Commit Graph

149 Commits

Author SHA1 Message Date
Andrej Butok 6c4f7b4c63 doc: imgtool: update align description
Update the --align option values.
Add its description.
Delete [required], as it is optional now.

Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
2023-11-07 10:22:14 +00:00
Andrej Butok 25b7c7a8e7 imgtool: make "align" command line parameter optional
Align parameter should be optional:
- it has a default value.
- it is not used for non-swap update modes.

Signed-off-by: Andrej Butok <andrey.butok@nxp.com>
2023-11-01 09:52:55 -06:00
David Brown e0bdcdecec Update version files for 2.0.0
Update documentation and version tags for final 2.0.0 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2023-10-23 17:36:54 -06:00
David Brown 6a6de4b26a scripts: imgtool: update to 2.0.0-rc1 release
Update the version of imgtool.  This should auto-publish when
released.

Signed-off-by: David Brown <david.brown@linaro.org>
2023-09-29 08:19:05 -06:00
Bence Balogh 97a20f1286 imgtool: Add public key's SHA256 hash calculation
Signed-off-by: Dávid Házi <david.hazi@arm.com>
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Change-Id: I91d5c07c1bb2b8abe2592cd49b2053c881465ba2
2023-08-08 18:09:07 +02:00
Bence Balogh ed8d68aff7 imgtool: Add raw output option
Signed-off-by: Dávid Házi <david.hazi@arm.com>
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Change-Id: Ia7f385e5e1b0471aae7693baa54e9a385ad3ae3f
2023-08-08 18:09:07 +02:00
Bence Balogh 367aefbede imgtool: Add write to file option
Signed-off-by: Dávid Házi <david.hazi@arm.com>
Signed-off-by: Bence Balogh <bence.balogh@arm.com>
Change-Id: I6028955be5cbcd20d49ef2126dce8d4636b824a6
2023-08-08 18:09:07 +02:00
Roland Mikhel 018b77032c imgtool: Fix getpriv error return with private key
This commit fixes a bug with the getpriv command using
ECDSA keys.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I66c1365a855e97199921ac136a18e26988bce508
2023-07-24 09:33:50 +02:00
David Vincze 7f982b0f6f Revert "imgtool: Add backwards compatibility for ECDSA"
This reverts commit 78135ee6eb
as bba5a711483447d7eee2531b65bd1c07c81746c9 made it unnecessary.

Change-Id: Idee755f05c17502599aaa947826e9a7feb08b4a7
Signed-off-by: David Vincze <david.vincze@arm.com>
2023-04-28 11:40:31 +02:00
David Vincze 4395b80976 boot: Restore and extend the usage of 0x22 TLV (ECDSA256)
The IMAGE_TLV_ECDSA256 TLV has been put out of use by
commit 63d2346da4.
This commit reverts this part of that patch and at the
same time it extends the usage of this TLV to cover all types
of curves (replacing the newly introduced 0x25 TLV type)
while retaining its value (0x22) for backward compatibility.
Rename IMAGE_TLV_ECDSA256 to IMAGE_TLV_ECDSA_SIG.

Change-Id: I904f292db775c38f26a5e9a87c5f414165efc173
Signed-off-by: David Vincze <david.vincze@arm.com>
2023-04-28 11:40:31 +02:00
Roland Mikhel 78135ee6eb imgtool: Add backwards compatibility for ECDSA
Add backwards compatibility to the imgtool to support
the old curve specific TLVs. Currently only ECDSA256 needs this.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I275894ebc713ea8adcaab4198b036c41233b11e8
2023-04-26 13:27:44 +02:00
Roland Mikhel 5704174c12 imgtool: Add generic ECDSA TLV support
Update imgtool to support the new
generic ECDSA TLV and the ECDSA
p384 curve type with sha-384

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I9b1887610cc5d0e7cde90f47999fcdf3500ef51c
2023-04-26 13:27:44 +02:00
David Vincze ca56135b6b imgtool: Add 'dumpinfo' command
Add new 'dumpinfo' command that can parse a signed image and
print all the available information from the header, TLV area and
trailer in the form of a basic "image map".

The --outfile option can be used to write the image information
to an output file in serialised YAML format.

