def test_load_key(self):
key_file_name = 'key.pem'
signing = Signing()
signing.load_key(key_file_name)
self.assertEqual(64, len(binascii.hexlify(signing.sk.to_string())))
def display(key_file, key, format):
signer = Signing()
if not os.path.isfile(key_file):
raise NordicSemiException("File not found: %s" % key_file)
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if not key:
click.echo("You must specify a key with --key (pk|sk).")
return
if key != "pk" and key != "sk":
click.echo("Invalid key type. Valid types are (pk|sk).")
return
if not format:
click.echo("You must specify a format with --format (hex|code|pem).")
return
if format != "hex" and format != "code" and format != "pem":
click.echo("Invalid format. Valid formats are (hex|code|pem).")
return
if key == "pk":
click.echo(signer.get_vk(format))
elif key == "sk":
click.echo("\nWARNING: Security risk! Do not share the private key.\n")
click.echo(signer.get_sk(format))
def display(key_file, key, format, out_file):
signer = Signing()
if not os.path.isfile(key_file):
raise NordicSemiException("File not found: %s" % key_file)
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if format == "dbgcode":
format = "code"
dbg = True
else:
dbg = False
if format == "code" and key == "sk":
raise click.UsageError(
"Displaying the private key as code is not available.")
if key == "pk":
kstr = signer.get_vk(format, dbg)
elif key == "sk":
kstr = "\nWARNING: Security risk! Do not share the private key.\n\n"
kstr = kstr + signer.get_sk(format, dbg)
if not out_file:
click.echo(kstr)
else:
with open(out_file, "w") as kfile:
kfile.write(kstr)
def generate(zipfile,
application,
application_version,
bootloader,
bootloader_version,
hw_version,
sd_req,
softdevice,
key_file):
"""
Generate a zip package for distribution to apps that support Nordic DFU OTA.
The application, bootloader, and SoftDevice files are converted to .bin if supplied as .hex files.
For more information on the generated package, see:
http://developer.nordicsemi.com/nRF5_SDK/doc/
"""
zipfile_path = zipfile
if application_version == 'none':
application_version = None
if bootloader_version == 'none':
bootloader_version = None
if hw_version == 'none':
hw_version = None
sd_req_list = None
if sd_req.lower() == 'none':
sd_req_list = []
elif sd_req:
try:
# This will parse any string starting with 0x as base 16.
sd_req_list = sd_req.split(',')
sd_req_list = map(int_as_text_to_int, sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-req. "
"Hex values should be prefixed with 0x.")
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
package = Package(hw_version,
application_version,
bootloader_version,
sd_req_list,
application,
bootloader,
softdevice,
key_file)
package.generate_package(zipfile_path)
log_message = "Zip created at {0}".format(zipfile_path)
click.echo(log_message)
def test_get_sk_hex(self):
key_file_name = 'key.pem'
expected_vk_hex = "Private (signing) key sk:\n9d37cc501be62612dd44d150a1c6ad69fbf08e9f905e5e860b89ff9e1050963d"
signing = Signing()
signing.load_key(key_file_name)
sk_hex = signing.get_sk_hex()
self.assertEqual(expected_vk_hex, sk_hex)
def generate(key_file):
signer = Signing()
if os.path.exists(key_file):
if not query_func("File found at %s. Do you want to overwrite the file?" % key_file):
click.echo('Key generation aborted.')
return
signer.gen_key(key_file)
click.echo("Generated private key and stored it in: %s" % key_file)
def generate(key_file):
signer = Signing()
if os.path.exists(key_file):
if not query_func("File found at %s. Do you want to overwrite the file?" % key_file):
click.echo('Key generation aborted.')
return
signer.gen_key(key_file)
click.echo("Generated private key and stored it in: %s" % key_file)
def test_get_vk_hex(self):
key_file_name = 'key.pem'
expected_vk_hex = "Verification key Qx: 658da2eddb981f697dae7220d68217abed3fb87005ec8a05b9b56bbbaa17f460\n" \
"Verification key Qy: 909baecdad7226c204b612b662ff4fccbd1b0c90841090d83a59cdad6c981d4c"
signing = Signing()
signing.load_key(key_file_name)
vk_hex = signing.get_vk_hex()
self.assertEqual(expected_vk_hex, vk_hex)
def test_get_vk_hex(self):
key_file_name = 'key.pem'
expected_vk_hex = "Verification key pk: 60f417aabb6bb5b9058aec0570b83fedab1782d62072ae7d691f98dbeda28d654c1d98"\
"6cadcd593ad8901084900c1bbdcc4fff62b612b604c22672adcdae9b90"
signing = Signing()
signing.load_key(key_file_name)
vk_hex = signing.get_vk_hex()
self.assertEqual(expected_vk_hex, vk_hex)
