summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBill Richardson <wfrichar@chromium.org>2015-04-03 16:28:32 -0700
committerChromeOS Commit Bot <chromeos-commit-bot@chromium.org>2015-04-08 19:12:03 +0000
commitb4496c44433bda513d1e4f069587215b64a03f3f (patch)
tree3442241ac4e3d7fdd293efb76e6ac470917daa2f
parenteae54e30a0c74612f4df5971fcabd756433811ef (diff)
downloadchrome-ec-b4496c44433bda513d1e4f069587215b64a03f3f.tar.gz
Use futility to sign the USB-PD chargers
This replaces a special-purpose python script with futility, to sign the firmware for those boards that require a signed RW image instead of using software sync. Currently, the only boards that do that use a signature scheme that is somewhat opaque (refer to commit b5a439241fee55863 in the vboot_reference repo for details). Futility calls that scheme "--type usbpd1". BUG=chromium:231574 BRANCH=ToT CQ-DEPEND=CL:*212135 TEST=manual To test, I obtained a reworked zinger that could be connected to servo. I first flashed it with a dev-key-signed RO+RW image built prior to this CL, then I applied this change, built a new image (with a minor change to the startup message), and updated only the RW half from Samus using ectool --name=cros_pd flashpd 0 1 /mnt/stateful_partition/ec.RW.bin Watching the zinger console when plugging and unplugging, I confirmed that the RO firmware was still the original and the verified-by-RO RW firmware was the new version. Note: I also had to build a custom AP kernel without the cros_pd driver, to prevent interference with the manual update. Change-Id: I22d8e75c85dab7701af8fe98287f14ebe77dbbd4 Signed-off-by: Bill Richardson <wfrichar@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/264508 Reviewed-by: Mike Frysinger <vapier@chromium.org>
Diffstat
-rw-r--r--Makefile5
-rw-r--r--Makefile.rules2
-rwxr-xr-xutil/ec_sign_rsa.py85
3 files changed, 1 insertions, 91 deletions
diff --git a/Makefile b/Makefile
index 77347bd697..ca1e239944 100644
--- a/Makefile
+++ b/Makefile
@@ -103,11 +103,6 @@ _flash_base_str:=$(shell echo "CONFIG_FLASH_BASE" | $(CPP) $(CPPFLAGS) -P \
-Ichip/$(CHIP) -Iboard/$(BOARD) -imacros include/config.h)
_flash_base=$(shell echo "$$(($(_flash_base_str)))")
-# Get RSA key size from board defines
-_rsa_size:=$(shell echo "CONFIG_RSA_KEY_SIZE" | $(CPP) $(CPPFLAGS) -P \
- -Ichip/$(CHIP) -Iboard/$(BOARD) -imacros include/rsa.h)
-$(eval RSA_KEY_SIZE=$(_rsa_size))
-
$(eval BOARD_$(UC_BOARD)=y)
$(eval CHIP_$(UC_CHIP)=y)
$(eval CHIP_VARIANT_$(UC_CHIP_VARIANT)=y)
diff --git a/Makefile.rules b/Makefile.rules
index 0576035c7a..b38313c126 100644
--- a/Makefile.rules
+++ b/Makefile.rules
@@ -63,7 +63,7 @@ cmd_copyrw-y = cd $(out) && cp $(PROJECT).RW.flat $(PROJECT).RW.bin
# commands for RSA signature
cmd_pubkey = ./util/pem_extract_pubkey.py $(PEM) > $@
-cmd_rsasign = ./util/ec_sign_rsa.py --$(RSA_KEY_SIZE) $(PEM) $(out)/$*.bin.tmp
+cmd_rsasign = futility sign --type usbpd1 --pem $(PEM) $(out)/$*.bin.tmp
# commands to build optional xref files
cmd_deps_to_list = cat $(deps) | tr -d ':\\' | tr ' ' '\012' \
diff --git a/util/ec_sign_rsa.py b/util/ec_sign_rsa.py
deleted file mode 100755
index 9c23f9edbe..0000000000
--- a/util/ec_sign_rsa.py
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/usr/bin/env python
-# Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-"""Sign EC firmware with 2048-bit RSA signature.
-
- Insert the RSA signature (256 bytes) at the end of the RW firmware
- and replace the public key constants with the new key in RO firmware.
-
- Example:
- ./util/sign_rsa [--rw] <pem> <ecfile>
-
- ./util/sign_rsa board/zinger/zinger_dev_key.pem build/zinger/ec.bin
-"""
-import logging
-import sys
-
-from subprocess import Popen, PIPE
-from pem_extract_pubkey import extract_pubkey
-
-# OpenSSL command to sign with SHA256andRSA
-RSA_CMD = ["openssl", "dgst", "-sha256", "-sign"]
-
-# supported RSA key sizes
-RSA_KEY_SIZES=[2048, 4096, 8192]
-
-def align16(v):
- return (v + 15) / 16 * 16
-
-def main():
- # Parse command line arguments
- if len(sys.argv) < 3:
- sys.stderr.write("Usage: %s [--rw] [--4096|--8192] <pem> <ecfile>\n" % sys.argv[0])
- sys.exit(-1)
- if "--rw" in sys.argv:
- sys.argv.remove("--rw")
- has_ro = False
- else:
- has_ro = True
- # Default to a 2048-bit RSA signature
- RSANUMBYTES = 2048 / 8
- for sz in RSA_KEY_SIZES:
- param = "--%d" % (sz)
- if param in sys.argv:
- sys.argv.remove(param)
- RSANUMBYTES = sz / 8
- pemfile = sys.argv[1]
- ecfile = sys.argv[2]
- # Length reserved at the end of the RO partition for the public key
- PUBKEY_RESERVED_SPACE = align16(2 * RSANUMBYTES + 4)
-
- # Get EC firmware content
- try:
- ec = file(ecfile).read()
- except:
- logging.error('cannot read firmware binary %s', ecfile)
- sys.exit(-1)
-
- # Extract the padded RW firmware to sign
- imglen = len(ec)/2
- rwdata = ec[imglen:-RSANUMBYTES] if has_ro else ec[:-RSANUMBYTES]
- # Compute the RSA signature using the OpenSSL binary
- RSA_CMD.append(pemfile)
- openssl = Popen(RSA_CMD, stdin=PIPE, stdout=PIPE)
- signature,_ = openssl.communicate(rwdata)
-
- if has_ro:
- # Get the public key values from the .pem file
- pubkey = extract_pubkey(pemfile, headerMode=False)
- # Add padding
- pubkey = pubkey + "\xff" * (PUBKEY_RESERVED_SPACE - len(pubkey))
-
- # Write back the signed EC firmware
- with open(ecfile, 'w') as fd:
- if has_ro:
- fd.write(ec[:imglen-len(pubkey)])
- fd.write(pubkey)
- fd.write(rwdata)
- fd.write(signature)
-
-if __name__ == '__main__':
- try:
- main()
- except KeyboardInterrupt:
- sys.exit()
View Lorry Controller Status