def _load_preset_file(self, preset_file: str, family: str) -> None:
try:
tz_config = load_configuration(preset_file)
self.tz = TrustZone.from_config(tz_config)
except SPSDKError:
tz_bin = load_binary(preset_file)
self.tz = TrustZone.from_binary(family=family, raw_data=tz_bin)
def mix_load_from_config(self, config: Dict[str, Any]) -> None:
"""Load configuration from dictionary.
:param config: Dictionary with configuration fields.
"""
enabled_trustzone = config.get("enableTrustZone", False)
if enabled_trustzone:
trustzone_preset_file = config.get("trustZonePresetFile", None)
if trustzone_preset_file:
family = config.get("family", None)
self._load_preset_file(trustzone_preset_file, family)
else:
self.tz = TrustZone.enabled()
else:
self.tz = TrustZone.disabled()
def __init__(
self,
app: bytes = None,
app_table: MultipleImageTable = None,
trust_zone: TrustZone = None,
load_addr: int = None,
hmac_key: Union[bytes, str] = None,
key_store: KeyStore = None,
hwk: bool = False,
) -> None:
"""Constructor for Master Boot CRC RAM Image for RTxxx family.
:param app: Application image data, defaults to None
:param app_table: Application table for additional application binaries, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param load_addr: Load/Execution address in RAM of image, defaults to 0
:param hmac_key: HMAC key of image, defaults to None
:param key_store: Optional KeyStore object for image, defaults to None
:param hwk: Enable HW user mode keys, defaults to false
"""
self.app = align_block(app) if app else None
self.app_table = app_table
self.tz = trust_zone or TrustZone.enabled()
self.user_hw_key_enabled = hwk
self.load_address = load_addr
self.hmac_key = bytes.fromhex(hmac_key) if isinstance(
hmac_key, str) else hmac_key
self.key_store = key_store
super().__init__()
def __init__(self, app: Union[bytes, bytearray],
load_addr: int,
image_type: MasterBootImageType = MasterBootImageType.PLAIN_IMAGE,
trust_zone: Optional[TrustZone] = None, app_table: Optional[MultipleImageTable] = None,
cert_block: Optional[CertBlock] = None, priv_key_pem_data: Optional[bytes] = None,
hmac_key: Union[bytes, str] = None, key_store: KeyStore = None,
enable_hw_user_mode_keys: bool = False, ctr_init_vector: bytes = None) -> None:
"""Constructor.
:param app: input image (binary)
:param load_addr: address in RAM, where 'RAM' image will be copied;
for XIP images address, where the image is located in FLASH memory
:param image_type: type of the master boot image
:param trust_zone: TrustZone instance; None to use default settings (TrustZone enabled)
:param app_table: optional table with additional images; None if no additional images needed
:param cert_block: block of certificates; None for unsigned image
:param priv_key_pem_data: private key to sign the image, decrypted binary data in PEM format
:param hmac_key: optional key for HMAC generation (either binary ot HEX string; 32 bytes);
None if HMAC is not in the image
If key_store.key_source == KeySourceType.KEYSTORE, this is a user-key from key-store
If key_store.key_source == KeySourceType.OTP, this is a master-key burned in OTP
:param key_store: optional key store binary content; None if key store is not in the image
:param enable_hw_user_mode_keys: flag for controlling secure hardware key bus. If true, then it is possible to
access keys on hardware secure bus from non-secure application, else non-secure application will read zeros.