def test_get_vk_hex(self):
key_file_name = 'key.pem'
expected_vk_hex = "Verification key pk: 60f417aabb6bb5b9058aec0570b83fedab1782d62072ae7d691f98dbeda28d654c1d98"\
"6cadcd593ad8901084900c1bbdcc4fff62b612b604c22672adcdae9b90"
signing = Signing()
signing.load_key(key_file_name)
vk_hex = signing.get_vk_hex()
self.assertEqual(expected_vk_hex, vk_hex)
def test_gen_key(self):
self.work_directory = tempfile.mkdtemp(prefix="nrf_signing_tests_")
key_file_name = 'key.pem'
key_file_path = os.path.join(self.work_directory, key_file_name)
signing = Signing()
signing.gen_key(key_file_path)
self.assertTrue(os.path.exists(key_file_path))
shutil.rmtree(self.work_directory, ignore_errors=True)
def test_get_vk_pem(self):
key_file_name = 'key.pem'
expected_vk_pem = "-----BEGIN PUBLIC KEY-----\n" \
"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZY2i7duYH2l9rnIg1oIXq+0/uHAF\n" \
"7IoFubVru6oX9GCQm67NrXImwgS2ErZi/0/MvRsMkIQQkNg6Wc2tbJgdTA==\n" \
"-----END PUBLIC KEY-----\n"
signing = Signing()
signing.load_key(key_file_name)
vk_pem = signing.get_vk_pem()
self.assertEqual(expected_vk_pem, vk_pem)
def test_get_vk_code(self):
key_file_name = 'key.pem'
expected_vk_code = "static uint8_t Qx[] = { 0x65, 0x8d, 0xa2, 0xed, 0xdb, 0x98, 0x1f, 0x69, 0x7d, " \
"0xae, 0x72, 0x20, 0xd6, 0x82, 0x17, 0xab, 0xed, 0x3f, 0xb8, 0x70, 0x05, 0xec, " \
"0x8a, 0x05, 0xb9, 0xb5, 0x6b, 0xbb, 0xaa, 0x17, 0xf4, 0x60 };\n" \
"static uint8_t Qy[] = { 0x90, 0x9b, 0xae, 0xcd, 0xad, 0x72, 0x26, 0xc2, 0x04, " \
"0xb6, 0x12, 0xb6, 0x62, 0xff, 0x4f, 0xcc, 0xbd, 0x1b, 0x0c, 0x90, 0x84, 0x10, " \
"0x90, 0xd8, 0x3a, 0x59, 0xcd, 0xad, 0x6c, 0x98, 0x1d, 0x4c };"
signing = Signing()
signing.load_key(key_file_name)
vk_code = signing.get_vk_code()
self.assertEqual(expected_vk_code, vk_code)
def test_unpack_package_c(self):
signer = Signing()
signer.load_key('key.pem')
self.p = Package(app_version=100,
sd_req=[0x1000, 0xffff],
softdevice_fw="firmwares/bar.hex",
signer=signer)
pkg_name = os.path.join(self.work_directory, "mypackage.zip")
self.p.generate_package(pkg_name, preserve_work_dir=False)
unpacked_dir = os.path.join(self.work_directory, "unpacked")
manifest = self.p.unpack_package(
os.path.join(self.work_directory, pkg_name), unpacked_dir)
self.assertIsNotNone(manifest)
self.assertEqual('bar.bin', manifest.softdevice.bin_file)
def test_get_vk_code(self):
key_file_name = 'key.pem'
expected_vk_code = "static const uint8_t pk[] = { 0x60, 0xf4, 0x17, 0xaa, 0xbb, 0x6b, 0xb5, 0xb9, 0x05, " \
"0x8a, 0xec, 0x05, 0x70, 0xb8, 0x3f, 0xed, 0xab, 0x17, 0x82, 0xd6, 0x20, 0x72, " \
"0xae, 0x7d, 0x69, 0x1f, 0x98, 0xdb, 0xed, 0xa2, 0x8d, 0x65, 0x4c, 0x1d, 0x98, " \
"0x6c, 0xad, 0xcd, 0x59, 0x3a, 0xd8, 0x90, 0x10, 0x84, 0x90, 0x0c, 0x1b, 0xbd, " \
"0xcc, 0x4f, 0xff, 0x62, 0xb6, 0x12, 0xb6, 0x04, 0xc2, 0x26, 0x72, 0xad, 0xcd, " \
"0xae, 0x9b, 0x90 };\n"\
"static const nrf_crypto_key_t crypto_key_pk = { .p_le_data = pk, .len = sizeof(pk) };"
signing = Signing()
signing.load_key(key_file_name)
vk_code = signing.get_vk_code()
self.assertEqual(expected_vk_code, vk_code)
def test_get_vk_code(self):
key_file_name = 'key.pem'
expected_vk_code = "static const uint8_t pk[] = { 0x60, 0xf4, 0x17, 0xaa, 0xbb, 0x6b, 0xb5, 0xb9, 0x05, " \
"0x8a, 0xec, 0x05, 0x70, 0xb8, 0x3f, 0xed, 0xab, 0x17, 0x82, 0xd6, 0x20, 0x72, " \
"0xae, 0x7d, 0x69, 0x1f, 0x98, 0xdb, 0xed, 0xa2, 0x8d, 0x65, 0x4c, 0x1d, 0x98, " \
"0x6c, 0xad, 0xcd, 0x59, 0x3a, 0xd8, 0x90, 0x10, 0x84, 0x90, 0x0c, 0x1b, 0xbd, " \
"0xcc, 0x4f, 0xff, 0x62, 0xb6, 0x12, 0xb6, 0x04, 0xc2, 0x26, 0x72, 0xad, 0xcd, " \
"0xae, 0x9b, 0x90 };\n"\
"static const nrf_crypto_key_t crypto_key_pk = { .p_le_data = pk, .len = sizeof(pk) };"
signing = Signing()
signing.load_key(key_file_name)
vk_code = signing.get_vk_code()
self.assertEqual(expected_vk_code, vk_code)
def test_get_vk(self):
key_file_name = 'key.pem'
signing = Signing()
signing.load_key(key_file_name)
vk_str = signing.get_vk('hex')
vk_hex = signing.get_vk_hex()
self.assertEqual(vk_hex, vk_str)
vk_str = signing.get_vk('code')
vk_code = signing.get_vk_code()
self.assertEqual(vk_code, vk_str)
vk_str = signing.get_vk('pem')
vk_pem = signing.get_vk_pem()
self.assertEqual(vk_pem, vk_str)
def display(key_file, key, format, out_file):
signer = Signing()
if not os.path.isfile(key_file):
raise NordicSemiException("File not found: %s" % key_file)
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if not key:
click.echo("You must specify a key with --key (pk|sk).")