Change-Id: I99e61078946b02eefd4ac2e682583476d53e8d4f
Signed-off-by: David Vincze <david.vincze@arm.com>
2023-04-12 10:01:14 +02:00
Roland Mikhel 3d92a6cb59 imgtool: Remove P224 curve references
Imgtool does not provide support for P224
curve, just a placeholder function that
says it's not currently implemented.
This has now been removed as P224 support
had been removed from the boot code too.

Signed-off-by: Roland Mikhel <roland.mikhel@arm.com>
Change-Id: I477d8e273085f38f35eaf9a591584f3e937d748d
2023-04-11 07:05:38 +02:00
David Brown 23d28832f0 Update to version 1.10.0
Signed-off-by: David Brown <david.brown@linaro.org>
2023-04-06 07:38:04 -06:00
David Brown 569b1d6393 Update to version 1.10.0-rc1
Signed-off-by: David Brown <david.brown@linaro.org>
2023-03-20 14:02:12 -06:00
Raphael Dupont 16f3de5660 imgtool: fix boot_magic when -e big and max-align > 8
Currently if max-align > 8, magic_boot only works in little endian

For example :
With max-align = 16 and endian = big, boot_magic starts with 0x10 0x00,
but it should be 0x00 0x10

Signed-off-by: Raphael Dupont <raphael7dup@gmail.com>
2023-03-16 10:03:24 -03:00
Piotr Dymacz e026c3679b imgtool: sign: allow using 16-bit custom TLVs from valid range
The TLV type field in trailer TLV struct is defined as unsigned 16-bit
(in LE byte order). Currently, due to Python's struct format specified
as 'BBH', the 'imgtool' accepts only single byte for this field.

This results in error when trying to use 16-bit TLV type with option
'--custom-tlv':

  struct.error: ubyte format requires 0 <= number <= 255

This changes format to 'HH' which allows using 16-bit TLV types and
while at it, adds also simple range validation for custom TLV type.
As defined in image.h header, the vendor reserved TLVs value should
be from 0x00a0 to 0xfffe range.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2023-03-10 17:30:38 -03:00
Ross Younger ae9d256cab imgtool: allow verify mode to use public ed25519 keys
Verify mode already works for the public halves of RSA and ECDSA keypairs.
This patch corrects an apparent oversight, enabling that functionality
in Ed25519.

Signed-off-by: Ross Younger <crazyscot@gmail.com>
2023-02-25 09:42:31 -03:00
Fabio Utzig 8f289ba5f9 imgtool: fix getpriv format type for keys
A previous change was added to allow the `getpriv` command to dump ec256
keys in both openssl and pkcs8. That PR did not touch other key file
types which resulted in errors using that command with RSA, X25519, etc.

This commit generalizes the passing of the `format` parameter, so each
key type can decide which format it allows a dump to be produced in,
and what default to use.

Fixes #1529

Signed-off-by: Fabio Utzig <utzig@apache.org>
2023-01-10 18:03:21 -03:00
Fabio Utzig 08a716dc4e imgtool: fix --vector-to-sign usage
`--vector-to-sign` only exports the image payload, or digest, to be
signed externally; it doesn't require any keys to be provided. This
commit moves the code outside a key required block, after the payload
and digest were already calculated from "image + headers + protected
TLVs".

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-11-21 18:50:25 -03:00
Antonio de Angelis 7ba01c0de7 imgtool: Fix PEP8 warnings on modules in this PR
Fix the remaining PEP8 warnings that appear on image.py, ecdsa.py
or main.py for imgtool.

Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
2022-11-16 14:02:19 -03:00
Antonio de Angelis c6e7e9be7a imgtool: Improve ECDSA key generation
This patch improves the existing ECDSA key generation feature
in the imgtool by:
 - Fix a bug in the 'minimal' representation of PKCS#8 keys where
   the resulting ASN.1 DER encoding is not compliant
 - Add the option to export ECDSA private keys in SEC1 format by
   providing a command line option -f or --format that can be
   'openssl' (for SEC1 format) or 'pkcs8'. This format ends up in
   key encodings which are generally smaller than PKCS#8.

Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
2022-11-16 14:02:19 -03:00
Antonio de Angelis 284b8fe3dd imgtool: Add filename to some common prints
Common prints such as the one that happens when an image is signed
are clearer if the source of print is added (i.e. filename), especially
for those build integration flows where imgtool is invoked as part of
a set of operations.