:param ctr_init_vector: optional initial vector for encryption counter; None to use random vector
:raises TypeError: if type is not binary data
:raises ValueError: if images are not loaded from RAM
"""
if not isinstance(app, (bytes, bytearray)):
raise TypeError("app must be binary data (bytes, bytearray)")
if app_table and not MasterBootImageType.is_copied_to_ram(image_type):
raise ValueError('app_table can be used only for images loaded to RAM')
assert load_addr >= 0
self.load_addr = load_addr
self.image_type = image_type
alignment = MasterBootImage._IMAGE_ALIGNMENT
self.app = misc.align_block(bytes(app), alignment)
self.app_table = app_table
# hmac + key store
self.hmac_key = bytes.fromhex(hmac_key) if isinstance(hmac_key, str) else hmac_key
self.key_store = key_store
# trust zone
self.trust_zone = trust_zone or TrustZone.enabled()
# security stuff
self.cert_block = cert_block
if self.cert_block:
self.cert_block.alignment = 4 #type: ignore # this value is used by elf-to-sb-gui
self.signature_len = self.cert_block.signature_size #type: ignore
else:
self.signature_len = 0
self._priv_key_pem_data = priv_key_pem_data
self.enable_hw_user_mode_keys = enable_hw_user_mode_keys
self.ctr_init_vector = ctr_init_vector
if MasterBootImageType.is_encrypted(self.image_type) and not ctr_init_vector:
self.ctr_init_vector = crypto_backend().random_bytes(self._CTR_INIT_VECTOR_SIZE)
self._verify_private_key()
# validate parameters
self._validate_new_instance()
def __init__(self,
app: bytes = None,
trust_zone: TrustZone = None) -> None:
"""Constructor for Master Boot CRC XiP Image for LPC55xxx family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
super().__init__()
def __init__(self,
app: bytes = None,
trust_zone: TrustZone = None,
firmware_version: int = 0) -> None:
"""Constructor for Master Boot CRC XiP Image for LPC55s3x family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param firmware_version: Firmware version of image, defaults to 0
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.firmware_version = firmware_version
super().__init__()
def __init__(self,
app: bytes = None,
trust_zone: TrustZone = None,
hwk: bool = False) -> None:
"""Constructor for Master Boot CRC XiP Image for RTxxx family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param hwk: Enable HW user mode keys, defaults to false
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.user_hw_key_enabled = hwk
super().__init__()
def __init__(
self,
app: bytes = None,
trust_zone: TrustZone = None,
load_addr: int = 0,
firmware_version: int = 0,
) -> None:
"""Constructor for Master Boot Signed RAM Image for LPC55s3x family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param load_addr: Load/Execution address in RAM of image, defaults to 0
:param firmware_version: Firmware version of image, defaults to 0
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.load_address = load_addr
self.firmware_version = firmware_version
super().__init__()
def __init__(
self,
app: bytes = None,
trust_zone: TrustZone = None,
load_addr: int = None,
hwk: bool = False,
) -> None:
"""Constructor for Master Boot Plain XiP Image for RTxxx family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param load_addr: Load/Execution address in RAM of image, defaults to 0
:param hwk: Enable HW user mode keys, defaults to false
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.load_address = load_addr
self.user_hw_key_enabled = hwk
super().__init__()
def __init__(
self,
app: bytes = None,
trust_zone: TrustZone = None,
cert_block: CertBlockV2 = None,
priv_key_data: bytes = None,
) -> None:
"""Constructor for Master Boot Signed XiP Image for LPC55xxx family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param cert_block: Certification block of image, defaults to None
:param priv_key_data: Private key used to sign image, defaults to None
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.cert_block = cert_block
self.priv_key_data = priv_key_data
super().__init__()
def __init__(
self,
app: bytes = None,
trust_zone: TrustZone = None,
cert_block: CertBlockV2 = None,
priv_key_data: bytes = None,
hwk: bool = False,
) -> None:
"""Constructor for Master Boot Plain Signed XiP Image for RTxxx family.
:param app: Application image data, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param cert_block: Certification block of image, defaults to None
:param priv_key_data: Private key used to sign image, defaults to None
:param hwk: Enable HW user mode keys, defaults to false
"""
self.app = align_block(app) if app else None
self.tz = trust_zone or TrustZone.enabled()
self.cert_block = cert_block
self.priv_key_data = priv_key_data
self.user_hw_key_enabled = hwk
super().__init__()
def __init__(
self,
app: bytes = None,
app_table: MultipleImageTable = None,
trust_zone: TrustZone = None,
load_addr: int = None,
cert_block: CertBlockV2 = None,
priv_key_data: bytes = None,
hmac_key: Union[bytes, str] = None,
key_store: KeyStore = None,
ctr_init_vector: bytes = None,
hwk: bool = False,
) -> None:
"""Constructor for Master Boot Encrypted RAM Image for RTxxx family..
:param app: Application image data, defaults to None
:param app_table: Application table for additional application binaries, defaults to None
:param trust_zone: TrustZone object, defaults to None
:param load_addr: Load/Execution address in RAM of image, defaults to 0
:param cert_block: Certification block of image, defaults to None
:param priv_key_data: Private key used to sign image, defaults to None
:param hwk: Enable HW user mode keys, defaults to false
:param key_store: Optional KeyStore object for image, defaults to None
:param hmac_key: HMAC key of image, defaults to None
:param ctr_init_vector: Counter initialization vector of image, defaults to None
"""
self.app = align_block(app) if app else None
self.load_address = load_addr
self.app_table = app_table
self.tz = trust_zone or TrustZone.enabled()
self.cert_block = cert_block
self.priv_key_data = priv_key_data
self.user_hw_key_enabled = hwk
self.key_store = key_store
self.hmac_key = bytes.fromhex(hmac_key) if isinstance(
hmac_key, str) else hmac_key
self.store_ctr_init_vector(ctr_init_vector)
self.img_len = 0
super().__init__()