return
if key != "pk" and key != "sk":
click.echo("Invalid key type. Valid types are (pk|sk).")
return
if not format:
click.echo("You must specify a format with --format (hex|code|pem).")
return
if format != "hex" and format != "code" and format != "pem" and format != "dbgcode":
click.echo("Invalid format. Valid formats are (hex|code|pem).")
return
if format == "dbgcode":
format = "code"
dbg = True
else:
dbg = False
if format == "code" and key == "sk":
click.echo("Displaying the private key as code is not available.")
return
if key == "pk":
kstr = signer.get_vk(format, dbg)
elif key == "sk":
kstr = "\nWARNING: Security risk! Do not share the private key.\n\n"
kstr = kstr + signer.get_sk(format, dbg)
if not out_file:
click.echo(kstr)
else:
with open(out_file, "w") as kfile:
kfile.write(kstr)
def test_sign_and_verify(self):
key_file_name = 'key.pem'
signing = Signing()
signing.load_key(key_file_name)
init_packet_fields = {
PacketField.DEVICE_TYPE: 0xFFFF,
PacketField.DEVICE_REVISION: 0xFFFF,
PacketField.APP_VERSION: 0xFFFFFFFF,
PacketField.REQUIRED_SOFTDEVICES_ARRAY: [0xFFFE],
PacketField.NORDIC_PROPRIETARY_OPT_DATA_EXT_PACKET_ID: 2,
PacketField.NORDIC_PROPRIETARY_OPT_DATA_FIRMWARE_LENGTH: 1234,
PacketField.NORDIC_PROPRIETARY_OPT_DATA_FIRMWARE_HASH:
'\xc9\xd3\xbfi\xf2\x1e\x88\xa01\x1e\r\xd2BSa\x12\xf8BW\x9b\xef&Z$\xbd\x02U\xfdD?u\x9e',
}
init_packet = Packet(init_packet_fields)
init_packet_data = init_packet.generate_packet()
signature = signing.sign(init_packet_data)
self.assertTrue(signing.verify(init_packet_data, signature))
init_packet_fields[PacketField.NORDIC_PROPRIETARY_OPT_DATA_INIT_PACKET_ECDS] = signature
init_packet = Packet(init_packet_fields)
init_packet_data = init_packet.generate_packet()
self.assertFalse(signing.verify(init_packet_data, signature))
def keys(key_file,
gen_key,
show_vk):
"""
This set of commands support creation of signing key (private) and showing the verification key (public)
from a previously loaded signing key. Signing key is stored in PEM format
"""
if not gen_key and show_vk is None:
raise nRFException("Use either gen-key or show-vk.")
signer = Signing()
if gen_key:
if os.path.exists(key_file):
if not query_func("File found at %s. Do you want to overwrite the file?" % key_file):
click.echo('Key generation aborted')
return
signer.gen_key(key_file)
click.echo("Generated key at: %s" % key_file)
elif show_vk:
if not os.path.isfile(key_file):
raise nRFException("No key file to load at: %s" % key_file)
signer.load_key(key_file)
click.echo(signer.get_vk(show_vk))
def display(key_file, key, format, out_file):
signer = Signing()
if not os.path.isfile(key_file):
raise NordicSemiException("File not found: %s" % key_file)
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if not key:
click.echo("You must specify a key with --key (pk|sk).")
return
if key != "pk" and key != "sk":
click.echo("Invalid key type. Valid types are (pk|sk).")
return
if not format:
click.echo("You must specify a format with --format (hex|code|pem).")
return
if format != "hex" and format != "code" and format != "pem" and format != "dbgcode":
click.echo("Invalid format. Valid formats are (hex|code|pem).")
return
if format == "dbgcode":
format = "code"
dbg = True
else:
dbg = False
if format == "code" and key == "sk":
click.echo("Displaying the private key as code is not available.")
return
if key == "pk":
kstr = signer.get_vk(format, dbg)
elif key == "sk":
kstr = "\nWARNING: Security risk! Do not share the private key.\n\n"
kstr = kstr + signer.get_sk(format, dbg)
if not out_file:
click.echo(kstr)
else:
with open(out_file, "w") as kfile:
kfile.write(kstr)
def keys(key_file,
gen_key,
show_vk):
"""
This set of commands support creation of signing key (private) and showing the verification key (public)
from a previously loaded signing key. Signing key is stored in PEM format
"""
if not gen_key and show_vk is None:
raise nRFException("Use either gen-key or show-vk.")
signer = Signing()
if gen_key:
if os.path.exists(key_file):
if not query_func("File found at %s. Do you want to overwrite the file?" % key_file):
click.echo('Key generation aborted')
return
signer.gen_key(key_file)
click.echo("Generated key at: %s" % key_file)
elif show_vk:
if not os.path.isfile(key_file):
raise nRFException("No key file to load at: %s" % key_file)
signer.load_key(key_file)
click.echo(signer.get_vk(show_vk))
def display(key_file, key, format):
signer = Signing()
if not os.path.isfile(key_file):
raise nRFException("File not found: %s" % key_file)
signer.load_key(key_file)
if not key:
click.echo("You must specify a key with --key (pk|sk).")
