mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-26 09:28:13 +00:00
tools: use combine_sign to compute signatures, binctl just for adding to binary
This commit is contained in:
parent
57f2eee5bf
commit
46fdb8bcb4
5
Makefile
5
Makefile
@ -150,13 +150,12 @@ gdb_firmware: $(FIRMWARE_BUILD_DIR)/firmware.elf ## start remote gdb session to
|
|||||||
|
|
||||||
## misc commands:
|
## misc commands:
|
||||||
|
|
||||||
vendorheader: ## construct default vendor header
|
vendorheader: ## construct and sign the default vendor header
|
||||||
./tools/build_vendorheader e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351:d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869:772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef 2 0.0 10 DEVELOPMENT assets/vendor_devel.toif embed/firmware/vendorheader.bin
|
./tools/build_vendorheader e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351:d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869:772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef 2 0.0 10 DEVELOPMENT assets/vendor_devel.toif embed/firmware/vendorheader.bin
|
||||||
./tools/binctl embed/firmware/vendorheader.bin -s 1:2 4444444444444444444444444444444444444444444444444444444444444444:4545454545454545454545454545454545454545454545454545454545454545
|
./tools/binctl embed/firmware/vendorheader.bin -s 1:2 `./tools/combine_sign vendorheader embed/firmware/vendorheader.bin 4444444444444444444444444444444444444444444444444444444444444444 4545454545454545454545454545454545454545454545454545454545454545`
|
||||||
|
|
||||||
vendorheader_sl: ## construct SatoshiLabs vendor header
|
vendorheader_sl: ## construct SatoshiLabs vendor header
|
||||||
./tools/build_vendorheader 47fbdc84d8abef44fe6abde8f87b6ead821b7082ec63b9f7cc33dc53bf6c708d:03fdd9a9c3911652d5effca4540d96ed92d85850a47d256ab0a2d728c0d1a298:2218c25f8ba70c82eba8ed6a321df209c0a7643d014f33bf9317846f62923830 2 0.0 80 SatoshiLabs assets/vendor_satoshilabs.toif embed/firmware/vendorheader_sl.bin
|
./tools/build_vendorheader 47fbdc84d8abef44fe6abde8f87b6ead821b7082ec63b9f7cc33dc53bf6c708d:03fdd9a9c3911652d5effca4540d96ed92d85850a47d256ab0a2d728c0d1a298:2218c25f8ba70c82eba8ed6a321df209c0a7643d014f33bf9317846f62923830 2 0.0 80 SatoshiLabs assets/vendor_satoshilabs.toif embed/firmware/vendorheader_sl.bin
|
||||||
./tools/binctl embed/firmware/vendorheader_sl.bin -s 1:2 trezor:trezor
|
|
||||||
|
|
||||||
binctl: ## print info about binary files
|
binctl: ## print info about binary files
|
||||||
./tools/binctl $(BOOTLOADER_BUILD_DIR)/bootloader.bin
|
./tools/binctl $(BOOTLOADER_BUILD_DIR)/bootloader.bin
|
||||||
|
@ -146,7 +146,9 @@ env.Replace(
|
|||||||
ASPPFLAGS='$CFLAGS $CCFLAGS', )
|
ASPPFLAGS='$CFLAGS $CCFLAGS', )
|
||||||
|
|
||||||
env.Replace(
|
env.Replace(
|
||||||
BINCTL='tools/binctl', )
|
BINCTL='tools/binctl',
|
||||||
|
COMBINE_SIGN='tools/combine_sign',
|
||||||
|
)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Program objects
|
# Program objects
|
||||||
@ -170,5 +172,5 @@ program_bin = env.Command(
|
|||||||
source=program_elf,
|
source=program_elf,
|
||||||
action=[
|
action=[
|
||||||
'$OBJCOPY -O binary -j .header -j .flash -j .data $SOURCE $TARGET',
|
'$OBJCOPY -O binary -j .header -j .flash -j .data $SOURCE $TARGET',
|
||||||
'$BINCTL $TARGET -s 1:2 4141414141414141414141414141414141414141414141414141414141414141:4242424242424242424242424242424242424242424242424242424242424242',
|
'$BINCTL $TARGET -s 1:2 `$COMBINE_SIGN bootloader $TARGET 4141414141414141414141414141414141414141414141414141414141414141 4242424242424242424242424242424242424242424242424242424242424242`',
|
||||||
], )
|
], )
|
||||||
|
@ -353,7 +353,9 @@ env.Replace(
|
|||||||
MAKEVERSIONHDR='$PYTHON vendor/micropython/py/makeversionhdr.py',
|
MAKEVERSIONHDR='$PYTHON vendor/micropython/py/makeversionhdr.py',
|
||||||
MPY_TOOL='$PYTHON vendor/micropython/tools/mpy-tool.py',
|
MPY_TOOL='$PYTHON vendor/micropython/tools/mpy-tool.py',
|
||||||
MPY_CROSS='vendor/micropython/mpy-cross/mpy-cross',
|
MPY_CROSS='vendor/micropython/mpy-cross/mpy-cross',
|
||||||
BINCTL='tools/binctl', )
|
BINCTL='tools/binctl',
|
||||||
|
COMBINE_SIGN='tools/combine_sign',
|
||||||
|
)
|
||||||
|
|
||||||
#
|
#
|
||||||
# Micropython version
|
# Micropython version
|
||||||
@ -428,5 +430,5 @@ program_bin = env.Command(
|
|||||||
source=program_elf,
|
source=program_elf,
|
||||||
action=[
|
action=[
|
||||||
'$OBJCOPY -O binary -j .header -j .flash -j .data $SOURCE $TARGET',
|
'$OBJCOPY -O binary -j .header -j .flash -j .data $SOURCE $TARGET',
|
||||||
'$BINCTL $TARGET -s 1:2 4747474747474747474747474747474747474747474747474747474747474747:4848484848484848484848484848484848484848484848484848484848484848',
|
'$BINCTL $TARGET -s 1:2 `$COMBINE_SIGN firmware $TARGET 4747474747474747474747474747474747474747474747474747474747474747 4848484848484848484848484848484848484848484848484848484848484848`',
|
||||||
], )
|
], )
|
||||||
|
27
tools/combine_sign
Executable file
27
tools/combine_sign
Executable file
@ -0,0 +1,27 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
TOOLDIR=$(dirname $0)
|
||||||
|
|
||||||
|
TYPE=$1
|
||||||
|
FILE=$2
|
||||||
|
shift
|
||||||
|
shift
|
||||||
|
SECKEYS=$*
|
||||||
|
|
||||||
|
COMMITS=""
|
||||||
|
|
||||||
|
for seckey in $SECKEYS; do
|
||||||
|
commit=$( $TOOLDIR/keyctl commit $TYPE $FILE $seckey )
|
||||||
|
COMMITS="$COMMITS $commit"
|
||||||
|
done
|
||||||
|
|
||||||
|
global_commit=$( $TOOLDIR/keyctl global_commit $COMMITS )
|
||||||
|
|
||||||
|
SIGS=""
|
||||||
|
|
||||||
|
for seckey in $SECKEYS; do
|
||||||
|
sig=$( $TOOLDIR/keyctl sign $TYPE $FILE $global_commit $seckey )
|
||||||
|
SIGS="$SIGS $sig"
|
||||||
|
done
|
||||||
|
|
||||||
|
$TOOLDIR/keyctl global_sign $FILE $global_commit $SIGS
|
Loading…
Reference in New Issue
Block a user