def test_save_memory_doctest(tmppath):
path = str(tmppath / 'bytes.hex')
blocks = [(offset, bytes(range(offset, offset + 16)))
for offset in range(0, 256, 16)]
sparse_items = Memory(blocks=blocks)
save_memory(path, sparse_items)
ans_out = load_memory(path)
ans_ref = sparse_items
assert ans_out == ans_ref
def get_digest_signature():
memory = hr.load_memory("combined_image.hex")
signature = memory[signature_start:(signature_start + 64):b'\xFF']
app_length_bytes = memory[app_length_start:(app_length_start + 4):b'\xFF']
app_length = int.from_bytes(app_length_bytes, byteorder='little')
data = memory[boot_start:(app_start + app_length):b'\xFF']
# Hashing the Application binary file bin_file
chosen_hash = hashes.SHA256()
hasher = hashes.Hash(chosen_hash, crypto_be)
hasher.update(data)
digest = hasher.finalize()
#print("\nApplication digest:")
#print(common_helper.pretty_print_hex(digest, indent=' '))
return [digest, signature]
def combine_sign_hex(boot_data, app_data):
with open(boot_hex, 'wb') as f:
f.write(boot_data.data[0])
f.close()
with open(app_hex, 'wb') as f:
f.write(app_data.data[0])
f.close()
merged_boot_hex = pattern_fill_hex(boot_hex, 'boot')
hr.save_blocks("firm_valid.hex", merged_boot_hex)
hex_boot_start, hex_boot_length = merged_boot_hex[0]
print("Firmware validation binary size:", len(hex_boot_length))
merged_app_hex = pattern_fill_hex(app_hex, 'app')
hr.save_blocks("app.hex", merged_app_hex)
hex_app_start, hex_app_length = merged_app_hex[0]
print("Application binary size:", len(hex_app_length))
#Merge boot hex and app hex into single hex
blocks_boot = hr.load_blocks("firm_valid.hex")
blocks_app = hr.load_blocks("app.hex")
merged = blocks_boot + blocks_app
merged.sort()
flooded = hb.flood(merged, pattern=b'\xFF')
flooded = hb.merge(flooded)
hr.save_blocks("combined_image.hex", flooded)
memory = hr.load_memory("combined_image.hex")
#a, data = data_blocks[0]
data = memory[boot_start:(app_start + len(hex_app_length)):b'\xFF']
# Setup cryptography
crypto_be = cryptography.hazmat.backends.default_backend()
with open(key_file, 'rb') as f:
# Loading the private key from key_file
private_key = serialization.load_pem_private_key(data=f.read(),
password=None,
backend=crypto_be)
# Hashing the Application binary file bin_file
chosen_hash = hashes.SHA256()
hasher = hashes.Hash(chosen_hash, crypto_be)
hasher.update(data)
digest = hasher.finalize()
print("\nApplication digest:")
print(pretty_print_hex(digest, indent=' '))
# Signing the digest of the Application binary file bin_file
sign = private_key.sign(digest, ec.ECDSA(utils.Prehashed(chosen_hash)))
# Extract actual Signature bytes
r_offset = (sign[3] - 32) + 4
sign_r = sign[r_offset:r_offset + 32]
s_offset = (sign[r_offset + 32 + 1] - 32) + (r_offset + 32 + 2)
sign_s = sign[s_offset:s_offset + 32]
calc_sign = sign_r + sign_s
print("\nSuccessfully Signed the firmware digest")
print("Calculated signature:")
print(str(convert_to_hex_bytes(calc_sign)))
memory.write(0x3FC00, calc_sign)
memory.write(0x3FD00, len(hex_app_length).to_bytes(4, byteorder='little'))
hr.save_memory('combined_image.hex', memory)