return
if key != "pk" and key != "sk":
click.echo("Invalid key type. Valid types are (pk|sk).")
return
if not format:
click.echo("You must specify a format with --format (hex|code|pem).")
return
if format != "hex" and format != "code" and format != "pem":
click.echo("Invalid format. Valid formats are (hex|code|pem).")
return
if key == "pk":
click.echo(signer.get_vk(format))
elif key == "sk":
click.echo("\nWARNING: Security risk! Do not share the private key.\n")
click.echo(signer.get_sk(format))
def test_generate_with_sd_boot_validation_ecdsa(self):
settings = BLDFUSettings()
signer = Signing()
signer.load_key('key.pem')
settings.generate(arch='NRF52',
app_file=None,
app_ver=1,
bl_ver=1,
bl_sett_ver=2,
custom_bl_sett_addr=None,
no_backup=True,
backup_address=None,
app_boot_validation_type=None,
sd_boot_validation_type='VALIDATE_ECDSA_P256_SHA256',
sd_file='firmwares/s132_nrf52_mini.hex',
signer=signer)
# Since ECDSA contains a random component the signature will be different every time
# it is generated. Therefore only overall structure of the boot validation will be checked.
self.assertEqual(0x03, settings.sd_boot_validation_type)
self.assertEqual(64, len(settings.sd_boot_validation_bytes))
def test_generate_package_sd_bl(self):
signer = Signing()
signer.load_key('key.pem')
self.p = Package(app_version=100,
sd_req=[0x1000, 0xfffe],
softdevice_fw="firmwares/foo.hex",
bootloader_fw="firmwares/bar.hex",
signer=signer)
pkg_name = "mypackage.zip"
self.p.generate_package(pkg_name, preserve_work_dir=False)
expected_zip_content = ["manifest.json", "sd_bl.bin", "sd_bl.dat"]
with ZipFile(pkg_name, 'r') as pkg:
infolist = pkg.infolist()
for file_information in infolist:
self.assertTrue(
file_information.filename in expected_zip_content)
self.assertGreater(file_information.file_size, 0)
# Extract all and load json document to see if it is correct regarding to paths
pkg.extractall(self.work_directory)
with open(os.path.join(self.work_directory, 'manifest.json'),
'r') as f:
_json = json.load(f)
self.assertEqual(
'sd_bl.bin',
_json['manifest']['softdevice_bootloader']['bin_file'])
self.assertEqual(
'sd_bl.dat',
_json['manifest']['softdevice_bootloader']['dat_file'])
def generate(zipfile, debug_mode, application, application_version,
application_version_string, bootloader, bootloader_version,
hw_version, sd_req, softdevice, key_file):
"""
Generate a zip package for distribution to apps that support Nordic DFU OTA.
The application, bootloader, and SoftDevice files are converted to .bin if supplied as .hex files.
For more information on the generated package, see:
http://developer.nordicsemi.com/nRF5_SDK/doc/
The following combinations are supported by this command:
* BL only: Supported.
* SD only: Supported (SD of same Major Version).
* APP only: Supported.
* BL + SD: Supported.
* BL + APP: Not supported (use two packages instead).
* BL + SD + APP: Supported.
* SD + APP: Supported (SD of same Major Version).
"""
zipfile_path = zipfile
# Check combinations
if bootloader is not None and application is not None and softdevice is None:
click.echo(
"Error: Invalid combination: use two .zip packages instead.")
return
if debug_mode is None:
debug_mode = False
# The user can specify the application version with two different
# formats. As an integer, e.g. 102130, or as a string
# "10.21.30". Internally we convert to integer.
if application_version_string:
application_version_internal = convert_version_string_to_int(
application_version_string)
else:
application_version_internal = application_version
if application_version_internal == 'none':
application_version_internal = None
if bootloader_version == 'none':
bootloader_version = None
if hw_version == 'none':
hw_version = None
# Convert multiple value into a single instance
if len(sd_req) > 1:
click.echo(
"Please specify SoftDevice requirements as a comma-separated list: --sd-req 0xXXXX,0xYYYY,..."
)
return
elif len(sd_req) == 0:
sd_req = None
else:
sd_req = sd_req[0]
if sd_req == 'none':
sd_req = None
# Initial consistency checks
if application_version_internal is not None and application is None:
click.echo("Error: Application version with no image.")
return
if bootloader_version is not None and bootloader is None:
click.echo("Error: Bootloader version with no image.")
return
if debug_mode:
display_debug_warning()
# Default to no version checking
if application_version_internal is None:
application_version_internal = Package.DEFAULT_APP_VERSION
if bootloader_version is None:
bootloader_version = Package.DEFAULT_BL_VERSION
if hw_version is None:
hw_version = Package.DEFAULT_HW_VERSION
if sd_req is None:
# Use string as this will be mapped into an int below
sd_req = str(Package.DEFAULT_SD_REQ[0])
# Version checks
if hw_version is None:
click.echo("Error: --hw-version required.")
return
if sd_req is None:
click.echo("Error: --sd-req required.")
return
if application is not None and application_version_internal is None:
click.echo(
'Error: --application-version or --application-version-string'
'required with application image.')
return
if bootloader is not None and bootloader_version is None:
click.echo(
"Error: --bootloader-version required with bootloader image.")
return
sd_req_list = []
if sd_req is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_req_list = sd_req.split(',')
sd_req_list = map(int_as_text_to_int, sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-req. "
"Hex values should be prefixed with 0x.")