Signed-off-by: Antonio de Angelis <Antonio.deAngelis@arm.com>
2022-11-16 14:02:19 -03:00
Fabio Utzig 4e2cdfe82f imgtool: change getpub exporting format parameter
Update a previous PR were PEM exporting was added to the `--lang`
parameter, even though PEM is not a source code language per se.

This PR adds `--encoding/-e` to `getpub` command, for exporting
in formats other than a language source code. `--lang` is left with
a deprecation message, so it could be removed in a future version.
The default behavior of exporting source code in C was preserved.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-29 19:31:02 -03:00
Fabio Utzig 6f286779a6 imgtool: add option to export public PEM
Update `getpub` with new `lang` option, "pem", which allows exporting a
public key as a PEM file. This can later be distributed to be used for
encrypting an image, and gets away with having to use openssl for this
step.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2022-09-22 11:34:43 -06:00
Alexander Mihajlovic f4df58f347 imgtool: Fix output of confirmed image in HEX format
The image_ok was written to the wrong offset
when outputting HEX format. This commit fixes that.

Drive-by change: Use actual length of boot magic
instead of assuming it's 16 bytes long.

Signed-off-by: Alexander Mihajlovic <alexander@eub.se>
2022-08-22 10:56:12 +02:00
iysheng 6093cbb3dd scripts: Fix some sentences to suit print display
Signed-off-by: iysheng <iysheng@163.com>
2022-05-30 08:13:55 +02:00
Almir Okato 3eb50263b7 imgtool: Fix imgtool sign command without key
The fix adds a condition that checks if either key or fixed_sig are
`not None` before payload signing and TLV addition.

Signed-off-by: Almir Okato <almir.okato@espressif.com>
2022-05-18 09:51:53 -03:00
Andrzej Puzdrowski dfce0be6a1 imgtool: export data vector to be signed
Extend sign/create command so it allows to export image's byte string
which is the substrate for the image signature. The new option is
'--vector-to-sign'. It might takes 'payload' or 'digest'.
The exported data might be used to calculate the signature externally.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-04-18 16:31:15 -06:00
Andrzej Puzdrowski f72e3741d6 imgtool: image signature export
Extend sign/create command so it now allow to export the image
signature to the file pointed by --sig-out option.
The image signature will be encoded as base64 formatted string.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-04-18 16:31:15 -06:00
Andrzej Puzdrowski 160303c202 imgtool: Added support for providing the signature by 3rd party
The sign command was extended so it now allow to provide the signature
as base64 formatted RAW file using --fix-sig along with the relevant
public key --fix-sig-pubkey.

This patch is added for support the case where the party which produces
the image dose not have access to the signing image key but must request
third party for the signature.

Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
2022-04-18 16:31:15 -06:00
David Brown c657cbea75 Update to version 1.9.0
Bump version information for 1.9.0 release

Signed-off-by: David Brown <david.brown@linaro.org>
2022-03-02 14:29:33 -07:00
David Brown ee366953fe Update to 1.9.0-rc2
Bump the version number in the readme, and imgtool for the 1.9.0-rc2
release.

Signed-off-by: David Brown <david.brown@linaro.org>
2022-02-10 12:21:07 -07:00
Wouter Cappelle c028d45057 imgtool: skip erased values in trailer generation
When generating an image with trailer (--pad or --confirm), the
imgtool also adds the erased values into that area. This is not
wanted for flash drivers which use ECC and treat writing erased
values as a real write action, which cannot be overwritten anymore.
See issue #1288

Signed-off-by: Wouter Cappelle <wouter.cappelle@crodeon.com>
2022-02-09 13:35:01 -07:00
Piotr Mienkowski b6d5cf3589 imgtool: change --max-align default value
The value of `--max-align` parameter passed to imgtool can never be
less than the value of `--align` parameter. At present the default
value of `--max-align` is fixed at 8. This forces user to pass the
parameter even when its value can be safely inferred.

Change the default value of the `--max-align` parameter to the larger
of the two values: `--align` or 8. Consequently, the user is required
to pass the parameter only if the flash alignment of the primary and
secondary slot differ.

