def sign_image(toolchain, resourses, elf, binf, m0hex):
"""
Adds signature to a binary file being built,
using cysecuretools python package.
:param toolchain: Toolchain object of current build session
:param binf: Binary file created for target
"""
if m0hex != '':
m0hex_build = os.path.join(toolchain.build_dir,
toolchain.target.hex_filename)
copy2(m0hex, m0hex_build)
m0hex = m0hex_build
# Mapping from mbed target to cysecuretools target
TARGET_MAPPING = {
"CY8CKIT_064B0S2_4343W": "cy8ckit-064b0s2-4343w",
"CY8CPROTO_064B0S1_BLE": "cy8cproto-064b0s1-ble",
"CY8CPROTO_064S1_SB": "cy8cproto-064s1-sb",
"CY8CPROTO_064B0S3": "cy8cproto-064b0s3"
}
try:
secure_target = TARGET_MAPPING[toolchain.target.name]
except KeyError:
raise ConfigException("[PSOC6.sign_image] Target " +
toolchain.target.name +
" is not supported in cysecuretools.")
policy_file = find_policy(toolchain)
toolchain.notify.info("[PSOC6.sign_image] Using policy file: " +
str(policy_file))
import cysecuretools
tools = cysecuretools.CySecureTools(secure_target, str(policy_file))
if str(toolchain.target.boot_scheme) == 'single_image':
toolchain.notify.info("[PSOC6.sign_image] single image signing")
sign_application(toolchain,
tools,
binf,
image_id=toolchain.target.cm0_img_id)
elif str(toolchain.target.boot_scheme) == 'multi_image':
sign_application(toolchain,
tools,
m0hex,
image_id=toolchain.target.cm0_img_id)
sign_application(toolchain,
tools,
binf,
image_id=toolchain.target.cm4_img_id)
complete(toolchain, elf, hexf0=binf, hexf1=m0hex)
else:
raise ConfigException("[PSOC6.sign_image] Boot scheme " + str(toolchain.target.boot_scheme) + \
"is not supported. Supported boot schemes are 'single_image' and 'multi_image' ")
def sign_hex(build_dir, m0hex_filename, target_name, policy, notification,
boot_scheme, cm0_img_id, cm4_img_id, elf, m4hex, m0hex):
"""
Adds signature to a binary file being built,
using cysecuretools python package.
:param build_dir: The build directory
:param m0hex_filename: The file name of the Cortex-M0 hex
:param target_name: The name of the Mbed target
:param policy: The path to the policy file
:param notification: The object to output notification with
:param boot_scheme: The boot scheme
:param cm0_img_id: The Cortex-M0 image identifier
:param cm4_img_id: The Cortex-M4 image identifier
:param elf: An ELF file
:param m4hex: The path to the Cortex-M4 HEX file
:param m0hex: The path to the Cortex-M0 HEX file
"""
# Keep module import here so it is required only if building PSOC6 targets
# that need to be signed
if m0hex != '':
m0hex_build = os.path.join(build_dir, m0hex_filename)
copy2(m0hex, m0hex_build)
m0hex = m0hex_build
# Mapping from mbed target to cysecuretools target
TARGET_MAPPING = {
"CY8CKIT064B0S2_4343W": "cy8ckit-064b0s2-4343w",
"CYTFM_064B0S2_4343W": "cy8ckit-064b0s2-4343w",
"CY8CPROTO_064B0S1_BLE": "cy8cproto-064b0s1-ble",
"CY8CPROTO_064S1_SB": "cy8cproto-064s1-sb",
"CY8CPROTO_064B0S3": "cy8cproto-064b0s3"
}
try:
secure_target = TARGET_MAPPING[target_name]
except KeyError:
raise ConfigException("[PSOC6.sign_image] Target " + target_name +
" is not supported in cysecuretools.")
policy_file = find_policy(policy, notification.info, target_name)
notification.info("[PSOC6.sign_image] Using policy file: " +
str(policy_file))
import cysecuretools
tools = cysecuretools.CySecureTools(secure_target, str(policy_file))
if str(boot_scheme) == 'single_image':
notification.info("[PSOC6.sign_image] single image signing")
sign_application(notification.debug, tools, m4hex, image_id=cm0_img_id)
elif str(boot_scheme) == 'multi_image':
sign_application(notification.debug, tools, m0hex, image_id=cm0_img_id)
sign_application(notification.debug, tools, m4hex, image_id=cm4_img_id)
complete(notification.debug, elf, hexf0=m4hex, hexf1=m0hex)
else:
raise ConfigException("[PSOC6.sign_image] Boot scheme " + str(boot_scheme) + \
"is not supported. Supported boot schemes are 'single_image' and 'multi_image' ")