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
package = Package(debug_mode, hw_version, application_version_internal,
bootloader_version, sd_req_list, application, bootloader,
softdevice, key_file)
package.generate_package(zipfile_path)
log_message = "Zip created at {0}".format(zipfile_path)
click.echo(log_message)
def generate(zipfile, debug_mode, application, application_version,
application_version_string, bootloader, bootloader_version,
hw_version, sd_req, sd_id, softdevice, sd_boot_validation,
app_boot_validation, key_file, external_app, zigbee,
zigbee_manufacturer_id, zigbee_image_type, zigbee_comment,
zigbee_ota_hw_version, zigbee_ota_fw_version,
zigbee_ota_min_hw_version, zigbee_ota_max_hw_version):
"""
Generate a zip package for distribution to apps that support Nordic DFU OTA.
The application, bootloader, and SoftDevice files are converted to .bin if supplied as .hex files.
For more information on the generated package, see:
http://developer.nordicsemi.com/nRF5_SDK/doc/
The following combinations are supported by this command:
* BL only: Supported.
* SD only: Supported (SD of same Major Version).
* APP only: Supported (external or internal).
* BL + SD: Supported.
* BL + APP: Not supported (use two packages instead).
* BL + SD + APP: Supported.
* SD + APP: Supported (SD of same Major Version).
"""
zipfile_path = zipfile
# Check combinations
if bootloader is not None and application is not None and softdevice is None:
raise click.UsageError(
"Invalid combination: use two .zip packages instead.")
if debug_mode is None:
debug_mode = False
# The user can specify the application version with two different
# formats. As an integer, e.g. 102130, or as a string
# "10.21.30". Internally we convert to integer.
if application_version_string:
application_version_internal = convert_version_string_to_int(
application_version_string)
if application_version:
click.echo(
'Warning: When both application-version-string and application-version are provided, only the string will be used.'
)
else:
application_version_internal = application_version
if application_version_internal == 'none':
application_version_internal = None
if bootloader_version == 'none':
bootloader_version = None
if hw_version == 'none':
hw_version = None
if external_app is None:
external_app = False
if zigbee_ota_hw_version == 'none':
zigbee_ota_hw_version = None
if zigbee_ota_fw_version == 'none':
zigbee_ota_fw_version = None
# Convert multiple value into a single instance
if len(sd_req) > 1:
raise click.BadParameter(
"Please specify SoftDevice requirements as a comma-separated list: --sd-req 0xXXXX,0xYYYY,...",
param_hint='sd_req')
elif len(sd_req) == 0:
sd_req = None
else:
sd_req = sd_req[0]
if sd_req == 'none':
sd_req = None
if len(sd_id) > 1:
raise click.BadParameter(
"Please specify SoftDevice requirements as a comma-separated list: --sd-id 0xXXXX,0xYYYY,...",
param_hint='sd_req')
elif len(sd_id) == 0:
sd_id = None
else:
sd_id = sd_id[0]
if sd_id == 'none':
sd_id = None
# Initial consistency checks
if application_version_internal is not None and application is None:
raise click.UsageError("Application version with no image.")
if bootloader_version is not None and bootloader is None:
raise click.UsageError("Bootloader version with no image.")
if debug_mode:
display_debug_warning()
# Default to no version checking
if application_version_internal is None:
application_version_internal = Package.DEFAULT_APP_VERSION
if bootloader_version is None:
bootloader_version = Package.DEFAULT_BL_VERSION
if hw_version is None:
hw_version = Package.DEFAULT_HW_VERSION
if sd_req is None:
# Use string as this will be mapped into an int below
sd_req = str(Package.DEFAULT_SD_REQ[0])
# Version checks
if hw_version is None:
raise click.UsageError("--hw-version required.")
if sd_req is None and external_app is False:
raise click.UsageError("--sd-req required.")
if application is not None and application_version_internal is None:
raise click.UsageError(
'--application-version or --application-version-string'
' required with application image.')
if bootloader is not None and bootloader_version is None:
raise click.UsageError(
"--bootloader-version required with bootloader image.")
# Zigbee only allows App, SoftDevice (minor), bootloader or Softdevice+bootloader
if zigbee:
if sum(bool(x) for x in [application, softdevice, bootloader]) != 1:
click.echo(
'Error: Provide either --application, --softdevice, or --bootloader'
' for Zigbee package generation (not a combination).')
if application is not None and softdevice is not None and sd_id is None:
raise click.UsageError(
"--sd-id required with softdevice and application images.")
if application is None and external_app is True:
raise click.UsageError("--external-app requires an application.")
if application is not None and softdevice is not None and external_app is True:
raise click.UsageError(
"--external-app is only possible for application only DFU packages."
)
if application is not None and bootloader is not None and external_app is True:
raise click.UsageError(
"--external-app is only possible for application only DFU packages."
