def main(argv):
options = myargs(argv)
print("options={}".format(options))
if not options.s_hex_file and not options.ns_hex_file:
print('Error: no files to sign')
exit(1)
tools = CySecureTools(options.device, options.policy_file)
if options.s_hex_file:
print('signing tfm_s image:', options.s_hex_file)
tools.sign_image(options.s_hex_file, 1)
# rename signed image to *_signed.hex
name, ext = os.path.splitext(options.s_hex_file)
s_hex_signed_file = name + '_signed' + ext
try:
move(options.s_hex_file, s_hex_signed_file)
except IOError as e:
print("Failed to copy file '{}' to '{}' ({})"
.format(options.s_hex_file, s_hex_signed_file, e.message))
raise
print('Signed TFM-S image:', s_hex_signed_file)
if options.ns_hex_file:
print('signing tfm_ns image:', options.ns_hex_file)
tools.sign_image(options.ns_hex_file, 16)
# rename signed image to *_signed.hex
name, ext = os.path.splitext(options.ns_hex_file)
ns_hex_signed_file = name + '_signed' + ext
try:
move(options.ns_hex_file, ns_hex_signed_file)
except IOError as e:
print("Failed to copy file '{}' to '{}' ({})"
.format(options.ns_hex_file, ns_hex_signed_file, e.message))
raise
print('Signed TFM-NS image:', ns_hex_signed_file)
# for CM4, sign_image creates an unsigned copy of the image
# named <image to sign>_cm4.hex. Delete it to avoid confusion.
file_name = name + '_cm4' + ext
if os.path.isfile(file_name):
try:
os.remove(file_name)
except IOError:
print("Could not erase '{}'"
.format(file_name))
print('Done.')
def main(argv):
options = myargs(argv)
print("options: {}".format(options))
if not options.policy_path:
options.policy_path = 'policy'
tools = CySecureTools(
options.target_name,
options.policy_path + "/" + options.policy_file + '.json')
if (options.toolchain == 'ARM'):
fromelf_cmd = options.toolchain_path + "/bin/fromelf"
app_elf_file = options.build_dir + "/" + options.app_name + ".elf"
fromelf_result_dir = options.build_dir + "/" + "fromelf_result"
# Check if gcc tools path is valid
if (os.path.isdir(options.toolchain_path) == False):
print("ERROR: 'ARM Compiler' tools folder not found in path: {}".
format(options.toolchain_path))
exit(-1)
# Check if elf is valid
if (os.path.isfile(app_elf_file) == False):
print("ERROR: ELF file not found in path: {}\r\n".format(
app_elf_file))
exit(-1)
# Split elf file into sections
shell_cmd = [
fromelf_cmd, '--i32', '--output=' + fromelf_result_dir,
app_elf_file
]
ret = exec_shell_command(shell_cmd)
if (ret != 0):
exit(ret)
em_eeprom_hex = fromelf_result_dir + "/" + ".cy_em_eeprom"
app_hex_path = options.build_dir + '/' + options.app_name + '.hex'
if (os.path.isfile(em_eeprom_hex) == True):
sections_list = [
f for f in os.listdir(fromelf_result_dir)
if os.path.isfile(os.path.join(fromelf_result_dir, f))
]
sections_list.remove('.cy_em_eeprom')
flash = IntelHex()
for section in sections_list:
sect = IntelHex(fromelf_result_dir + "/" + section)
flash.merge(sect, overlap='replace')
flash.write_hex_file(app_hex_path, False)
CM0_app_src_path = options.cm0_app_path + '/' + options.cm0_app_name + '.hex'
CM0_app_dst_path = options.build_dir + '/' + options.cm0_app_name + '.hex'
