1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2025-01-27 15:51:02 +00:00

core/headertool: support generating vendor headers with explicit size

This commit is contained in:
matejcik 2020-02-05 12:23:34 +01:00
parent 3c7806aaf6
commit d28e33ef02
4 changed files with 30 additions and 9 deletions

View File

@ -1,4 +1,5 @@
{ {
"header_len": 4608,
"text": "SatoshiLabs", "text": "SatoshiLabs",
"expiry": 0, "expiry": 0,
"version": { "version": {

View File

@ -1,4 +1,5 @@
{ {
"header_len": 2560,
"text": "UNSAFE, DO NOT USE!", "text": "UNSAFE, DO NOT USE!",
"expiry": 0, "expiry": 0,
"version": { "version": {

View File

@ -6,6 +6,15 @@ import click
from trezorlib import firmware from trezorlib import firmware
def minimum_header_len(spec):
spec = spec.copy()
spec["header_len"] = 512000
reparsed = firmware.VendorHeader.parse(firmware.VendorHeader.build(spec))
data_length = reparsed._end_offset - reparsed._start_offset
# data length + 65 for signatures, rounded up to nearest multiple of 512
return (data_length + 65 + 511) // 512 * 512
@click.command() @click.command()
@click.argument("specfile", type=click.File("r")) @click.argument("specfile", type=click.File("r"))
@click.argument("image", type=click.File("rb")) @click.argument("image", type=click.File("rb"))
@ -16,6 +25,19 @@ def build_vendorheader(specfile, image, outfile):
spec["image"] = firmware.Toif.parse(image.read()) spec["image"] = firmware.Toif.parse(image.read())
spec["sigmask"] = 0 spec["sigmask"] = 0
spec["signature"] = b"\x00" * 64 spec["signature"] = b"\x00" * 64
min_length = minimum_header_len(spec)
if "header_len" not in spec:
spec["header_len"] = min_length
elif spec["header_len"] < min_length:
raise click.ClickException(
f"Specified header_len {spec['header_len']} too low. "
f"Minimum allowable value is {min_length}."
)
if spec["header_len"] % 512 != 0:
raise click.ClickException("Invalid header_len: must be a multiple of 512")
outfile.write(firmware.VendorHeader.build(spec)) outfile.write(firmware.VendorHeader.build(spec))

View File

@ -146,7 +146,7 @@ VendorTrust = c.Transformed(c.BitStruct(
VendorHeader = c.Struct( VendorHeader = c.Struct(
"_start_offset" / c.Tell, "_start_offset" / c.Tell,
"magic" / c.Const(b"TRZV"), "magic" / c.Const(b"TRZV"),
"_header_len" / c.Padding(4), "header_len" / c.Int32ul,
"expiry" / c.Int32ul, "expiry" / c.Int32ul,
"version" / c.Struct( "version" / c.Struct(
"major" / c.Int8ul, "major" / c.Int8ul,
@ -159,17 +159,14 @@ VendorHeader = c.Struct(
"pubkeys" / c.Bytes(32)[c.this.sig_n], "pubkeys" / c.Bytes(32)[c.this.sig_n],
"text" / c.Aligned(4, c.PascalString(c.Int8ul, "utf-8")), "text" / c.Aligned(4, c.PascalString(c.Int8ul, "utf-8")),
"image" / Toif, "image" / Toif,
"_data_end_offset" / c.Tell, "_end_offset" / c.Tell,
c.Padding(-(c.this._data_end_offset + 65) % 512), "_min_header_len" / c.Check(c.this.header_len > (c.this._end_offset - c.this._start_offset) + 65),
"_header_len_aligned" / c.Check(c.this.header_len % 512 == 0),
c.Padding(c.this.header_len - c.this._end_offset + c.this._start_offset - 65),
"sigmask" / c.Byte, "sigmask" / c.Byte,
"signature" / c.Bytes(64), "signature" / c.Bytes(64),
"_end_offset" / c.Tell,
"header_len" / c.Pointer(
c.this._start_offset + 4,
c.Rebuild(c.Int32ul, c.this._end_offset - c.this._start_offset)
),
) )