)
if zigbee and zigbee_ota_hw_version is None:
raise click.UsageError("--zigbee-ota-hw-version is required.")
if zigbee and zigbee_ota_fw_version is None:
zigbee_ota_fw_version = 0
sd_req_list = []
if sd_req is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_req_list = sd_req.split(',')
sd_req_list = list(map(int_as_text_to_int, sd_req_list))
except ValueError:
raise NordicSemiException("Could not parse value for --sd-req. "
"Hex values should be prefixed with 0x.")
sd_id_list = []
if sd_id is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_id_list = sd_id.split(',')
sd_id_list = list(map(int_as_text_to_int, sd_id_list))
# Copy all IDs from sd_id_list to sd_req_list, without duplicates.
# This ensures that the softdevice update can be repeated in case
# SD+(BL)+App update terminates during application update after the
# softdevice was already updated (with new ID). Such update would
# have to be repeated and the softdevice would have to be sent again,
# this time updating itself.
sd_req_list += set(sd_id_list) - set(sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-id. "
"Hex values should be prefixed with 0x.")
else:
sd_id_list = sd_req_list
if key_file is None:
display_nokey_warning()
signer = None
else:
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if zigbee_comment is None:
zigbee_comment = ''
elif any(ord(char) > 127 for char in zigbee_comment
): # Check if all the characters belong to the ASCII range
click.echo(
'Warning: Non-ASCII characters in the comment are not allowed. Discarding comment.'
)
zigbee_comment = ''
elif len(zigbee_comment) > 30:
click.echo('Warning: truncating the comment to 30 bytes.')
zigbee_comment = zigbee_comment[:30]
if zigbee_manufacturer_id is None:
zigbee_manufacturer_id = 0xFFFF
if zigbee_image_type is None:
zigbee_image_type = 0xFFFF
# Set the external_app to false in --zigbee is set
inner_external_app = external_app
if zigbee:
inner_external_app = False
if zigbee_ota_min_hw_version is not None and zigbee_ota_min_hw_version > 0xFFFF:
raise click.BadParameter('Exceeds 2-byte long integer.',
param_hint='zigbee-ota-min-hw-version')
if zigbee_ota_max_hw_version is not None and zigbee_ota_max_hw_version > 0xFFFF:
raise click.BadParameter('Exceeds 2-byte long integer.',
param_hint='zigbee-ota-max-hw-version')
if zigbee and (hw_version > 0xFFFF):
raise click.BadParameter('Exceeds 2-byte long integer.',
param_hint='hw-version')
# Warn user if minimal/maximum zigbee ota hardware version are not correct:
# * only one of them is given
# * minimum version is higher than maximum version
# * hw_version is inside the range specified by minimum and maximum hardware version
if (type(zigbee_ota_min_hw_version) is
int) != (type(zigbee_ota_max_hw_version) is int):
click.echo(
'Warning: min/max zigbee ota hardware version is missing. Discarding min/max hardware version.'
)
elif type(zigbee_ota_min_hw_version) is int:
if zigbee_ota_min_hw_version > zigbee_ota_max_hw_version:
click.echo(
'Warning: zigbee-ota-min-hw-version is higher than zigbee-ota-max-hw-version.'
)
if (hw_version > zigbee_ota_max_hw_version) or (
hw_version < zigbee_ota_min_hw_version):
click.echo(
'Warning: hw-version is outside the specified range specified by zigbee_ota_min_hw_version and zigbee_ota_max_hw_version.'
)
# Generate a DFU package. If --zigbee is set this is the inner DFU package
# which will be used as a binary input to the outer DFU package
package = Package(debug_mode, hw_version, application_version_internal,
bootloader_version, sd_req_list, sd_id_list, application,
bootloader, softdevice, sd_boot_validation,
app_boot_validation, signer, inner_external_app, zigbee,
zigbee_manufacturer_id, zigbee_image_type,
zigbee_comment, zigbee_ota_min_hw_version,
zigbee_ota_max_hw_version)
package.generate_package(zipfile_path)
if zigbee:
from shutil import copyfile
from os import remove
log_message = "Zigbee update created at {0}".format(
package.zigbee_ota_file.filename)
click.echo(log_message)
# Taking the inner Zigbee package as input for the outer DFU package
binfile = package.zigbee_ota_file.filename.replace(".zigbee", ".bin")
copyfile(package.zigbee_ota_file.filename, binfile)
# Create the outer Zigbee DFU package.
package = Package(debug_mode, zigbee_ota_hw_version,
zigbee_ota_fw_version, None, [0xFFFE], [0xFFFE],
binfile, None, None, None, None, signer, True)
package.generate_package(zipfile_path)
remove(binfile)
log_message = "Zip created at {0}".format(zipfile_path)
click.echo(log_message)
def generate(zipfile,
debug_mode,
application,
application_address,
application_version,
application_version_string,
bootloader,
bootloader_version,
hw_version,
sd_req,
softdevice,
key_file):
"""
Generate a zip package for distribution to apps that support Nordic DFU OTA.
The application, bootloader, and SoftDevice files are converted to .bin if supplied as .hex files.
For more information on the generated package, see:
http://developer.nordicsemi.com/nRF5_SDK/doc/
The following combinations are supported by this command:
* BL only: Supported.
* SD only: Supported (SD of same Major Version).
* APP only: Supported.
* BL + SD: Supported.
* BL + APP: Not supported (use two packages instead).
* BL + SD + APP: Supported.
* SD + APP: Supported (SD of same Major Version).
"""
zipfile_path = zipfile
# Check combinations
if bootloader is not None and application is not None and softdevice is None:
click.echo("Error: Invalid combination: use two .zip packages instead.")
return
if debug_mode is None:
debug_mode = False
# The user can specify the application version with two different
# formats. As an integer, e.g. 102130, or as a string
# "10.21.30". Internally we convert to integer.
if application_version_string:
application_version_internal = convert_version_string_to_int(application_version_string)
else:
application_version_internal = application_version
if application_version_internal == 'none':
application_version_internal = None
if bootloader_version == 'none':
bootloader_version = None
if hw_version == 'none':
hw_version = None
# Convert multiple value into a single instance
if len(sd_req) > 1:
click.echo("Please specify SoftDevice requirements as a comma-separated list: --sd-req 0xXXXX,0xYYYY,...")
return
elif len(sd_req) == 0:
sd_req = None
else:
sd_req = sd_req[0]
if sd_req == 'none':
sd_req = None
# Initial consistency checks
if application_version_internal is not None and application is None:
click.echo("Error: Application version with no image.")
return
if bootloader_version is not None and bootloader is None:
click.echo("Error: Bootloader version with no image.")
return
if debug_mode:
display_debug_warning()
# Default to no version checking
if application_version_internal is None:
application_version_internal=Package.DEFAULT_APP_VERSION
if bootloader_version is None:
bootloader_version=Package.DEFAULT_BL_VERSION
if hw_version is None:
hw_version=Package.DEFAULT_HW_VERSION
if sd_req is None:
# Use string as this will be mapped into an int below
sd_req=str(Package.DEFAULT_SD_REQ[0])
# Version checks
if hw_version is None:
click.echo("Error: --hw-version required.")
return
if sd_req is None:
click.echo("Error: --sd-req required.")
return
if application is not None and application_version_internal is None:
click.echo('Error: --application-version or --application-version-string'
'required with application image.')
return
if bootloader is not None and bootloader_version is None:
click.echo("Error: --bootloader-version required with bootloader image.")
return
sd_req_list = []
if sd_req is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_req_list = sd_req.split(',')
sd_req_list = map(int_as_text_to_int, sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-req. "
"Hex values should be prefixed with 0x.")
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
package = Package(debug_mode,
hw_version,
application_version_internal,
bootloader_version,
sd_req_list,
application,
application_address,
bootloader,
softdevice,
key_file)
package.generate_package(zipfile_path)
log_message = "Zip created at {0}".format(zipfile_path)
click.echo(log_message)
def generate(hex_file, family, application, application_version,
application_version_string, bootloader_version,
bl_settings_version, start_address, no_backup, backup_address,
app_boot_validation, sd_boot_validation, softdevice, key_file):
# The user can specify the application version with two different
# formats. As an integer, e.g. 102130, or as a string
# "10.21.30". Internally we convert to integer.
if application_version_string:
application_version_internal = convert_version_string_to_int(
application_version_string)
if application_version:
click.echo(
'Warning: When both application-version-string and application-version are provided, only the string will be used.'
)
else:
application_version_internal = application_version
if application is not None:
if not os.path.isfile(application):
raise click.FileError(application,
hint="Application file not found")
if application_version_internal is None:
raise click.UsageError(
'--application-version or --application-version-string'
' required with application image.')
if (no_backup is not None) and (backup_address is not None):
raise click.BadParameter(
"Bootloader DFU settings backup page cannot be specified if backup is disabled.",
param_hint='backup_address')
if no_backup is None:
no_backup = False
if no_backup is False:
display_settings_backup_warning()
if (start_address is not None) and (backup_address is None):
click.echo(
"WARNING: Using default offset in order to calculate bootloader settings backup page"
)
if bl_settings_version == 1 and (app_boot_validation
or sd_boot_validation):
raise click.BadParameter(
"Bootloader settings version 1 does not support boot validation.",
param_hint='bl_settings_version')
# load signing key (if needed) only once
if 'VALIDATE_ECDSA_P256_SHA256' in (app_boot_validation,
sd_boot_validation):
if not os.path.isfile(key_file):
raise click.UsageError(
"Key file must be given when 'VALIDATE_ECDSA_P256_SHA256' boot validation is used"
)
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
else:
signer = None
if app_boot_validation and not application:
raise click.UsageError(
"--application hex file must be set when using --app_boot_validation"
)
if sd_boot_validation and not softdevice:
raise click.UsageError(
"--softdevice hex file must be set when using --sd_boot_validation"
)
# Default boot validation cases
if app_boot_validation is None and application is not None and bl_settings_version == 2:
app_boot_validation = DEFAULT_BOOT_VALIDATION
if sd_boot_validation is None and softdevice is not None and bl_settings_version == 2:
sd_boot_validation = DEFAULT_BOOT_VALIDATION
sett = BLDFUSettings()
sett.generate(arch=family,
app_file=application,
app_ver=application_version_internal,
bl_ver=bootloader_version,
bl_sett_ver=bl_settings_version,
custom_bl_sett_addr=start_address,
no_backup=no_backup,
backup_address=backup_address,
app_boot_validation_type=app_boot_validation,
sd_boot_validation_type=sd_boot_validation,
sd_file=softdevice,
signer=signer)
sett.tohexfile(hex_file)
click.echo(
"\nGenerated Bootloader DFU settings .hex file and stored it in: {}".
format(hex_file))
click.echo("{0}".format(str(sett)))
def generate(zipfile,
debug_mode,
application,
application_version,
application_version_string,
bootloader,
bootloader_version,
hw_version,
sd_req,
sd_id,
softdevice,
key_file,
zigbee,
zigbee_manufacturer_id,
zigbee_image_type,
zigbee_comment):
"""
Generate a zip package for distribution to apps that support Nordic DFU OTA.
The application, bootloader, and SoftDevice files are converted to .bin if supplied as .hex files.
For more information on the generated package, see:
http://developer.nordicsemi.com/nRF5_SDK/doc/
The following combinations are supported by this command:
* BL only: Supported.
