mirror of https://github.com/rusefi/hex2dfu.git
new version 1.2
New feature added -e & -P to place in binary extra data.
This commit is contained in:
Krzysztof Rutecki
parent
56a97615e2
commit
5f4f2be865
10
README.md
10
README.md
|
|
@ -51,6 +51,16 @@ Using
|
||||||
|
|
||||||
hex2dfu.exe -i infile.hex -o outfile.dfu -c 0x08011000 -S d4411fa9d5cb6f91b7bd18e4ab41e7d03bf37e1d738c12b923ef0f09de90e6cf
|
hex2dfu.exe -i infile.hex -o outfile.dfu -c 0x08011000 -S d4411fa9d5cb6f91b7bd18e4ab41e7d03bf37e1d738c12b923ef0f09de90e6cf
|
||||||
|
|
||||||
|
|
||||||
|
5. Like above but extra data (-P) are added:
|
||||||
|
|
||||||
|
hex2dfu.exe -i infile.hex -o outfile.dfu -c 0x08011000 -S d4411fa9d5cb6f91b7bd18e4ab41e7d03bf37e1d738c12b923ef0f09de90e6cf -e -P DEADBEEF
|
||||||
|
|
||||||
|
|
||||||
|
6. Like above but additional data are public key based on signing secret:
|
||||||
|
|
||||||
|
hex2dfu.exe -i infile.hex -o outfile.dfu -c 0x08011000 -S d4411fa9d5cb6f91b7bd18e4ab41e7d03bf37e1d738c12b923ef0f09de90e6cf -e
|
||||||
|
|
||||||
|
|
||||||
Automated CRC32 generation in very usefull when custom bootloader is in use. We can check firmware at every MCU boot and execute only when file ingerrity is authenticated. Otherwise performe failover (e.g. start USB bootloader).
|
Automated CRC32 generation in very usefull when custom bootloader is in use. We can check firmware at every MCU boot and execute only when file ingerrity is authenticated. Otherwise performe failover (e.g. start USB bootloader).
|
||||||
|
|
||||||
|
|
|
||||||
51
hex2dfu.c
51
hex2dfu.c
|
|
@ -38,7 +38,8 @@ int main (int argc, char **argv) {
|
||||||
unsigned char hash_buf[64];
|
unsigned char hash_buf[64];
|
||||||
sha512_context hash;
|
sha512_context hash;
|
||||||
unsigned char *ed25519_secret = NULL;
|
unsigned char *ed25519_secret = NULL;
|
||||||
unsigned char public_key[32], private_key[64], signature[64];
|
unsigned char *ed25519_public = NULL, ed25519_public_add = 0;
|
||||||
|
unsigned char public_key[32], private_key[64], signature[64], public_key_publisher[32];
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
unsigned int tar0_start_address;
|
unsigned int tar0_start_address;
|
||||||
|
|
@ -50,7 +51,7 @@ int main (int argc, char **argv) {
|
||||||
unsigned int crc = 0, tmp, add_crc32 = 0;
|
unsigned int crc = 0, tmp, add_crc32 = 0;
|
||||||
|
|
||||||
opterr = 0;
|
opterr = 0;
|
||||||
while ((c = getopt (argc, argv, "hv:p:d:i:l:o:c:S:")) != -1) {
|
while ((c = getopt (argc, argv, "hv:p:d:i:l:o:c:S:P:e")) != -1) {
|
||||||
switch (c) {
|
switch (c) {
|
||||||
case 'i': //target0 input file name
|
case 'i': //target0 input file name
|
||||||
tar0 = optarg;
|
tar0 = optarg;
|
||||||
|
|
@ -70,12 +71,28 @@ int main (int argc, char **argv) {
|
||||||
case 'c': //place crc32 at this address
|
case 'c': //place crc32 at this address
|
||||||
add_crc32 = strtol (optarg, NULL, 16);
|
add_crc32 = strtol (optarg, NULL, 16);
|
||||||
break;
|
break;
|
||||||
case 'S': //ED25519 secret, hex
|
case 'S': //ED25519 secret (signing key), hex
|
||||||
#ifndef ED25519_SUPPORT
|
#ifndef ED25519_SUPPORT
|
||||||
fprintf (stderr, "Code signing not supported!\n");
|
fprintf (stderr, "Code signing not supported!\n");
|
||||||
return 1;
|
return 1;
|
||||||
#else
|
#else
|
||||||
ed25519_secret = optarg;
|
ed25519_secret = optarg;
|
||||||
|
#endif
|
||||||
|
break;
|
||||||
|
case 'P': //ED25519 publisher public, hex
|
||||||
|
#ifndef ED25519_SUPPORT
|
||||||
|
fprintf (stderr, "Code signing not supported!\n");
|
||||||
|
return 1;
|
||||||
|
#else
|
||||||
|
ed25519_public = optarg;
|
||||||
|
#endif
|
||||||
|
break;
|
||||||
|
case 'e':
|
||||||
|
#ifndef ED25519_SUPPORT
|
||||||
|
fprintf (stderr, "Code signing not supported!\n");
|
||||||
|
return 1;
|
||||||
|
#else
|
||||||
|
ed25519_public_add = 1;
|
||||||
