From 975f9b335eb9b6ba32f178d83bb1e024f48069e6 Mon Sep 17 00:00:00 2001
From: Martin Milata <martin@martinmilata.cz>
Date: Tue, 15 Sep 2020 11:28:18 +0200
Subject: [PATCH] build-docker: fix fingerprint calculation for model T
 production builds (#1261)

---
 python/tools/firmware-fingerprint.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/python/tools/firmware-fingerprint.py b/python/tools/firmware-fingerprint.py
index e4c5674c7..dc4ea084a 100755
--- a/python/tools/firmware-fingerprint.py
+++ b/python/tools/firmware-fingerprint.py
@@ -4,6 +4,7 @@ import sys
 import click
 
 from trezorlib import firmware
+from trezorlib._internal import firmware_headers
 
 
 @click.command()
@@ -15,12 +16,18 @@ def firmware_fingerprint(filename, output):
 
     try:
         version, fw = firmware.parse(data)
+
+        # Unsigned production builds for Trezor T do not have valid code hashes.
+        # Use the internal module which recomputes them first.
+        if version == firmware.FirmwareFormat.TREZOR_T:
+            fingerprint = firmware_headers.FirmwareImage(fw).digest()
+        else:
+            fingerprint = firmware.digest(version, fw)
     except Exception as e:
         click.echo(e, err=True)
         sys.exit(2)
 
-    fingerprint = firmware.digest(version, fw).hex()
-    click.echo(fingerprint, file=output)
+    click.echo(fingerprint.hex(), file=output)
 
 
 if __name__ == "__main__":