* SD only: Supported (SD of same Major Version).
* APP only: Supported.
* BL + SD: Supported.
* BL + APP: Not supported (use two packages instead).
* BL + SD + APP: Supported.
* SD + APP: Supported (SD of same Major Version).
"""
zipfile_path = zipfile
# Check combinations
if bootloader is not None and application is not None and softdevice is None:
click.echo("Error: Invalid combination: use two .zip packages instead.")
return
if debug_mode is None:
debug_mode = False
# The user can specify the application version with two different
# formats. As an integer, e.g. 102130, or as a string
# "10.21.30". Internally we convert to integer.
if application_version_string:
application_version_internal = convert_version_string_to_int(application_version_string)
else:
application_version_internal = application_version
if application_version_internal == 'none':
application_version_internal = None
if bootloader_version == 'none':
bootloader_version = None
if hw_version == 'none':
hw_version = None
# Convert multiple value into a single instance
if len(sd_req) > 1:
click.echo("Please specify SoftDevice requirements as a comma-separated list: --sd-req 0xXXXX,0xYYYY,...")
return
elif len(sd_req) == 0:
sd_req = None
else:
sd_req = sd_req[0]
if sd_req == 'none':
sd_req = None
if len(sd_id) > 1:
click.echo("Please specify SoftDevice requirements as a comma-separated list: --sd-id 0xXXXX,0xYYYY,...")
return
elif len(sd_id) == 0:
sd_id = None
else:
sd_id = sd_id[0]
if sd_id == 'none':
sd_id = None
# Initial consistency checks
if application_version_internal is not None and application is None:
click.echo("Error: Application version with no image.")
return
if bootloader_version is not None and bootloader is None:
click.echo("Error: Bootloader version with no image.")
return
if debug_mode:
display_debug_warning()
# Default to no version checking
if application_version_internal is None:
application_version_internal=Package.DEFAULT_APP_VERSION
if bootloader_version is None:
bootloader_version=Package.DEFAULT_BL_VERSION
if hw_version is None:
hw_version=Package.DEFAULT_HW_VERSION
if sd_req is None:
# Use string as this will be mapped into an int below
sd_req=str(Package.DEFAULT_SD_REQ[0])
# Version checks
if hw_version is None:
click.echo("Error: --hw-version required.")
return
if sd_req is None:
click.echo("Error: --sd-req required.")
return
if application is not None and application_version_internal is None:
click.echo('Error: --application-version or --application-version-string'
' required with application image.')
return
if bootloader is not None and bootloader_version is None:
click.echo("Error: --bootloader-version required with bootloader image.")
return
if application is not None and softdevice is not None and sd_id is None:
click.echo("Error: --sd-id required with softdevice and application images.")
return
sd_req_list = []
if sd_req is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_req_list = sd_req.split(',')
sd_req_list = map(int_as_text_to_int, sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-req. "
"Hex values should be prefixed with 0x.")
sd_id_list = []
if sd_id is not None:
try:
# This will parse any string starting with 0x as base 16.
sd_id_list = sd_id.split(',')
sd_id_list = map(int_as_text_to_int, sd_id_list)
# Copy all IDs from sd_id_list to sd_req_list, without duplicates.
# This ensures that the softdevice update can be repeated in case
# SD+(BL)+App update terminates during application update after the
# softdevice was already updated (with new ID). Such update would
# have to be repeated and the softdevice would have to be sent again,
# this time updating itself.
sd_req_list += set(sd_id_list) - set(sd_req_list)
except ValueError:
raise NordicSemiException("Could not parse value for --sd-id. "
"Hex values should be prefixed with 0x.")
else:
sd_id_list = sd_req_list
if key_file is None:
display_nokey_warning()
else:
signer = Signing()
default_key = signer.load_key(key_file)
if default_key:
display_sec_warning()
if zigbee_comment is None:
zigbee_comment = ''
elif any(ord(char) > 127 for char in zigbee_comment): # Check if all the characters belong to the ASCII range
click.echo('Warning: Non-ASCII characters in the comment are not allowed. Discarding comment.')
zigbee_comment = ''
elif len(zigbee_comment) > 30:
click.echo('Warning: truncating the comment to 30 bytes.')
zigbee_comment = zigbee_comment[:30]
if zigbee_manufacturer_id is None:
zigbee_manufacturer_id = 0xFFFF
if zigbee_image_type is None:
zigbee_image_type = 0xFFFF
package = Package(debug_mode,
hw_version,
application_version_internal,
bootloader_version,
sd_req_list,
sd_id_list,
application,
bootloader,
softdevice,
key_file,
zigbee,
zigbee_manufacturer_id,
zigbee_image_type,
zigbee_comment)
package.generate_package(zipfile_path)
# Regenerate BLE DFU package for Zigbee DFU purposes.
if zigbee:
from shutil import copyfile
from os import remove
log_message = "Zigbee update created at {0}".format(package.zigbee_ota_file.filename)
click.echo(log_message)
binfile = package.zigbee_ota_file.filename.replace(".zigbee", ".bin")
copyfile(package.zigbee_ota_file.filename, binfile)
package = Package(debug_mode,
hw_version,
application_version_internal,
bootloader_version,
sd_req_list,
sd_id_list,
binfile,
bootloader,
softdevice,
key_file)
package.generate_package(zipfile_path)
remove(binfile)
log_message = "Zip created at {0}".format(zipfile_path)
click.echo(log_message)
