def main(argv): options = myargs(argv) print("options={}".format(options)) if not options.s_hex_file and not options.ns_hex_file: print('Error: no files to sign') exit(1) tools = CySecureTools(options.device, options.policy_file) if options.s_hex_file: print('signing tfm_s image:', options.s_hex_file) tools.sign_image(options.s_hex_file, 1) # rename signed image to *_signed.hex name, ext = os.path.splitext(options.s_hex_file) s_hex_signed_file = name + '_signed' + ext try: move(options.s_hex_file, s_hex_signed_file) except IOError as e: print("Failed to copy file '{}' to '{}' ({})" .format(options.s_hex_file, s_hex_signed_file, e.message)) raise print('Signed TFM-S image:', s_hex_signed_file) if options.ns_hex_file: print('signing tfm_ns image:', options.ns_hex_file) tools.sign_image(options.ns_hex_file, 16) # rename signed image to *_signed.hex name, ext = os.path.splitext(options.ns_hex_file) ns_hex_signed_file = name + '_signed' + ext try: move(options.ns_hex_file, ns_hex_signed_file) except IOError as e: print("Failed to copy file '{}' to '{}' ({})" .format(options.ns_hex_file, ns_hex_signed_file, e.message)) raise print('Signed TFM-NS image:', ns_hex_signed_file) # for CM4, sign_image creates an unsigned copy of the image # named <image to sign>_cm4.hex. Delete it to avoid confusion. file_name = name + '_cm4' + ext if os.path.isfile(file_name): try: os.remove(file_name) except IOError: print("Could not erase '{}'" .format(file_name)) print('Done.')
def main(argv): options = myargs(argv) print("options: {}".format(options)) if not options.policy_path: options.policy_path = 'policy' tools = CySecureTools( options.target_name, options.policy_path + "/" + options.policy_file + '.json') if (options.toolchain == 'ARM'): fromelf_cmd = options.toolchain_path + "/bin/fromelf" app_elf_file = options.build_dir + "/" + options.app_name + ".elf" fromelf_result_dir = options.build_dir + "/" + "fromelf_result" # Check if gcc tools path is valid if (os.path.isdir(options.toolchain_path) == False): print("ERROR: 'ARM Compiler' tools folder not found in path: {}". format(options.toolchain_path)) exit(-1) # Check if elf is valid if (os.path.isfile(app_elf_file) == False): print("ERROR: ELF file not found in path: {}\r\n".format( app_elf_file)) exit(-1) # Split elf file into sections shell_cmd = [ fromelf_cmd, '--i32', '--output=' + fromelf_result_dir, app_elf_file ] ret = exec_shell_command(shell_cmd) if (ret != 0): exit(ret) em_eeprom_hex = fromelf_result_dir + "/" + ".cy_em_eeprom" app_hex_path = options.build_dir + '/' + options.app_name + '.hex' if (os.path.isfile(em_eeprom_hex) == True): sections_list = [ f for f in os.listdir(fromelf_result_dir) if os.path.isfile(os.path.join(fromelf_result_dir, f)) ] sections_list.remove('.cy_em_eeprom') flash = IntelHex() for section in sections_list: sect = IntelHex(fromelf_result_dir + "/" + section) flash.merge(sect, overlap='replace') flash.write_hex_file(app_hex_path, False) CM0_app_src_path = options.cm0_app_path + '/' + options.cm0_app_name + '.hex' CM0_app_dst_path = options.build_dir + '/' + options.cm0_app_name + '.hex' # CySecureTools Image ID for CM4 Applications is # 1) 1 for single-stage, # 2) 16 in case of multi-stage, # Image ID for CM0 Applications is always 1 if (options.core == "CM4"): if (options.secure_boot_stage == "single"): # Sign CM4 image tools.sign_image(app_hex_path, 1) else: # Sign CM4 image tools.sign_image(app_hex_path, 16) # Make a copy of CM0P app image in build folder shutil.copy2(CM0_app_src_path, CM0_app_dst_path) # Sign CM0 image tools.sign_image(CM0_app_dst_path, 1) # Merge CM0, CM4 into a single hex file ihex = IntelHex() ihex.padding = 0x00 ihex.loadfile(app_hex_path, 'hex') \ ihex.merge(IntelHex(CM0_app_dst_path), 'ignore') \ ihex.write_hex_file(app_hex_path, write_start_addr=False, byte_count=16) else: tools.sign_image(app_hex_path, 1) if (os.path.isfile(em_eeprom_hex) == True): # Add emulated EEPROM Section back flash = IntelHex(app_hex_path) eeprom = IntelHex(em_eeprom_hex) flash.merge(eeprom) flash.write_hex_file(app_hex_path, False) else: gcc_objcopy_eabi_cmd = options.toolchain_path + '/bin/arm-none-eabi-objcopy' app_elf_file = options.build_dir + "/" + options.app_name + ".elf" # Check if gcc tools path is valid if (os.path.isdir(options.toolchain_path) == False): print("ERROR: GCC tools folder not found in path: {}".format( options.toolchain_path)) exit(-1) # Check if elf is valid if (os.path.isfile(app_elf_file) == False): print("ERROR: ELF file not found in path: {}\r\n".format( app_elf_file)) exit(-1) # Strip away emulated EEPROM section from hex file before signing shell_cmd = [ gcc_objcopy_eabi_cmd, '-R', '.cy_em_eeprom', '-O', 'ihex', app_elf_file, options.build_dir + "/" + options.app_name + ".hex" ] ret = exec_shell_command(shell_cmd) if (ret != 0): exit(ret) # Store emulated eeprom section in a seperate hex file shell_cmd = [ gcc_objcopy_eabi_cmd, '-j', '.cy_em_eeprom', '-O', 'ihex', options.build_dir + "/" + options.app_name + ".elf", options.build_dir + "/em_eeprom.hex" ] ret = exec_shell_command(shell_cmd) if (ret != 0): exit(ret) app_hex_path = options.build_dir + '/' + options.app_name + '.hex' CM0_app_src_path = options.cm0_app_path + '/' + options.cm0_app_name + '.hex' CM0_app_dst_path = options.build_dir + '/' + options.cm0_app_name + '.hex' # CySecureTools Image ID for CM4 Applications is # 1) 1 for single-stage, # 2) 16 in case of multi-stage, # Image ID for CM0 Applications is always 1 if (options.core == "CM4"): if (options.secure_boot_stage == "single"): # Sign CM4 image tools.sign_image(app_hex_path, 1) else: # Sign CM4 image tools.sign_image(app_hex_path, 16) # Make a copy of CM0P app image in build folder shutil.copy2(CM0_app_src_path, CM0_app_dst_path) # Sign CM0 image tools.sign_image(CM0_app_dst_path, 1) # Merge CM0, CM4 into a single hex file ihex = IntelHex() ihex.padding = 0x00 ihex.loadfile(app_hex_path, 'hex') \ ihex.merge(IntelHex(CM0_app_dst_path), 'ignore') \ ihex.write_hex_file(app_hex_path, write_start_addr=False, byte_count=16) else: tools.sign_image(app_hex_path, 1) # Add emulated EEPROM Section back flash = IntelHex(app_hex_path) eeprom = IntelHex(options.build_dir + "/em_eeprom.hex") flash.merge(eeprom) flash.write_hex_file(app_hex_path, False) exit(0)