def efuse_data_create(name, value): efuse_data = bytearray(256) efuse_data_mask = bytearray(256) mask_4bytes = bytearray.fromhex('FFFFFFFF') rw_lock0 = 0 rw_lock1 = 0 if name == 'flash_aes_key': if len(value[0]) == 32: efuse_data[0] |= 1 if len(value[0]) == 48: efuse_data[0] |= 2 if len(value[0]) == 64: efuse_data[0] |= 3 efuse_data_mask[0] |= 15 keydata = bytearray.fromhex(value[0]) efuse_data[keyslot2:keyslot4] = keydata + bytearray(32 - len(keydata)) efuse_data_mask[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_2 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_2 rw_lock0 |= 1 << rd_lock_key_slot_3 if len(value) > 1: keydata = bytearray.fromhex(value[1]) efuse_data[keyslot7:keyslot9] = keydata + bytearray(32 - len(keydata)) efuse_data_mask[keyslot7:keyslot9] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_7 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_7 rw_lock1 |= 1 << rd_lock_key_slot_8 efuse_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_data_mask[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_data[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) efuse_data_mask[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) return ( efuse_data, efuse_data_mask)
def create_partition_table(values): entry_table = bytearray(36 * entry_max) entry_cnt = 0 for i in range(entry_max): entry_type = values[('entry' + str(i + 1) + '_type')] entry_name = values[('entry' + str(i + 1) + '_name')] entry_addr0 = values[('entry' + str(i + 1) + '_addr0')] entry_addr1 = values[('entry' + str(i + 1) + '_addr1')] entry_maxlen0 = values[('entry' + str(i + 1) + '_maxlen0')] entry_maxlen1 = values[('entry' + str(i + 1) + '_maxlen1')] if entry_type != '': entry_table[36 * entry_cnt + 0] = bflb_utils.int_to_2bytearray_l( int(entry_type))[0] if len(entry_name) >= 8: return 'Entry name is too long!' else: entry_table[36 * entry_cnt + 3:36 * entry_cnt + 3 + len(entry_name)] = bflb_utils.get_byte_array( entry_name) entry_table[36 * entry_cnt + 12:36 * entry_cnt + 16] = bflb_utils.int_to_4bytearray_l( int(entry_addr0, 16)) entry_table[36 * entry_cnt + 16:36 * entry_cnt + 20] = bflb_utils.int_to_4bytearray_l( int(entry_addr1, 16)) entry_table[36 * entry_cnt + 20:36 * entry_cnt + 24] = bflb_utils.int_to_4bytearray_l( int(entry_maxlen0, 16)) entry_table[36 * entry_cnt + 24:36 * entry_cnt + 28] = bflb_utils.int_to_4bytearray_l( int(entry_maxlen1, 16)) entry_cnt += 1 pt_table = bytearray(16) pt_table[0] = 66 pt_table[1] = 70 pt_table[2] = 80 pt_table[3] = 84 pt_table[6:8] = bflb_utils.int_to_2bytearray_l(int(entry_cnt)) pt_table[12:16] = bflb_utils.get_crc32_bytearray(pt_table[0:12]) entry_table[36 * entry_cnt:36 * entry_cnt + 4] = bflb_utils.get_crc32_bytearray(entry_table[0:36 * entry_cnt]) data = pt_table + entry_table[0:36 * entry_cnt + 4] fp = open(partition_path, 'wb+') fp.write(data) fp.close() return True
def __create_pt_table_do(self, lists, file): entry_table = bytearray(36 * self.entry_max) entry_cnt = 0 for item in lists: entry_type = item['type'] entry_name = item['name'] entry_device = item['device'] entry_addr0 = item['address0'] entry_addr1 = item['address1'] entry_maxlen0 = item['size0'] entry_maxlen1 = item['size1'] entry_len = item['len'] entry_table[36 * entry_cnt + 0] = bflb_utils.int_to_2bytearray_l(entry_type)[0] if len(entry_name) >= 8: bflb_utils.printf('Entry name is too long!') return False else: entry_table[36 * entry_cnt + 3:36 * entry_cnt + 3 + len(entry_name)] = bytearray( entry_name, 'utf-8') + bytearray(0) entry_table[36 * entry_cnt + 12:36 * entry_cnt + 16] = bflb_utils.int_to_4bytearray_l(entry_addr0) entry_table[36 * entry_cnt + 16:36 * entry_cnt + 20] = bflb_utils.int_to_4bytearray_l(entry_addr1) entry_table[36 * entry_cnt + 20:36 * entry_cnt + 24] = bflb_utils.int_to_4bytearray_l(entry_maxlen0) entry_table[36 * entry_cnt + 24:36 * entry_cnt + 28] = bflb_utils.int_to_4bytearray_l(entry_maxlen1) entry_cnt += 1 pt_table = bytearray(16) pt_table[0] = 66 pt_table[1] = 70 pt_table[2] = 80 pt_table[3] = 84 pt_table[6:8] = bflb_utils.int_to_2bytearray_l(int(entry_cnt)) pt_table[12:16] = bflb_utils.get_crc32_bytearray(pt_table[0:12]) entry_table[36 * entry_cnt:36 * entry_cnt + 4] = bflb_utils.get_crc32_bytearray(entry_table[0:36 * entry_cnt]) data = pt_table + entry_table[0:36 * entry_cnt + 4] fp = open(file, 'wb+') fp.write(data) fp.close() return True
def if_raw_read32(self, addr, data_len): raw_data = self._jlink.memory_read((int(addr, 16)), (data_len / 4), nbits=32) data = bytearray(0) for tmp in raw_data: data += bflb_utils.int_to_4bytearray_l(tmp) return bytearray(data)
def update_data_from_cfg(config_keys, config_file, section): bflb_utils.printf('Updating data according to <' + config_file + '[' + section + ']>') cfg = bflb_utils.BFConfigParser() cfg.read(config_file) filelen = 0 for key in config_keys: offset = int(config_keys.get(key)['offset'], 10) if offset > filelen: filelen = offset filelen += 4 bflb_utils.printf('Created file len:' + str(filelen)) data = bytearray(filelen) data_mask = bytearray(filelen) for key in cfg.options(section): if config_keys.get(key) == None: bflb_utils.printf(key + ' not exist') continue else: val = cfg.get(section, key) if val.startswith('0x'): val = int(val, 16) else: val = int(val, 10) offset = int(config_keys.get(key)['offset'], 10) pos = int(config_keys.get(key)['pos'], 10) bitlen = int(config_keys.get(key)['bitlen'], 10) oldval = bflb_utils.bytearray_to_int(bflb_utils.bytearray_reverse(data[offset:offset + 4])) oldval_mask = bflb_utils.bytearray_to_int(bflb_utils.bytearray_reverse(data_mask[offset:offset + 4])) newval = (oldval & get_int_mask(pos, bitlen)) + (val << pos) if val != 0: newval_mask = oldval_mask | ~get_int_mask(pos, bitlen) else: newval_mask = oldval_mask data[offset:offset + 4] = bflb_utils.int_to_4bytearray_l(newval) data_mask[offset:offset + 4] = bflb_utils.int_to_4bytearray_l(newval_mask) return (data, data_mask)
def img_create_update_bootheader(bootheader_data, hash, seg_cnt): bootheader_data[120:124] = bflb_utils.int_to_4bytearray_l(seg_cnt) sign, encrypt, key_sel = img_create_get_sign_encrypt_info(bootheader_data) if img_create_get_hash_ignore(bootheader_data) == 1 and sign == 0: bflb_utils.printf('Hash ignored') else: bootheader_data[132:164] = hash if img_create_get_crc_ignore(bootheader_data) == 1: bflb_utils.printf('Header crc ignored') else: hd_crcarray = bflb_utils.get_crc32_bytearray(bootheader_data[0:172]) bootheader_data[172:176] = hd_crcarray bflb_utils.printf('Header crc: ', binascii.hexlify(hd_crcarray)) return bootheader_data[0:176]
def efuse_data_create(name, value): efuse_data = bytearray(128) efuse_data_mask = bytearray(128) mask_4bytes = bytearray.fromhex('FFFFFFFF') rw_lock = 0 if name == 'flash_aes_key': if len(value[0]) == 32: efuse_data[0] |= 1 if len(value[0]) == 48: efuse_data[0] |= 2 if len(value[0]) == 64: efuse_data[0] |= 3 efuse_data[0] |= 128 efuse_data_mask[0] |= 255 keydata = bytearray.fromhex(value[0]) efuse_data[keyslot2:keyslot4] = keydata + bytearray(32 - len(keydata)) efuse_data_mask[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock |= 1 << wr_lock_key_slot_2 rw_lock |= 1 << wr_lock_key_slot_3 rw_lock |= 1 << rd_lock_key_slot_2 rw_lock |= 1 << rd_lock_key_slot_3 efuse_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock) efuse_data_mask[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock) return (efuse_data, efuse_data_mask)
