1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00

tools: pass sigmask and seckey as parameter to binctl

This commit is contained in:
Pavol Rusnak 2017-04-08 18:23:08 +02:00
parent 393ead9beb
commit 62ad4d6a39
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
2 changed files with 16 additions and 25 deletions

View File

@ -26,7 +26,7 @@ res: ## update resources
vendorheader: ## construct default vendor header
./tools/build_vendorheader 'db995fe25169d141cab9bbba92baa01f9f2e1ece7df4cb2ac05190f37fcc1f9d:2152f8d19b791d24453242e15f2eab6cb7cffa7b6a5ed30097960e069881db12:22fc297792f0b6ffc0bfcfdb7edb0c0aa14e025a365ec0e342e86e3829cb74b6' 1 0.0 SatoshiLabs assets/satoshilabs_120.toif micropython/firmware/vendorheader.bin
./tools/binctl micropython/firmware/vendorheader.bin -s
./tools/binctl micropython/firmware/vendorheader.bin -s 1 4141414141414141414141414141414141414141414141414141414141414141
binctl: ## print info about binary files
./tools/binctl micropython/loader/build/loader.bin
@ -58,11 +58,11 @@ build_bootloader: ## build bootloader
build_loader: ## build loader
$(MAKE) -f Makefile.loader $(TREZORHAL_PORT_OPTS)
./tools/binctl micropython/loader/build/loader.bin -s
./tools/binctl micropython/loader/build/loader.bin -s 1 4141414141414141414141414141414141414141414141414141414141414141
build_firmware: res build_cross ## build firmware with frozen modules
$(MAKE) -f Makefile.firmware $(TREZORHAL_PORT_OPTS)
./tools/binctl micropython/firmware/build/firmware.bin -s
./tools/binctl micropython/firmware/build/firmware.bin -s 1 4141414141414141414141414141414141414141414141414141414141414141
build_unix: ## build unix port
$(MAKE) -f ../../../micropython/unix/Makefile -C vendor/micropython/unix $(UNIX_PORT_OPTS)

View File

@ -6,21 +6,10 @@ import ed25519
import pyblake2
def get_sig(data):
if False:
print('Enter index : ', end='')
idx = int(input())
print('Enter privkey : ', end='')
seckey = binascii.unhexlify(input())
else:
idx = 1
seckey = binascii.unhexlify('4141414141414141414141414141414141414141414141414141414141414141')
def sign_data(seckey, data):
signkey = ed25519.SigningKey(seckey)
digest = pyblake2.blake2s(data).digest()
sigmask = 1 << (idx - 1)
sig = signkey.sign(digest)
return sigmask, sig
return signkey.sign(digest)
def format_sigmask(sigmask):
bits = [ str(b + 1) if sigmask & (1<<b) else '.' for b in range(8) ]
@ -86,11 +75,12 @@ class BinImage:
assert len(header) == self.hdrlen
return header
def sign(self):
def sign(self, sigmask, seckey):
header = self.serialize_header(sig=False)
data = header + self.code
assert len(data) == self.hdrlen + self.codelen
self.sigmask, self.sig = get_sig(data)
self.sigmask = sigmask
self.sig = sign_data(seckey, data)
def write(self, filename):
with open(filename, 'wb') as f:
@ -185,9 +175,10 @@ class VendorHeader:
assert len(header) == self.hdrlen
return header
def sign(self):
def sign(self, sigmask, seckey):
header = self.serialize_header(sig=False)
self.sigmask, self.sig = get_sig(header)
self.sigmask = sigmask
self.sig = sign_data(seckey, header)
def write(self, filename):
with open(filename, 'wb') as f:
@ -212,17 +203,17 @@ def binopen(filename):
def main():
if len(sys.argv) < 2:
print('Usage: binctl file.bin [-s]')
print('Usage: binctl file.bin [-s index seckey]')
return 1
fn = sys.argv[1]
sign = len(sys.argv) > 2 and sys.argv[2] == '-s'
b = binopen(fn)
if sign:
b.sign()
sigmask = 1 << (int(sys.argv[3]) - 1)
seckey = binascii.unhexlify(sys.argv[4])
b.sign(sigmask, seckey)
print()
b.print()
b.write(fn)
else:
b.print()