|
|
|
|
@ -1,4 +1,6 @@
|
|
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
from __future__ import annotations
|
|
|
|
|
|
|
|
|
|
import json
|
|
|
|
|
from pathlib import Path
|
|
|
|
|
|
|
|
|
|
@ -7,7 +9,7 @@ import click
|
|
|
|
|
from trezorlib import firmware, toif
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def minimum_header_len(spec):
|
|
|
|
|
def minimum_header_len(spec, quiet):
|
|
|
|
|
spec = spec.copy()
|
|
|
|
|
spec["header_len"] = 512000
|
|
|
|
|
reparsed = firmware.VendorHeader.SUBCON.parse(
|
|
|
|
|
@ -15,24 +17,45 @@ def minimum_header_len(spec):
|
|
|
|
|
)
|
|
|
|
|
data_length = reparsed._end_offset - reparsed._start_offset
|
|
|
|
|
# data length + 65 for signatures, rounded up to nearest multiple of 512
|
|
|
|
|
if not quiet:
|
|
|
|
|
click.echo(f"Minimum header length: {data_length + 65} bytes.")
|
|
|
|
|
return (data_length + 65 + 511) // 512 * 512
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FilePath = click.Path(dir_okay=False, path_type=Path)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@click.command()
|
|
|
|
|
@click.argument("specfile", type=click.File("r"))
|
|
|
|
|
@click.argument("image", type=click.File("rb"))
|
|
|
|
|
@click.argument("outfile", type=click.Path(dir_okay=False, writable=True, path_type=Path))
|
|
|
|
|
@click.argument("specfile", type=FilePath)
|
|
|
|
|
@click.option("-i", "--image", type=FilePath)
|
|
|
|
|
@click.option("-o", "--outfile", type=FilePath)
|
|
|
|
|
@click.option("-c", "--check", is_flag=True, help="Check but do not write header.")
|
|
|
|
|
@click.option("-q", "--quiet", is_flag=True, help="Do not print anything.")
|
|
|
|
|
def build_vendorheader(specfile, image, outfile, check: bool, quiet: bool):
|
|
|
|
|
def build_vendorheader(
|
|
|
|
|
specfile: Path, image: Path | None, outfile: Path | None, check: bool, quiet: bool
|
|
|
|
|
):
|
|
|
|
|
if quiet:
|
|
|
|
|
echo = lambda *args, **kwargs: None
|
|
|
|
|
else:
|
|
|
|
|
echo = click.echo
|
|
|
|
|
|
|
|
|
|
spec = json.load(specfile)
|
|
|
|
|
if not specfile.exists():
|
|
|
|
|
raise click.ClickException(f"Spec file {specfile.name} does not exist.")
|
|
|
|
|
|
|
|
|
|
if image is None:
|
|
|
|
|
image = specfile.with_suffix(".toif")
|
|
|
|
|
if not image.exists():
|
|
|
|
|
raise click.ClickException(f"Image file {image.name} does not exist.")
|
|
|
|
|
|
|
|
|
|
if outfile is None:
|
|
|
|
|
vh_stem = specfile.stem
|
|
|
|
|
if vh_stem.startswith("vendor_"):
|
|
|
|
|
vh_stem = vh_stem[len("vendor_") :]
|
|
|
|
|
outfile = specfile.parent / f"vendorheader_{vh_stem}_unsigned.bin"
|
|
|
|
|
|
|
|
|
|
spec = json.loads(specfile.read_text())
|
|
|
|
|
spec["pubkeys"] = [bytes.fromhex(k) for k in spec["pubkeys"]]
|
|
|
|
|
spec["image"] = toif.ToifStruct.parse(image.read())
|
|
|
|
|
spec["image"] = toif.ToifStruct.parse(image.read_bytes())
|
|
|
|
|
spec["sigmask"] = 0
|
|
|
|
|
spec["signature"] = b"\x00" * 64
|
|
|
|
|
if spec["hw_model"] is None:
|
|
|
|
|
@ -40,7 +63,7 @@ def build_vendorheader(specfile, image, outfile, check: bool, quiet: bool):
|
|
|
|
|
else:
|
|
|
|
|
spec["hw_model"] = spec["hw_model"].encode("ascii")
|
|
|
|
|
|
|
|
|
|
min_length = minimum_header_len(spec)
|
|
|
|
|
min_length = minimum_header_len(spec, quiet)
|
|
|
|
|
if "header_len" not in spec:
|
|
|
|
|
spec["header_len"] = min_length
|
|
|
|
|
elif spec["header_len"] < min_length:
|
|
|
|
|
|
matejcik
1 month ago
committed by