Skip to content

Commit 5669a60

Browse files
David Michielidpgeorge
David Michieli
authored and
dpgeorge
committed
stm32/mboot: Allow unpacking dfu without secret key.
- unpack-dfu command no longer requies a secret key to be present - pack-dfu command raises an exception if no secret key is found
1 parent 00d6a79 commit 5669a60

File tree

2 files changed

+14
-3
lines changed

2 files changed

+14
-3
lines changed

ports/stm32/mboot/mboot_pack_dfu.py

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -86,9 +86,14 @@ def save(self):
8686

8787
def load(self):
8888
with open(self.filename) as f:
89-
self.sign_sk = self._load_data("mboot_pack_sign_secret_key", f.readline())
90-
self.sign_pk = self._load_data("mboot_pack_sign_public_key", f.readline())
91-
self.secretbox = self._load_data("mboot_pack_secretbox_key", f.readline())
89+
for line in f:
90+
for key, attr in (
91+
("mboot_pack_sign_secret_key", "sign_sk"),
92+
("mboot_pack_sign_public_key", "sign_pk"),
93+
("mboot_pack_secretbox_key", "secretbox"),
94+
):
95+
if key in line:
96+
setattr(self, attr, self._load_data(key, line))
9297

9398

9499
def dfu_read(filename):
@@ -135,6 +140,8 @@ def encrypt(keys, data):
135140

136141

137142
def sign(keys, data):
143+
if not hasattr(keys, "sign_sk"):
144+
raise Exception("packing a dfu requires a secret key")
138145
return pyhy.hydro_sign_create(data, MBOOT_PACK_HYDRO_CONTEXT, keys.sign_sk)
139146

140147

tools/ci.sh

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -243,6 +243,10 @@ function ci_stm32_nucleo_build {
243243
BUILD_WB55=ports/stm32/build-NUCLEO_WB55
244244
python3 ports/stm32/mboot/mboot_pack_dfu.py -k $BOARD_WB55/mboot_keys.h unpack-dfu $BUILD_WB55/firmware.pack.dfu $BUILD_WB55/firmware.unpack.dfu
245245
diff $BUILD_WB55/firmware.unpack.dfu $BUILD_WB55/firmware.dfu
246+
# Test unpack-dfu command works without a secret key
247+
tail -n +2 $BOARD_WB55/mboot_keys.h > $BOARD_WB55/mboot_keys_no_sk.h
248+
python3 ports/stm32/mboot/mboot_pack_dfu.py -k $BOARD_WB55/mboot_keys_no_sk.h unpack-dfu $BUILD_WB55/firmware.pack.dfu $BUILD_WB55/firmware.unpack_no_sk.dfu
249+
diff $BUILD_WB55/firmware.unpack.dfu $BUILD_WB55/firmware.unpack_no_sk.dfu
246250
}
247251

248252
########################################################################################

0 commit comments

Comments
 (0)