def img_create_sign_data(data_bytearray, privatekey_file_uecc, publickey_file): sk = ecdsa.SigningKey.from_pem(open(privatekey_file_uecc).read()) vk = ecdsa.VerifyingKey.from_pem(open(publickey_file).read()) pk_data = vk.to_string() bflb_utils.printf('Private key: ', binascii.hexlify(sk.to_string())) bflb_utils.printf('Public key: ', binascii.hexlify(pk_data)) pk_hash = img_create_sha256_data(pk_data) bflb_utils.printf('Public key hash=', binascii.hexlify(pk_hash)) signature = sk.sign(data_bytearray, hashfunc=(hashlib.sha256), sigencode=(ecdsa.util.sigencode_string)) bflb_utils.printf('Signature=', binascii.hexlify(signature)) len_array = bflb_utils.int_to_4bytearray_l(len(signature)) sig_field = len_array + signature crcarray = bflb_utils.get_crc32_bytearray(sig_field) return ( pk_data, pk_hash, sig_field + crcarray)
def if_raw_read(self, addr, data_len): addr_int = int(addr, 16) if addr_int % 4 == 0: len2 = data_len % 4 len1 = data_len - len2 data1 = bytearray(0) data2 = bytearray(0) if len1 != 0: data1 = self._jlink.memory_read(addr_int, (int(len1 / 4)), nbits=32) if len2 != 0: data2 = self._jlink.memory_read((addr_int + len1), len2, nbits=8) data = bytearray(0) for tmp in data1: data += bflb_utils.int_to_4bytearray_l(tmp) data += bytearray(data2) return data return self.if_raw_read8(addr, data_len)
def img_update_efuse(sign, pk_hash, flash_encryp_type, flash_key, sec_eng_key_sel, sec_eng_key): global cfg fp = open(cfg.get('Img_Cfg', 'efuse_file'), 'rb') efuse_data = bytearray(fp.read()) + bytearray(0) fp.close() fp = open(cfg.get('Img_Cfg', 'efuse_mask_file'), 'rb') efuse_mask_data = bytearray(fp.read()) + bytearray(0) fp.close() mask_4bytes = bytearray.fromhex('FFFFFFFF') efuse_data[0] |= flash_encryp_type efuse_data[0] |= sign << 2 if flash_encryp_type > 0: efuse_data[0] |= 128 efuse_mask_data[0] |= 255 rw_lock = 0 if pk_hash != None: efuse_data[keyslot0:keyslot2] = pk_hash efuse_mask_data[keyslot0:keyslot2] = mask_4bytes * 8 rw_lock |= 1 << wr_lock_key_slot_0 rw_lock |= 1 << wr_lock_key_slot_1 if flash_key != None: if flash_encryp_type == 1: efuse_data[keyslot2:keyslot4] = flash_key efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 elif flash_encryp_type == 2: efuse_data[keyslot2:keyslot4] = flash_key efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 elif flash_encryp_type == 3: efuse_data[keyslot2:keyslot4] = flash_key efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock |= 1 << wr_lock_key_slot_2 rw_lock |= 1 << wr_lock_key_slot_3 rw_lock |= 1 << rd_lock_key_slot_2 rw_lock |= 1 << rd_lock_key_slot_3 if sec_eng_key != None: if flash_encryp_type == 0: if sec_eng_key_sel == 0: efuse_data[keyslot2:keyslot3] = sec_eng_key[16:32] efuse_data[keyslot3:keyslot4] = sec_eng_key[0:16] efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock |= 1 << wr_lock_key_slot_2 rw_lock |= 1 << wr_lock_key_slot_3 rw_lock |= 1 << rd_lock_key_slot_2 rw_lock |= 1 << rd_lock_key_slot_3 if sec_eng_key_sel == 1: efuse_data[keyslot3:keyslot4] = sec_eng_key[16:32] efuse_data[keyslot2:keyslot3] = sec_eng_key[0:16] efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock |= 1 << wr_lock_key_slot_2 rw_lock |= 1 << wr_lock_key_slot_3 rw_lock |= 1 << rd_lock_key_slot_2 rw_lock |= 1 << rd_lock_key_slot_3 if flash_encryp_type == 1: if sec_eng_key_sel == 0: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock |= 1 << wr_lock_key_slot_4_l