def test_save_memory_doctest(tmppath): path = str(tmppath / 'bytes.hex') blocks = [(offset, bytes(range(offset, offset + 16))) for offset in range(0, 256, 16)] sparse_items = Memory(blocks=blocks) save_memory(path, sparse_items) ans_out = load_memory(path) ans_ref = sparse_items assert ans_out == ans_ref
def get_digest_signature(): memory = hr.load_memory("combined_image.hex") signature = memory[signature_start:(signature_start + 64):b'\xFF'] app_length_bytes = memory[app_length_start:(app_length_start + 4):b'\xFF'] app_length = int.from_bytes(app_length_bytes, byteorder='little') data = memory[boot_start:(app_start + app_length):b'\xFF'] # Hashing the Application binary file bin_file chosen_hash = hashes.SHA256() hasher = hashes.Hash(chosen_hash, crypto_be) hasher.update(data) digest = hasher.finalize() #print("\nApplication digest:") #print(common_helper.pretty_print_hex(digest, indent=' ')) return [digest, signature]
def combine_sign_hex(boot_data, app_data): with open(boot_hex, 'wb') as f: f.write(boot_data.data[0]) f.close() with open(app_hex, 'wb') as f: f.write(app_data.data[0]) f.close() merged_boot_hex = pattern_fill_hex(boot_hex, 'boot') hr.save_blocks("firm_valid.hex", merged_boot_hex) hex_boot_start, hex_boot_length = merged_boot_hex[0] print("Firmware validation binary size:", len(hex_boot_length)) merged_app_hex = pattern_fill_hex(app_hex, 'app') hr.save_blocks("app.hex", merged_app_hex) hex_app_start, hex_app_length = merged_app_hex[0] print("Application binary size:", len(hex_app_length)) #Merge boot hex and app hex into single hex blocks_boot = hr.load_blocks("firm_valid.hex") blocks_app = hr.load_blocks("app.hex") merged = blocks_boot + blocks_app merged.sort() flooded = hb.flood(merged, pattern=b'\xFF') flooded = hb.merge(flooded) hr.save_blocks("combined_image.hex", flooded) memory = hr.load_memory("combined_image.hex") #a, data = data_blocks[0] data = memory[boot_start:(app_start + len(hex_app_length)):b'\xFF'] # Setup cryptography crypto_be = cryptography.hazmat.backends.default_backend() with open(key_file, 'rb') as f: # Loading the private key from key_file private_key = serialization.load_pem_private_key(data=f.read(), password=None, backend=crypto_be) # Hashing the Application binary file bin_file chosen_hash = hashes.SHA256() hasher = hashes.Hash(chosen_hash, crypto_be) hasher.update(data) digest = hasher.finalize() print("\nApplication digest:") print(pretty_print_hex(digest, indent=' ')) # Signing the digest of the Application binary file bin_file sign = private_key.sign(digest, ec.ECDSA(utils.Prehashed(chosen_hash))) # Extract actual Signature bytes r_offset = (sign[3] - 32) + 4 sign_r = sign[r_offset:r_offset + 32] s_offset = (sign[r_offset + 32 + 1] - 32) + (r_offset + 32 + 2) sign_s = sign[s_offset:s_offset + 32] calc_sign = sign_r + sign_s print("\nSuccessfully Signed the firmware digest") print("Calculated signature:") print(str(convert_to_hex_bytes(calc_sign))) memory.write(0x3FC00, calc_sign) memory.write(0x3FD00, len(hex_app_length).to_bytes(4, byteorder='little')) hr.save_memory('combined_image.hex', memory)