct and sign the default vendor header
./tools/build_vendorheader e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351:d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869:772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef 2 0.0 65534 DEVELOPMENT assets/vendor_devel.toif embed/firmware/vendorheader.bin
./tools/build_vendorheader e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351:d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869:772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef 2 0.0 x.....x DEVELOPMENT assets/vendor_devel.toif embed/firmware/vendorheader.bin
./tools/binctl embed/firmware/vendorheader.bin -s 1:2 `./tools/combine_sign vendorheader embed/firmware/vendorheader.bin 4444444444444444444444444444444444444444444444444444444444444444 4545454545454545454545454545454545454545454545454545454545454545`
vendorheader_sl: ## construct SatoshiLabs vendor header
./tools/build_vendorheader 47fbdc84d8abef44fe6abde8f87b6ead821b7082ec63b9f7cc33dc53bf6c708d:03fdd9a9c3911652d5effca4540d96ed92d85850a47d256ab0a2d728c0d1a298:2218c25f8ba70c82eba8ed6a321df209c0a7643d014f33bf9317846f62923830 2 0.0 65534 SatoshiLabs assets/vendor_satoshilabs.toif embed/firmware/vendorheader_sl.bin
./tools/build_vendorheader 47fbdc84d8abef44fe6abde8f87b6ead821b7082ec63b9f7cc33dc53bf6c708d:03fdd9a9c3911652d5effca4540d96ed92d85850a47d256ab0a2d728c0d1a298:2218c25f8ba70c82eba8ed6a321df209c0a7643d014f33bf9317846f62923830 2 0.0 ......x SatoshiLabs assets/vendor_satoshilabs.toif embed/firmware/vendorheader_sl.bin
binctl: ## print info about binary files
./tools/binctl $(BOOTLOADER_BUILD_DIR)/bootloader.bin

View File

@ -16,6 +16,11 @@ def format_sigmask(sigmask):
return '0x%02x = [%s]' % (sigmask, ' '.join(bits))
def format_vtrust(vtrust):
bits = [str(b) if vtrust & (1 << b) == 0 else '.' for b in range(16)]
return '%d = [%s]' % (vtrust, ' '.join(bits))
# bootloader/firmware headers specification: https://github.com/trezor/trezor-core/blob/master/docs/bootloader.md
IMAGE_HEADER_SIZE = 1024
@ -199,7 +204,7 @@ class VendorHeader(object):
print(' * expiry :', self.expiry)
print(' * version : %d.%d' % (self.vmajor, self.vminor))
print(' * scheme : %d out of %d' % (self.vsig_m, self.vsig_n))
print(' * trust :', self.vtrust, '=', bin(self.vtrust))
print(' * trust :', format_vtrust(self.vtrust))
for i in range(self.vsig_n):
print(' * vpub #%d :' % (i + 1), binascii.hexlify(self.vpub[i]).decode())
print(' * vstr :', self.vstr.decode())

View File

@ -4,10 +4,8 @@ import struct
import binascii
# encode vendor name, add length byte and padding to multiple of 4
def encode_vendor(vname):
vbin = vname.encode('utf-8')
vbin = vname.encode()
vbin = struct.pack('<B', len(vbin)) + vbin
vbin += b'\0' * (-len(vbin) & 3)
return vbin
@ -19,6 +17,14 @@ def encode_pubkey(pubkey):
return binascii.unhexlify(pubkey)
def decode_vtrust(vtrust):
t = 0xFFFF
for i, b in enumerate(reversed(vtrust)):
if b != '.':
t &= ~(1 << i)
return t
def main():
if len(sys.argv) < 7:
print('Usage build_vendorheader "pubkey1hex:pubkey2hex:..." m version vendortrust vendorname vendorimage.toif vendorheader.bin')
@ -27,7 +33,7 @@ def main():
keys = [encode_pubkey(x) for x in sys.argv[1].split(':')]
m = int(sys.argv[2])
(vmajor, vminor) = [int(x) for x in sys.argv[3].split('.')]
vtrust = int(sys.argv[4])
vtrust = decode_vtrust(sys.argv[4])
vname = sys.argv[5]
ifn = sys.argv[6]
ofn = sys.argv[7]