rw_lock |= 1 << wr_lock_key_slot_4_h rw_lock |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 1: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock |= 1 << wr_lock_key_slot_4_l rw_lock |= 1 << wr_lock_key_slot_4_h rw_lock |= 1 << rd_lock_key_slot_4 efuse_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock) efuse_mask_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock) fp = open(cfg.get('Img_Cfg', 'efuse_file'), 'wb+') fp.write(efuse_data) fp.close() fp = open(cfg.get('Img_Cfg', 'efuse_mask_file'), 'wb+') fp.write(efuse_mask_data) fp.close()
def img_creat_process(flash_img): global encrypt_key encrypt_blk_size = 16 padding = bytearray(encrypt_blk_size) data_tohash = bytearray(0) ret = 'OK' cfg_section = 'Img_Cfg' segheader_file = [] if flash_img == 0: for files in cfg.get(cfg_section, 'segheader_file').split(' '): segheader_file.append(str(files)) segdata_file = [] for files in cfg.get(cfg_section, 'segdata_file').split(' '): segdata_file.append(str(files)) if flash_img == 1: break boot_header_file = cfg.get(cfg_section, 'boot_header_file') bootheader_data = img_create_read_file_append_crc(boot_header_file, 0) encrypt = 0 sign, encrypt, key_sel = img_create_get_sign_encrypt_info(bootheader_data) aesiv_data = bytearray(0) pk_data = bytearray(0) if sign != 0: bflb_utils.printf('Image need sign') publickey_file = cfg.get(cfg_section, 'publickey_file') privatekey_file_uecc = cfg.get(cfg_section, 'privatekey_file_uecc') if encrypt != 0: bflb_utils.printf('Image need encrypt ', encrypt) encrypt_key_org = bflb_utils.hexstr_to_bytearray( cfg.get(cfg_section, 'aes_key_org')) if encrypt == 1: encrypt_key = encrypt_key_org[0:16] elif encrypt == 2: encrypt_key = encrypt_key_org[0:32] elif encrypt == 3: encrypt_key = encrypt_key_org[0:24] bflb_utils.printf('Key= ', binascii.hexlify(encrypt_key)) encrypt_iv = bflb_utils.hexstr_to_bytearray( cfg.get(cfg_section, 'aes_iv')) iv_crcarray = bflb_utils.get_crc32_bytearray(encrypt_iv) aesiv_data = encrypt_iv + iv_crcarray data_tohash = data_tohash + aesiv_data seg_cnt = len(segheader_file) if flash_img == 0: if seg_cnt != len(segdata_file): bflb_utils.printf('Segheader count and segdata count not match') return ('FAIL', data_tohash) data_toencrypt = bytearray(0) if flash_img == 0: i = 0 seg_header_list = [] seg_data_list = [] while i < seg_cnt: seg_data = img_create_read_file_append_crc(segdata_file[i], 0) padding_size = 0 if len(seg_data) % encrypt_blk_size != 0: padding_size = encrypt_blk_size - len( seg_data) % encrypt_blk_size seg_data += padding[0:padding_size] else: segdata_crcarray = bflb_utils.get_crc32_bytearray(seg_data) seg_data_list.append(seg_data) seg_header = img_create_read_file_append_crc( segheader_file[i], 0) seg_header = img_create_update_segheader( seg_header, bflb_utils.int_to_4bytearray_l(len(seg_data)), segdata_crcarray) segheader_crcarray = bflb_utils.get_crc32_bytearray(seg_header) seg_header = seg_header + segheader_crcarray seg_header_list.append(seg_header) i = i + 1 i = 0 while i < seg_cnt: data_toencrypt += seg_header_list[i] data_toencrypt += seg_data_list[i] i += 1 else: seg_data = img_create_read_file_append_crc(segdata_file[0], 0) padding_size = 0 if len(seg_data) % encrypt_blk_size != 0: padding_size = encrypt_blk_size - len(seg_data) % encrypt_blk_size seg_data += padding[0:padding_size] data_toencrypt += seg_data seg_cnt = len(data_toencrypt) if encrypt != 0: data_toencrypt = img_create_encrypt_data(data_toencrypt, encrypt_key, encrypt_iv, flash_img) fw_data = bytearray(0) data_tohash += data_toencrypt fw_data = data_toencrypt hash = img_create_sha256_data(data_tohash) bflb_utils.printf('Image hash is ', binascii.hexlify(hash)) bootheader_data = img_create_update_bootheader(bootheader_data, hash, seg_cnt) signature = bytearray(0) pk_hash = None if sign == 1: pk_data, pk_hash, signature = img_create_sign_data( data_tohash, privatekey_file_uecc, publickey_file) pk_data = pk_data + bflb_utils.get_crc32_bytearray(pk_data) if flash_img == 1: bflb_utils.printf('Write flash img') bootinfo_file_name = cfg.get(cfg_section, 'bootinfo_file') fp = open(bootinfo_file_name, 'wb+') bootinfo = bootheader_data + pk_data + signature + aesiv_data fp.write(bootinfo) fp.close() fw_file_name = cfg.get(cfg_section, 'img_file') fp = open(fw_file_name, 'wb+') fp.write(fw_data) fp.close() fw_data_hash = img_create_sha256_data(fw_data) fp = open(fw_file_name.replace('.bin', '_withhash.bin'), 'wb+') fp.write(fw_data + fw_data_hash) fp.close() if encrypt != 0: if encrypt == 1: img_update_efuse( sign, pk_hash, 1, encrypt_key + bytearray(32 - len(encrypt_key)), key_sel, None) if encrypt == 2: img_update_efuse( sign, pk_hash, 3, encrypt_key + bytearray(32 - len(encrypt_key)), key_sel, None) if encrypt == 3: img_update_efuse( sign, pk_hash, 2, encrypt_key + bytearray(32 - len(encrypt_key)), key_sel, None) else: img_update_efuse(sign, pk_hash, encrypt, None, key_sel, None) else: bflb_utils.printf('Write if img') whole_img_file_name = cfg.get(cfg_section, 'whole_img_file') fp = open(whole_img_file_name, 'wb+') img_data = bootheader_data + pk_data + signature + aesiv_data + fw_data fp.write(img_data) fp.close() if encrypt != 0: if encrypt == 1: img_update_efuse( sign, pk_hash, 1, None, key_sel, encrypt_key + bytearray(32 - len(encrypt_key))) if encrypt == 2: img_update_efuse( sign, pk_hash, 3, None, key_sel, encrypt_key + bytearray(32 - len(encrypt_key))) if encrypt == 3: img_update_efuse( sign, pk_hash, 2, None, key_sel, encrypt_key + bytearray(32 - len(encrypt_key))) else: img_update_efuse(sign, pk_hash, 0, None, key_sel, bytearray(32)) return ('OK', data_tohash)
def img_update_efuse_cpu1(sign, pk_hash, flash_encryp_type, flash_key, sec_eng_key_sel, sec_eng_key): fp = open_file(cfg.get('Img_CPU1_Cfg', 'efuse_file'), 'rb') efuse_data = bytearray(fp.read()) + bytearray(0) fp.close() fp = open_file(cfg.get('Img_CPU1_Cfg', 'efuse_mask_file'), 'rb') efuse_mask_data = bytearray(fp.read()) + bytearray(0) fp.close() mask_4bytes = bytearray.fromhex('FFFFFFFF') efuse_data[0] |= flash_encryp_type efuse_data[0] |= sign << 2 efuse_mask_data[0] |= 15 rw_lock0 = 0 rw_lock1 = 0 if pk_hash != None: efuse_data[keyslot5:keyslot5 + 16] = pk_hash[0:16] efuse_mask_data[keyslot5:keyslot5 + 16] = mask_4bytes * 4 efuse_data[keyslot6:keyslot7] = pk_hash[16:32] efuse_mask_data[keyslot6:keyslot7] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_5 rw_lock1 |= 1 << wr_lock_key_slot_6 if flash_key != None: efuse_data[keyslot7:keyslot9] = flash_key efuse_mask_data[keyslot7:keyslot9] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_7 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_7 rw_lock1 |= 1 << rd_lock_key_slot_8 if sec_eng_key != None: if flash_encryp_type == 0: if sec_eng_key_sel == 0: efuse_data[keyslot8:keyslot9] = sec_eng_key[16:32] efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot8:keyslot10] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_9 if sec_eng_key_sel == 1: efuse_data[keyslot9:keyslot10] = sec_eng_key[16:32] efuse_data[keyslot10:keyslot11] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot11] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << wr_lock_key_slot_10 rw_lock1 |= 1 << rd_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_10 if sec_eng_key_sel == 2: efuse_data[keyslot10:keyslot11] = sec_eng_key[16:32] efuse_data[keyslot11:keyslot12] = sec_eng_key[0:16] efuse_mask_data[keyslot10:keyslot12] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_10 rw_lock1 |= 1 << wr_lock_key_slot_11 rw_lock1 |= 1 << rd_lock_key_slot_10 rw_lock1 |= 1 << rd_lock_key_slot_11 if sec_eng_key_sel == 3: efuse_data[keyslot11:keyslot12] = sec_eng_key[16:32] efuse_data[keyslot8:keyslot9] = sec_eng_key[0:16] efuse_mask_data[keyslot8:keyslot9] = mask_4bytes * 4 efuse_mask_data[keyslot11:keyslot12] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << wr_lock_key_slot_11 rw_lock1 |= 1 << rd_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_11 if flash_encryp_type == 1: if sec_eng_key_sel == 0: efuse_data[keyslot8:keyslot9] = sec_eng_key[16:32] efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot8:keyslot10] = mask_4bytes * 8 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_9 if sec_eng_key_sel == 1: efuse_data[keyslot9:keyslot10] = sec_eng_key[16:32] efuse_data[keyslot11:keyslot12] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot10] = mask_4bytes * 4 efuse_mask_data[keyslot11:keyslot12] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << wr_lock_key_slot_11 rw_lock1 |= 1 << rd_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_11 if sec_eng_key_sel == 2: efuse_data[keyslot11:keyslot12] = sec_eng_key[16:32] efuse_data[keyslot8:keyslot9] = sec_eng_key[0:16] efuse_mask_data[keyslot8:keyslot9] = mask_4bytes * 4 efuse_mask_data[keyslot11:keyslot12] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << wr_lock_key_slot_11 rw_lock1 |= 1 << rd_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_11 if sec_eng_key_sel == 3: efuse_data[keyslot8:keyslot9] = sec_eng_key[16:32] efuse_data[keyslot11:keyslot12] = sec_eng_key[0:16] efuse_mask_data[keyslot8:keyslot9] = mask_4bytes * 4 efuse_mask_data[keyslot11:keyslot12] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_8 rw_lock1 |= 1 << wr_lock_key_slot_11 rw_lock1 |= 1 << rd_lock_key_slot_8 rw_lock1 |= 1 << rd_lock_key_slot_11 if flash_encryp_type == 2 or (flash_encryp_type == 3): if sec_eng_key_sel == 0: efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot10] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_9 if sec_eng_key_sel == 1: efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot10] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_9 if sec_eng_key_sel == 2: efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot10] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_9 if sec_eng_key_sel == 3: efuse_data[keyslot9:keyslot10] = sec_eng_key[0:16] efuse_mask_data[keyslot9:keyslot10] = mask_4bytes * 4 rw_lock1 |= 1 << wr_lock_key_slot_9 rw_lock1 |= 1 << rd_lock_key_slot_9 efuse_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_mask_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_data[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) efuse_mask_data[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) fp = open_file(cfg.get('Img_CPU1_Cfg', 'efuse_file'), 'wb+') fp.write(efuse_data) fp.close() fp = open_file(cfg.get('Img_CPU1_Cfg', 'efuse_mask_file'), 'wb+') fp.write(efuse_mask_data) fp.close()
def img_update_efuse_cpu0(sign, pk_hash, flash_encryp_type, flash_key, sec_eng_key_sel, sec_eng_key): fp = open_file(cfg.get('Img_CPU0_Cfg', 'efuse_file'), 'rb') efuse_data = bytearray(fp.read()) + bytearray(0) fp.close() fp = open_file(cfg.get('Img_CPU0_Cfg', 'efuse_mask_file'), 'rb') efuse_mask_data = bytearray(fp.read()) + bytearray(0) fp.close() mask_4bytes = bytearray.fromhex('FFFFFFFF') efuse_data[0] |= flash_encryp_type efuse_data[0] |= sign << 2 efuse_mask_data[0] |= 15 rw_lock0 = 0 rw_lock1 = 0 if pk_hash != None: efuse_data[keyslot0:keyslot2] = pk_hash efuse_mask_data[keyslot0:keyslot2] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_0 rw_lock0 |= 1 << wr_lock_key_slot_1 if flash_key != None: efuse_data[keyslot2:keyslot4] = flash_key efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_2 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_2 rw_lock0 |= 1 << rd_lock_key_slot_3 if sec_eng_key != None: if flash_encryp_type == 0: if sec_eng_key_sel == 0: efuse_data[keyslot2:keyslot3] = sec_eng_key[16:32] efuse_data[keyslot3:keyslot4] = sec_eng_key[0:16] efuse_mask_data[keyslot2:keyslot4] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_2 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_2 rw_lock0 |= 1 << rd_lock_key_slot_3 if sec_eng_key_sel == 1: efuse_data[keyslot3:keyslot4] = sec_eng_key[16:32] efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot3:keyslot5] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 2: efuse_data[keyslot4:keyslot5] = sec_eng_key[16:32] efuse_data[keyslot7:keyslot8] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 efuse_mask_data[keyslot7:keyslot8] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock1 |= 1 << wr_lock_key_slot_7 rw_lock0 |= 1 << rd_lock_key_slot_4 rw_lock1 |= 1 << rd_lock_key_slot_7 if sec_eng_key_sel == 3: efuse_data[keyslot7:keyslot8] = sec_eng_key[16:32] efuse_data[keyslot2:keyslot3] = sec_eng_key[0:16] efuse_mask_data[keyslot7:keyslot8] = mask_4bytes * 4 efuse_mask_data[keyslot2:keyslot3] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_2 rw_lock1 |= 1 << wr_lock_key_slot_7 rw_lock0 |= 1 << rd_lock_key_slot_2 rw_lock1 |= 1 << rd_lock_key_slot_7 if flash_encryp_type == 1: if sec_eng_key_sel == 0: efuse_data[keyslot3:keyslot4] = sec_eng_key[16:32] efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot3:keyslot5] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 1: efuse_data[keyslot4:keyslot5] = sec_eng_key[16:32] efuse_data[keyslot3:keyslot4] = sec_eng_key[0:16] efuse_mask_data[keyslot3:keyslot5] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 2: efuse_data[keyslot3:keyslot4] = sec_eng_key[16:32] efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot3:keyslot5] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 3: efuse_data[keyslot4:keyslot5] = sec_eng_key[16:32] efuse_data[keyslot3:keyslot4] = sec_eng_key[0:16] efuse_mask_data[keyslot3:keyslot5] = mask_4bytes * 8 rw_lock0 |= 1 << wr_lock_key_slot_3 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_3 rw_lock0 |= 1 << rd_lock_key_slot_4 if flash_encryp_type == 2 or (flash_encryp_type == 3): if sec_eng_key_sel == 0: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 1: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 2: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_4 if sec_eng_key_sel == 3: efuse_data[keyslot4:keyslot5] = sec_eng_key[0:16] efuse_mask_data[keyslot4:keyslot5] = mask_4bytes * 4 rw_lock0 |= 1 << wr_lock_key_slot_4 rw_lock0 |= 1 << rd_lock_key_slot_4 efuse_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_mask_data[124:128] = bflb_utils.int_to_4bytearray_l(rw_lock0) efuse_data[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) efuse_mask_data[252:256] = bflb_utils.int_to_4bytearray_l(rw_lock1) fp = open_file(cfg.get('Img_CPU0_Cfg', 'efuse_file'), 'wb+') fp.write(efuse_data) fp.close() fp = open_file(cfg.get('Img_CPU0_Cfg', 'efuse_mask_file'), 'wb+') fp.write(efuse_mask_data) fp.close()