feat(core): add vendor headers for devices with dev bootloader

[no changelog]
pull/3171/head
tychovrahe 10 months ago committed by TychoVrahe
parent 6d9e4321fd
commit 6c97dfef78

@ -744,12 +744,12 @@ cmake_gen = env.Command(
MODEL_IDENTIFIER = tools.get_model_identifier(TREZOR_MODEL)
BOOTLOADER_SUFFIX = MODEL_IDENTIFIER
if BOOTLOADER_QA:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_qa_DO_NOT_SIGN_signed_dev.bin'
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_dev_DO_NOT_SIGN_signed_dev.bin'
BOOTLOADER_SUFFIX = MODEL_IDENTIFIER + '_qa'
elif PRODUCTION:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_satoshilabs_signed_prod.bin'
elif BOOTLOADER_DEVEL:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_unsafe_signed_dev.bin'
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_dev_DO_NOT_SIGN_signed_dev.bin'
else:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_unsafe_signed_prod.bin'

@ -167,7 +167,7 @@ MODEL_IDENTIFIER = tools.get_model_identifier(TREZOR_MODEL)
if PRODUCTION:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_prodtest_signed_prod.bin'
elif BOOTLOADER_DEVEL:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_unsafe_signed_dev.bin'
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_dev_DO_NOT_SIGN_signed_dev.bin'
else:
VENDORHEADER = f'embed/vendorheader/{MODEL_IDENTIFIER}/vendorheader_unsafe_signed_prod.bin'

@ -0,0 +1,20 @@
{
"header_len": 4608,
"text": "DEV ONLY, DO NOT USE!",
"hw_model": "D001",
"expiry": 0,
"version": [0, 0],
"sig_m": 2,
"trust": {
"allow_run_with_secret": false,
"show_vendor_string": false,
"require_user_click": false,
"red_background": false,
"delay": 0
},
"pubkeys": [
"e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351",
"d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869",
"772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef"
]
}

@ -1,6 +1,6 @@
{
"header_len": 4608,
"text": "QA ONLY, DO NOT USE!",
"text": "DEV ONLY, DO NOT USE!",
"hw_model": "T2B1",
"expiry": 0,
"version": [0, 0],

@ -1,6 +1,6 @@
{
"header_len": 4608,
"text": "QA ONLY, DO NOT USE!",
"text": "DEV ONLY, DO NOT USE!",
"hw_model": null,
"expiry": 0,
"version": [0, 0],

@ -20,6 +20,7 @@ MODELS=(T2T1 T2B1 D001)
for MODEL in ${MODELS[@]}; do
cd $MODEL
echo "Generating vendor headers for $MODEL"
# construct all vendor headers
for fn in *.json; do
name=$(echo $fn | sed 's/vendor_\(.*\)\.json/\1/')
@ -29,7 +30,7 @@ for MODEL in ${MODELS[@]}; do
TMPDIR=$(mktemp -d)
trap "rm -rf $TMPDIR" EXIT
# sign dev and QA vendor header
for name in unsafe qa_DO_NOT_SIGN; do
for name in unsafe dev_DO_NOT_SIGN; do
SRC_NAME="vendorheader_${name}_unsigned.bin"
DEST_NAME="vendorheader_${name}_signed_dev.bin"
if [ ! -f "$SRC_NAME" ]; then

Loading…
Cancel
Save