Commit Graph

16 Commits

Author SHA1 Message Date
Fabio Utzig e08f087ee5 Update imgtool to write trailer in new format
Signed-off-by: Fabio Utzig <utzig@apache.org>
2017-07-06 10:03:55 -06:00
David Brown 3e27386a12 Remove old 'imgtool' and 'zep2newt.py'
Now that script/imgtool.py contains all of the functionality of these
tools, remove the old tools from the tree.  The zep2newt.py was only
able to perform a limited set of signatures.  The 'imgtool' requires a
'Go' toolchain, which has been a hinderance to many users.

Please see `doc/imgtool.md` for directions on how to use this new tool
for image signing.

Signed-off-by: David Brown <david.brown@linaro.org>
2017-06-28 08:29:33 -06:00
David Brown 85d879f195 Merge pull request #60 from d3zd3z/pr/py-header
Make header padding optional
2017-06-13 15:59:27 -04:00
David Brown 2c21f7101b imgtool: Make "included header" optional
The imgtool.py program has been assuming that the input image for
signing has a zero padded place for the header at the beginning of the
image.  This is only true for some platforms.

Instead, make this included header space optional.  By default, prepend
the header to the image.  If `--included-header` is specified to the
sign command, consider the bytes at the beginning of the image to be
padded space for the header.  This option is required for Zephyr builds.
2017-06-13 15:54:45 -04:00
David Brown 0f0c6a808d imgtool: Allow --key to be optional when signing
If the --key is not specified, only the SHA256 hash is added to the TLV.
This is useful for testing configurations, where the crypto has not been
fully configured.  Note that this configuration is not secure, and this
only verifies that the image has not been corrupted.
2017-06-13 15:45:06 -04:00
David Brown efb871f4b2 imgtool: Better version parsing
When parsing versions for the --version argument, allow a field to be
zero.  Also, restrict the build to just an integer to match what we
allow (rather than allow alphabetic, and then failing to parse as an
integer).

In addition, add the missing import of argparse, so that when the
version is invalid, we get nice usage rather than an error about a
missing module.

Jira: MCUB-58
2017-06-08 09:43:55 -06:00
David Brown 4c036158d4 imgtool: Fix key argument
Changing the name of the command line argument changes the name of the
fields used to access it.  Change the keysigning code to reflect this,
avoiding a stack dump when trying to generate keys.
2017-06-07 09:19:21 -06:00
David Brown 07916c3155 imgtool.py: Support PKCS#1.5 v2.1 RSA-PSS
Add support for the RSA-PSS signature algorithm to imgtool.py.  This
algorithm has a strong security proof, and is recommended for all new
designs.  The new algorithm is enabled by default for RSA signatures to
match the default in the bootloader also being changed.
2017-06-07 09:19:21 -06:00
David Brown 23f91ad152 scripts: Initial version of Python imgtool
This is the start of a python implementation of imgtool.  This
implements all of the functionality that was missing in the zep2newt.py
tool, namely creation of keypairs, and converting the public version of
these keys into C code.
2017-06-07 09:19:21 -06:00
Andrew Boie e9470d893a zep2newt.py: recognize x86 padding
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
2017-03-15 13:27:57 -07:00
Ricardo Salveti 1a2e4b825b zep2newt.py: use /usr/bin/env when searching for python2
Avoid hardcoding the python2 path by using env python2 instead.

Signed-off-by: Ricardo Salveti <ricardo.salveti@linaro.org>
2017-02-27 22:55:39 -03:00
Marti Bolivar 47c69d0eea scripts: zep2newt: remove unused argument
The --off argument is unused; delete it.

Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
2017-02-10 16:44:41 -05:00
Marti Bolivar da223385c5 scripts: zep2newt: delete dead store
Signed-off-by: Marti Bolivar <marti.bolivar@linaro.org>
2017-02-10 16:44:41 -05:00
David Brown 06446dda2c scripts: Allow image version number
Add an --image-version argument to zep2newt.py to allow the major
version number to be set.  This helps make testing easier by having
differing version numbers.
2017-01-23 16:01:01 -07:00
David Brown adec29ebe5 scripts: Remove .pyc file from repo
Add *.pyc to the .gitignore, and remove the file that got mistakenly
checked in.
2017-01-23 15:56:39 -07:00
David Brown 22a6fe32d3 Add some simple scripts for signing/flashing
These are some simple scripts for signing images (with an example with a
hardcoded path), a fixed root key that matches the one checked into the
code, and a few scripts to use the Segger debugger to flash the images.
2017-01-23 15:56:39 -07:00