#endif
|
#endif
|
||||||
break;
|
break;
|
||||||
case 'o': //output file name
|
case 'o': //output file name
|
||||||
|
|
@ -109,7 +126,18 @@ int main (int argc, char **argv) {
|
||||||
perror ("ED25519 'secret' have to be 32bytes long.\n");
|
perror ("ED25519 'secret' have to be 32bytes long.\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
ed25519_create_keypair(public_key, private_key, ed25519_secret);
|
ed25519_create_keypair(public_key, private_key, ed25519_secret);
|
||||||
|
|
||||||
|
if (ed25519_public) {
|
||||||
|
c = hex2bin(public_key_publisher, ed25519_public, strlen(ed25519_public));
|
||||||
|
if (c != 32) {
|
||||||
|
perror ("ED25519 'public' have to be 32bytes long.\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
memmove(public_key_publisher, public_key, 32);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
@ -142,17 +170,26 @@ int main (int argc, char **argv) {
|
||||||
memmove(tar0_buf+add_crc32+0x10, signature, 64);
|
memmove(tar0_buf+add_crc32+0x10, signature, 64);
|
||||||
memmove(tar0_buf+add_crc32+0x10+64, public_key, 32);
|
memmove(tar0_buf+add_crc32+0x10+64, public_key, 32);
|
||||||
|
|
||||||
printf("ED25519 PublicKey: ");
|
printf("Signing PublicKey: ");
|
||||||
for(c=0; c<32; c++) {
|
for(c=0; c<32; c++) {
|
||||||
printf("%02x", (unsigned char)public_key[c]);
|
printf("%02x", (unsigned char)public_key[c]);
|
||||||
}
|
}
|
||||||
printf("\r\n");
|
printf("\r\n");
|
||||||
|
|
||||||
printf("ED25519 Signature: ");
|
printf("Signature: ");
|
||||||
for(c=0; c<64; c++) {
|
for(c=0; c<64; c++) {
|
||||||
printf("%02x", (unsigned char)signature[c]);
|
printf("%02x", (unsigned char)signature[c]);
|
||||||
}
|
}
|
||||||
printf("\r\n");
|
printf("\r\n");
|
||||||
|
|
||||||
|
if (ed25519_public_add) {
|
||||||
|
memmove(tar0_buf+add_crc32+0x10+64+32, public_key_publisher, 32);
|
||||||
|
printf("Publisher PublicKey: ");
|
||||||
|
for(c=0; c<32; c++) {
|
||||||
|
printf("%02x", (unsigned char)public_key_publisher[c]);
|
||||||
|
}
|
||||||
|
printf("\r\n");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
crc = crc32(0, tar0_buf, add_crc32); //calc CRC upto placement address
|
crc = crc32(0, tar0_buf, add_crc32); //calc CRC upto placement address
|
||||||
|
|
@ -248,7 +285,7 @@ int main (int argc, char **argv) {
|
||||||
}
|
}
|
||||||
|
|
||||||
void print_help(void) {
|
void print_help(void) {
|
||||||
printf("STM32 hex2dfu version 1.1\r\n");
|
printf("STM32 hex2dfu version 1.2\r\n");
|
||||||
printf("(c) Encedo Ltd 2013-2015\r\n");
|
printf("(c) Encedo Ltd 2013-2015\r\n");
|
||||||
printf("Options:\r\n");
|
printf("Options:\r\n");
|
||||||
printf("-c - place CRC23 under this addres (optional)\r\n");
|
printf("-c - place CRC23 under this addres (optional)\r\n");
|
||||||
|
|
@ -258,6 +295,8 @@ void print_help(void) {
|
||||||
printf("-l - Target0 name (optional, default: EncedoKey)\r\n");
|
printf("-l - Target0 name (optional, default: EncedoKey)\r\n");
|
||||||
printf("-o - output DFU file name (mandatory)\r\n");
|
printf("-o - output DFU file name (mandatory)\r\n");
|
||||||
printf("-S - ED25519 'secret' to sign the code (optional)\r\n");
|
printf("-S - ED25519 'secret' to sign the code (optional)\r\n");
|
||||||
|
printf("-P - Publisher ED25519 'public' to verify firmware sign (optional)\r\n");
|
||||||
|
printf("-e - add Publisher ED25519 based on 'secret' or the one form -P (if given)\r\n");
|
||||||
printf("-p - USB Pid (optional, default: 0xDF11)\r\n");
|
printf("-p - USB Pid (optional, default: 0xDF11)\r\n");
|
||||||
printf("-v - USB Vid (optional, default: 0x0483)\r\n");
|
printf("-v - USB Vid (optional, default: 0x0483)\r\n");
|
||||||
printf("Example: hex2dfu -i infile.hex -i outfile.dfu\r\n");
|
printf("Example: hex2dfu -i infile.hex -i outfile.dfu\r\n");
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue