TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 99ec383ea1ed2570dce9c54120196cde61d54c74 / . / scripts / imgtool / main.py
blob: 22bce62c07b72dd198a4384569c15fb5810ca3ae [file] [log] [blame]
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]1#! /usr/bin/env python3
2#
3# Copyright 2017 Linaro Limited
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]4# Copyright 2019 Arm Limited
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]5#
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]18import re
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]19import click
20import getpass
21import imgtool.keys as keys
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]22import sys
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]23from imgtool import image
24from imgtool.version import decode_version
25
26
27def gen_rsa2048(keyfile, passwd):
Fabio Utzig19fd79a2019-05-08 18:20:39 -0300[diff] [blame]28 keys.RSA.generate().export_private(path=keyfile, passwd=passwd)
29
30
31def gen_rsa3072(keyfile, passwd):
32 keys.RSA.generate(key_size=3072).export_private(path=keyfile,
33 passwd=passwd)
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]34
35
36def gen_ecdsa_p256(keyfile, passwd):
37 keys.ECDSA256P1.generate().export_private(keyfile, passwd=passwd)
38
39
40def gen_ecdsa_p224(keyfile, passwd):
41 print("TODO: p-224 not yet implemented")
42
43
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]44def gen_ed25519(keyfile, passwd):
Fabio Utzig4bd4c7c2019-06-27 08:23:21 -0300[diff] [blame]45 keys.Ed25519.generate().export_private(path=keyfile, passwd=passwd)
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]46
47
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]48valid_langs = ['c', 'rust']
49keygens = {
50 'rsa-2048': gen_rsa2048,
Fabio Utzig19fd79a2019-05-08 18:20:39 -0300[diff] [blame]51 'rsa-3072': gen_rsa3072,
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]52 'ecdsa-p256': gen_ecdsa_p256,
53 'ecdsa-p224': gen_ecdsa_p224,
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]54 'ed25519': gen_ed25519,
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]55}
56
57
58def load_key(keyfile):
59 # TODO: better handling of invalid pass-phrase
60 key = keys.load(keyfile)
61 if key is not None:
62 return key
63 passwd = getpass.getpass("Enter key passphrase: ").encode('utf-8')
64 return keys.load(keyfile, passwd)
65
66
67def get_password():
68 while True:
69 passwd = getpass.getpass("Enter key passphrase: ")
70 passwd2 = getpass.getpass("Reenter passphrase: ")
71 if passwd == passwd2:
72 break
73 print("Passwords do not match, try again")
74
75 # Password must be bytes, always use UTF-8 for consistent
76 # encoding.
77 return passwd.encode('utf-8')
78
79
80@click.option('-p', '--password', is_flag=True,
81 help='Prompt for password to protect key')
82@click.option('-t', '--type', metavar='type', required=True,
83 type=click.Choice(keygens.keys()))
84@click.option('-k', '--key', metavar='filename', required=True)
85@click.command(help='Generate pub/private keypair')
86def keygen(type, key, password):
87 password = get_password() if password else None
88 keygens[type](key, password)
89
90
91@click.option('-l', '--lang', metavar='lang', default=valid_langs[0],
92 type=click.Choice(valid_langs))
93@click.option('-k', '--key', metavar='filename', required=True)
94@click.command(help='Get public key from keypair')
95def getpub(key, lang):
96 key = load_key(key)
97 if key is None:
98 print("Invalid passphrase")
99 elif lang == 'c':
100 key.emit_c()
101 elif lang == 'rust':
102 key.emit_rust()
103 else:
104 raise ValueError("BUG: should never get here!")
105
106
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]107@click.argument('imgfile')
108@click.option('-k', '--key', metavar='filename')
109@click.command(help="Check that signed image can be verified by given key")
110def verify(key, imgfile):
111 key = load_key(key) if key else None
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]112 ret, version = image.Image.verify(imgfile, key)
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]113 if ret == image.VerifyResult.OK:
114 print("Image was correctly validated")
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]115 print("Image version: {}.{}.{}+{}".format(*version))
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]116 return
117 elif ret == image.VerifyResult.INVALID_MAGIC:
118 print("Invalid image magic; is this an MCUboot image?")
Christian Skubichf13db122019-07-31 11:34:15 +0200[diff] [blame]119 elif ret == image.VerifyResult.INVALID_TLV_INFO_MAGIC:
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]120 print("Invalid TLV info magic; is this an MCUboot image?")
121 elif ret == image.VerifyResult.INVALID_HASH:
122 print("Image has an invalid sha256 digest")
123 elif ret == image.VerifyResult.INVALID_SIGNATURE:
124 print("No signature found for the given key")
Christian Skubichf13db122019-07-31 11:34:15 +0200[diff] [blame]125 else:
126 print("Unknown return code: {}".format(ret))
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]127 sys.exit(1)
128
129
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]130def validate_version(ctx, param, value):
131 try:
132 decode_version(value)
133 return value
134 except ValueError as e:
135 raise click.BadParameter("{}".format(e))
136
137
138def validate_header_size(ctx, param, value):
139 min_hdr_size = image.IMAGE_HEADER_SIZE
140 if value < min_hdr_size:
141 raise click.BadParameter(
142 "Minimum value for -H/--header-size is {}".format(min_hdr_size))
143 return value
144
145
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]146def get_dependencies(ctx, param, value):
147 if value is not None:
148 versions = []
149 images = re.findall(r"\((\d+)", value)
150 if len(images) == 0:
151 raise click.BadParameter(
152 "Image dependency format is invalid: {}".format(value))
153 raw_versions = re.findall(r",\s*([0-9.+]+)\)", value)
154 if len(images) != len(raw_versions):
155 raise click.BadParameter(
156 '''There's a mismatch between the number of dependency images
157 and versions in: {}'''.format(value))
158 for raw_version in raw_versions:
159 try:
160 versions.append(decode_version(raw_version))
161 except ValueError as e:
162 raise click.BadParameter("{}".format(e))
163 dependencies = dict()
164 dependencies[image.DEP_IMAGES_KEY] = images
165 dependencies[image.DEP_VERSIONS_KEY] = versions
166 return dependencies
167
168
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]169class BasedIntParamType(click.ParamType):
170 name = 'integer'
171
172 def convert(self, value, param, ctx):
173 try:
174 if value[:2].lower() == '0x':
175 return int(value[2:], 16)
176 elif value[:1] == '0':
177 return int(value, 8)
178 return int(value, 10)
179 except ValueError:
180 self.fail('%s is not a valid integer' % value, param, ctx)
181
182
183@click.argument('outfile')
184@click.argument('infile')
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]185@click.option('-L', '--load-addr', type=BasedIntParamType(), required=False,
186 help='Load address for image when it is in its primary slot.')
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]187@click.option('-E', '--encrypt', metavar='filename',
188 help='Encrypt image using the provided public key')
189@click.option('-e', '--endian', type=click.Choice(['little', 'big']),
190 default='little', help="Select little or big endian")
191@click.option('--overwrite-only', default=False, is_flag=True,
192 help='Use overwrite-only instead of swap upgrades')
193@click.option('-M', '--max-sectors', type=int,
194 help='When padding allow for this amount of sectors (defaults to 128)')
195@click.option('--pad', default=False, is_flag=True,
196 help='Pad image to --slot-size bytes, adding trailer magic')
197@click.option('-S', '--slot-size', type=BasedIntParamType(), required=True,
198 help='Size of the slot where the image will be written')
199@click.option('--pad-header', default=False, is_flag=True,
200 help='Add --header-size zeroed bytes at the beginning of the image')
201@click.option('-H', '--header-size', callback=validate_header_size,
202 type=BasedIntParamType(), required=True)
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]203@click.option('-d', '--dependencies', callback=get_dependencies,
204 required=False, help='''Add dependence on another image, format:
205 "(<image_ID>,<image_version>), ... "''')
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]206@click.option('-v', '--version', callback=validate_version, required=True)
207@click.option('--align', type=click.Choice(['1', '2', '4', '8']),
208 required=True)
209@click.option('-k', '--key', metavar='filename')
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]210@click.command(help='''Create a signed or unsigned image\n
211 INFILE and OUTFILE are parsed as Intel HEX if the params have
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]212 .hex extension, otherwise binary format is used''')
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]213def sign(key, align, version, header_size, pad_header, slot_size, pad,
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]214 max_sectors, overwrite_only, endian, encrypt, infile, outfile,
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]215 dependencies, load_addr):
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]216 img = image.Image(version=decode_version(version), header_size=header_size,
217 pad_header=pad_header, pad=pad, align=int(align),
218 slot_size=slot_size, max_sectors=max_sectors,
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]219 overwrite_only=overwrite_only, endian=endian, load_addr=load_addr)
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]220 img.load(infile)
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]221 key = load_key(key) if key else None
222 enckey = load_key(encrypt) if encrypt else None
223 if enckey:
Fabio Utzig19fd79a2019-05-08 18:20:39 -0300[diff] [blame]224 if not isinstance(enckey, (keys.RSA, keys.RSAPublic)):
Chris Bittnerfda937a2019-03-29 10:11:31 +0100[diff] [blame]225 raise Exception("Encryption only available with RSA key")
Fabio Utzig19fd79a2019-05-08 18:20:39 -0300[diff] [blame]226 if key and not isinstance(key, keys.RSA):
Chris Bittnerfda937a2019-03-29 10:11:31 +0100[diff] [blame]227 raise Exception("Signing only available with private RSA key")
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]228 img.create(key, enckey, dependencies)
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]229 img.save(outfile)
230
231
232class AliasesGroup(click.Group):
233
234 _aliases = {
235 "create": "sign",
236 }
237
238 def list_commands(self, ctx):
239 cmds = [k for k in self.commands]
240 aliases = [k for k in self._aliases]
241 return sorted(cmds + aliases)
242
243 def get_command(self, ctx, cmd_name):
244 rv = click.Group.get_command(self, ctx, cmd_name)
245 if rv is not None:
246 return rv
247 if cmd_name in self._aliases:
248 return click.Group.get_command(self, ctx, self._aliases[cmd_name])
249 return None
250
251
252@click.command(cls=AliasesGroup,
253 context_settings=dict(help_option_names=['-h', '--help']))
254def imgtool():
255 pass
256
257
258imgtool.add_command(keygen)
259imgtool.add_command(getpub)
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]260imgtool.add_command(verify)
Fabio Utzige89841d2018-12-21 11:19:06 -0200[diff] [blame]261imgtool.add_command(sign)
262
263
264if __name__ == '__main__':
265 imgtool()