build-docker: fix fingerprint calculation for model T production builds (#1261)

4 years ago · 975f9b335e
parent c63c727df0
commit 975f9b335e
1 changed files with 9 additions and 2 deletions
--- a/python/tools/firmware-fingerprint.py
+++ b/python/tools/firmware-fingerprint.py
@ -4,6 +4,7 @@ import sys
 import click

 from trezorlib import firmware
+from trezorlib._internal import firmware_headers


@click.command()
@ -15,12 +16,18 @@ def firmware_fingerprint(filename, output):

    try:
        version, fw = firmware.parse(data)
+
+        # Unsigned production builds for Trezor T do not have valid code hashes.
+        # Use the internal module which recomputes them first.
+        if version == firmware.FirmwareFormat.TREZOR_T:
+            fingerprint = firmware_headers.FirmwareImage(fw).digest()
+        else:
+            fingerprint = firmware.digest(version, fw)
    except Exception as e:
        click.echo(e, err=True)
        sys.exit(2)

-    fingerprint = firmware.digest(version, fw).hex()
-    click.echo(fingerprint, file=output)
+    click.echo(fingerprint.hex(), file=output)


 if __name__ == "__main__":