def sign_image(toolchain, resourses, elf, binf, m0hex): """ Adds signature to a binary file being built, using cysecuretools python package. :param toolchain: Toolchain object of current build session :param binf: Binary file created for target """ if m0hex != '': m0hex_build = os.path.join(toolchain.build_dir, toolchain.target.hex_filename) copy2(m0hex, m0hex_build) m0hex = m0hex_build # Mapping from mbed target to cysecuretools target TARGET_MAPPING = { "CY8CKIT_064B0S2_4343W": "cy8ckit-064b0s2-4343w", "CY8CPROTO_064B0S1_BLE": "cy8cproto-064b0s1-ble", "CY8CPROTO_064S1_SB": "cy8cproto-064s1-sb", "CY8CPROTO_064B0S3": "cy8cproto-064b0s3" } try: secure_target = TARGET_MAPPING[toolchain.target.name] except KeyError: raise ConfigException("[PSOC6.sign_image] Target " + toolchain.target.name + " is not supported in cysecuretools.") policy_file = find_policy(toolchain) toolchain.notify.info("[PSOC6.sign_image] Using policy file: " + str(policy_file)) import cysecuretools tools = cysecuretools.CySecureTools(secure_target, str(policy_file)) if str(toolchain.target.boot_scheme) == 'single_image': toolchain.notify.info("[PSOC6.sign_image] single image signing") sign_application(toolchain, tools, binf, image_id=toolchain.target.cm0_img_id) elif str(toolchain.target.boot_scheme) == 'multi_image': sign_application(toolchain, tools, m0hex, image_id=toolchain.target.cm0_img_id) sign_application(toolchain, tools, binf, image_id=toolchain.target.cm4_img_id) complete(toolchain, elf, hexf0=binf, hexf1=m0hex) else: raise ConfigException("[PSOC6.sign_image] Boot scheme " + str(toolchain.target.boot_scheme) + \ "is not supported. Supported boot schemes are 'single_image' and 'multi_image' ")
def sign_hex(build_dir, m0hex_filename, target_name, policy, notification, boot_scheme, cm0_img_id, cm4_img_id, elf, m4hex, m0hex): """ Adds signature to a binary file being built, using cysecuretools python package. :param build_dir: The build directory :param m0hex_filename: The file name of the Cortex-M0 hex :param target_name: The name of the Mbed target :param policy: The path to the policy file :param notification: The object to output notification with :param boot_scheme: The boot scheme :param cm0_img_id: The Cortex-M0 image identifier :param cm4_img_id: The Cortex-M4 image identifier :param elf: An ELF file :param m4hex: The path to the Cortex-M4 HEX file :param m0hex: The path to the Cortex-M0 HEX file """ # Keep module import here so it is required only if building PSOC6 targets # that need to be signed if m0hex != '': m0hex_build = os.path.join(build_dir, m0hex_filename) copy2(m0hex, m0hex_build) m0hex = m0hex_build # Mapping from mbed target to cysecuretools target TARGET_MAPPING = { "CY8CKIT064B0S2_4343W": "cy8ckit-064b0s2-4343w", "CYTFM_064B0S2_4343W": "cy8ckit-064b0s2-4343w", "CY8CPROTO_064B0S1_BLE": "cy8cproto-064b0s1-ble", "CY8CPROTO_064S1_SB": "cy8cproto-064s1-sb", "CY8CPROTO_064B0S3": "cy8cproto-064b0s3" } try: secure_target = TARGET_MAPPING[target_name] except KeyError: raise ConfigException("[PSOC6.sign_image] Target " + target_name + " is not supported in cysecuretools.") policy_file = find_policy(policy, notification.info, target_name) notification.info("[PSOC6.sign_image] Using policy file: " + str(policy_file)) import cysecuretools tools = cysecuretools.CySecureTools(secure_target, str(policy_file)) if str(boot_scheme) == 'single_image': notification.info("[PSOC6.sign_image] single image signing") sign_application(notification.debug, tools, m4hex, image_id=cm0_img_id) elif str(boot_scheme) == 'multi_image': sign_application(notification.debug, tools, m0hex, image_id=cm0_img_id) sign_application(notification.debug, tools, m4hex, image_id=cm4_img_id) complete(notification.debug, elf, hexf0=m4hex, hexf1=m0hex) else: raise ConfigException("[PSOC6.sign_image] Boot scheme " + str(boot_scheme) + \ "is not supported. Supported boot schemes are 'single_image' and 'multi_image' ")