Signed-off-by: Piotr Mienkowski <piotr.mienkowski@gmail.com>
2022-02-07 15:58:40 -07:00
David Brown d484b827a9 Bump versioning information to 1.9.0-rc1
Signed-off-by: David Brown <david.brown@linaro.org>
2022-01-21 14:01:05 -07:00
Michel Jaouen d09aa6b4f9 imgtool: Add clear image generation with encryption capability
Create an option to generate a clear image with encryption capability
that can be installed on a primary slot. Since image has encryption
capability image can be swapped encrypted in secondary slot

Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
2022-01-14 09:30:57 -03:00
Gustavo Henrique Nihei cf120baa65 bootutil: Define new magic for the updated image trailer layout
The magic value applies to images built with maximum write alignment
values other than 8 bytes, whose trailer region is generated in a
different layout.

Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-12-16 13:19:12 -07:00
Kristine Jassmann 73c38c6fde bootutil: Allow larger minimum flash write
[kristine.jassmann@renesas.com: Allow larger minimum flash write]
[michael.thomas@renesas.com: Add changes for 1.8]
[michael.thomas@renesas.com: Add magic alignment fix]
[gustavo.nihei@espressif.com: bootutil: Address issues from PR 949]

Co-authored-by: Kristine Jassmann <kristine.jassmann@renesas.com>
Co-authored-by: Michael Thomas <michael.thomas@renesas.com>
Co-authored-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
Signed-off-by: Kristine Jassmann <kristine.jassmann@renesas.com>
Signed-off-by: Michael Thomas <michael.thomas@renesas.com>
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-12-16 13:19:12 -07:00
Ross Burton a6df132b68 imgtool: prefer cbor2 over cbor
The cbor module is unmaintained, with the last release in 2016[1]. The
cbor2 module however is under active development and was last released
just last month[2].

As the APIs are identical, we can import cbor2 and if that fails fall
back to cbor.

[1] https://pypi.org/project/cbor/#history
[2] https://pypi.org/project/cbor2/#history

Closes #1189

Signed-off-by: Ross Burton <ross.burton@arm.com>
Change-Id: Iaf2d0df625a200a5cebf72dec4a89877a26194ea
2021-11-03 14:19:31 +01:00
David Brown 29099e1d17 Preps for 1.8.0
Update version fields for 1.8.0 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-10-13 10:03:58 -06:00
David Brown 0779f4f4d2 Preps for 1.8.0-rc2
Update version fields for 1.8.0-rc2 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-09-29 15:31:32 -06:00
David Brown ae35510b58 Preps for 1.8.0-rc1
Update version fields for 1.8.0-rc1 release.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-08-31 09:09:22 -06:00
Salome Thirot 0f64197aff boot: Add AES256 support for image encryption
Support only works when using mbedtls as the cryptographic library.

Signed-off-by: Salome Thirot <salome.thirot@arm.com>
2021-05-18 07:25:12 -03:00
David Brown 1997f539f7 sim: Remove extraneous static
According to clippy, `&'static` can just be `&` for static definitions,
which always have a static lifetime.  Clean this up in the arrays in the
code, as well as generation code in imgtool.

Signed-off-by: David Brown <david.brown@linaro.org>
2021-03-11 07:25:43 -07:00
Fabio Utzig 8a5e49876e imgtool: rollback to 1.7.0 release
Since there won't be anymore alpha releases, rollback to latest official
(from master). The next released versions now can be either 1.7.X from
v1.7-branch or X.Y.Zrc1 for the release candidate of next stable
version.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2021-02-12 09:28:47 -03:00
Fabio Utzig d62631af57 imgtool: fix encrypting hex images
Fixes padding hex images when encrypting. The issues stems from binaries
using `bytes` and IntelHex returning `array` where `bytes` cannot be
appended to, so use `.extend()` instead.

Signed-off-by: Fabio Utzig <utzig@apache.org>
2021-02-11 12:41:39 +01:00
David Brown 79c4fcf403 scripts: Add SPDX headers
Add SPDX headers indicating the Apache-2.0 license to the scripts in the
scripts directory.  This can be assumed due to the presence of the
Apache-2.0 LICENSE file at the top of the project.

Fixes #930

Signed-off-by: David Brown <david.brown@linaro.org>
2021-01-28 09:36:55 +01:00
Fabio Utzig d12a8da287 imgtool: fix validation with protected TLVs
After the change to support protected TLVs, the `verify` command was not
updated with proper support. Fix it by skipping any protected TLV found,
and fix the size of the hashed/signed region to also include the
protected TLV area.

Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
2021-01-25 16:49:05 -03:00