# CySecureTools Image ID for CM4 Applications is
# 1) 1 for single-stage,
# 2) 16 in case of multi-stage,
# Image ID for CM0 Applications is always 1
if (options.core == "CM4"):
if (options.secure_boot_stage == "single"):
# Sign CM4 image
tools.sign_image(app_hex_path, 1)
else:
# Sign CM4 image
tools.sign_image(app_hex_path, 16)
# Make a copy of CM0P app image in build folder
shutil.copy2(CM0_app_src_path, CM0_app_dst_path)
# Sign CM0 image
tools.sign_image(CM0_app_dst_path, 1)
# Merge CM0, CM4 into a single hex file
ihex = IntelHex()
ihex.padding = 0x00
ihex.loadfile(app_hex_path, 'hex') \
ihex.merge(IntelHex(CM0_app_dst_path), 'ignore') \
ihex.write_hex_file(app_hex_path, write_start_addr=False, byte_count=16)
else:
tools.sign_image(app_hex_path, 1)
if (os.path.isfile(em_eeprom_hex) == True):
# Add emulated EEPROM Section back
flash = IntelHex(app_hex_path)
eeprom = IntelHex(em_eeprom_hex)
flash.merge(eeprom)
flash.write_hex_file(app_hex_path, False)
else:
gcc_objcopy_eabi_cmd = options.toolchain_path + '/bin/arm-none-eabi-objcopy'
app_elf_file = options.build_dir + "/" + options.app_name + ".elf"
# Check if gcc tools path is valid
if (os.path.isdir(options.toolchain_path) == False):
print("ERROR: GCC tools folder not found in path: {}".format(
options.toolchain_path))
exit(-1)
# Check if elf is valid
if (os.path.isfile(app_elf_file) == False):
print("ERROR: ELF file not found in path: {}\r\n".format(
app_elf_file))
exit(-1)
# Strip away emulated EEPROM section from hex file before signing
shell_cmd = [
gcc_objcopy_eabi_cmd, '-R', '.cy_em_eeprom', '-O', 'ihex',
app_elf_file, options.build_dir + "/" + options.app_name + ".hex"
]
ret = exec_shell_command(shell_cmd)
if (ret != 0):
exit(ret)
# Store emulated eeprom section in a seperate hex file
shell_cmd = [
gcc_objcopy_eabi_cmd, '-j', '.cy_em_eeprom', '-O', 'ihex',
options.build_dir + "/" + options.app_name + ".elf",
options.build_dir + "/em_eeprom.hex"
]
ret = exec_shell_command(shell_cmd)
if (ret != 0):
exit(ret)
app_hex_path = options.build_dir + '/' + options.app_name + '.hex'
CM0_app_src_path = options.cm0_app_path + '/' + options.cm0_app_name + '.hex'
CM0_app_dst_path = options.build_dir + '/' + options.cm0_app_name + '.hex'
# CySecureTools Image ID for CM4 Applications is
# 1) 1 for single-stage,
# 2) 16 in case of multi-stage,
# Image ID for CM0 Applications is always 1
if (options.core == "CM4"):
if (options.secure_boot_stage == "single"):
# Sign CM4 image
tools.sign_image(app_hex_path, 1)
else:
# Sign CM4 image
tools.sign_image(app_hex_path, 16)
# Make a copy of CM0P app image in build folder
shutil.copy2(CM0_app_src_path, CM0_app_dst_path)
# Sign CM0 image
tools.sign_image(CM0_app_dst_path, 1)
# Merge CM0, CM4 into a single hex file
ihex = IntelHex()
ihex.padding = 0x00
ihex.loadfile(app_hex_path, 'hex') \
ihex.merge(IntelHex(CM0_app_dst_path), 'ignore') \
ihex.write_hex_file(app_hex_path, write_start_addr=False, byte_count=16)
else:
tools.sign_image(app_hex_path, 1)
# Add emulated EEPROM Section back
flash = IntelHex(app_hex_path)
eeprom = IntelHex(options.build_dir + "/em_eeprom.hex")
flash.merge(eeprom)
flash.write_hex_file(app_hex_path, False)
exit(0)