espressif/esptool
1
0
Fork 0
mirror of https://github.com/espressif/esptool.git synced 2025-10-17 16:01:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
599 Commits 6 Branches 75 Tags
05f142110a0967d09a53bef35a18bf6653ac3efd
Commit Graph

38 Commits

Author SHA1 Message Date
KonstantinKondrashov
05f142110a espsecure: Fix the byte order for digest_rsa_public_key 2020-09-21 15:12:23 +08:00
Angus Gratton
c67e07943b espsecure: Fix 'espsecure.py generate_signing_key --version 2' under Python 3 2020-07-23 13:53:54 +08:00
Angus Gratton
746023b5db espsecure: Replace vendored pyaes (and optional pycrypto) with pyca-cryptography 
Performance significantly improves over pyaes, roughly the same as pycrypto

pyca-cryptography is already a dependency of espsecure

Progress towards https://github.com/espressif/esptool/issues/414
 2020-06-18 09:47:35 +10:00
Supreet Deshpande
87286f90f4 Added an option to view secure boot v2 signature block information 2020-05-07 13:01:58 +05:30
Supreet Deshpande
3dfe2b1e59 feat/secure_boot_v2_s2: Support for secure boot v2 for esp32s2 2020-04-27 10:44:18 +05:30
Supreet Deshpande
9f87460a29 feat/eco3_secure_boot_v2: Update Secure Boot V2 utilities 2020-02-21 17:22:06 +11:00
Angus Gratton
6ba165d802 espefuse/espsecure: Small fixes to secure boot v2 utilities 2020-01-30 11:22:36 +05:30
Angus Gratton
0a0f83b28f espefuse: Support burning key digest for Secure Boot V2 2020-01-30 11:22:36 +05:30
Angus Gratton
4817237dc4 WIP Secure Boot V2 signing support 2020-01-30 11:22:36 +05:30
Angus Gratton
efb55ac15c Revert "fix/pad_secure_boot_signed_binary: 16 byte align the app/part table bins." 
This reverts commit 5ec16a4f55.

Not possible to pad the current binary signature format and also use
espsecure.py verify.
 2020-01-02 18:06:05 +11:00
Supreet Deshpande
5ec16a4f55 fix/pad_secure_boot_signed_binary: 16 byte align the app/part table bins. 
Description:
Unsigned binaries are 16 byte aligned. Adding secure boot version 1 signature(68 bytes) misaligns them. Flash encryption requires 16 bytes of chunks to encrypt.
During OTA with SB+FE the last chunk is not 16 byte aligned and can result in FE error.
Thus, Padding 12 bytes of 0xFF to ensure 16 byte alignment.

Padding also added to parition table as it is signed but is inconsequential.
 2019-11-18 18:53:41 +05:30
Rafael Vuijk
abfacc0f99 espsecure: improve encryption speed 
Cherry-picked from https://github.com/espressif/esptool/pull/416

* Try to use Crypto.Cipher.AES since it should be faster than pyaes.
* Use bignum and iterate through address bits instead of key bits.
* Correct bit order in _flash_encryption_tweak_range_bits. Correct style.
* espsecure: Make key tweak in parallel in python3

  We can calculate this all with some giant multiplies if we recognize
  that the bits are always contiguous regions of bits except for the two
  truncated ones.  This takes away the manual check for each bit position.

* espsecure: Only perform int.from_bytes(...) once per encryption

  This saves time overall.

* espsecure: Remove input_fole.tell() invocation

  It turns out that invoking this in each loop results in a system call,
  at least in Linux.  This reduces the overhead of this routine by removing
  these extraneous system calls.
 2019-07-11 17:56:11 +10:00
Angus Gratton
c583756c11 espsecure: Add --keylen option to generate_flash_encryption_key for 3/4 Coding Scheme 
Also change internal representation from string to int.
 2019-04-24 17:52:33 +10:00
Angus Gratton
fbd8c865e5 espsecure: Fix flash_encrypt_data / flash_decrypt_data on Python 3 
Closes https://github.com/espressif/esptool/issues/369
 2018-12-20 17:11:52 +11:00
Angus Gratton
d978421db9 espsecure: Add support and tests for using verify_signature with binary public key file 
Previously, keyfile could only be in PEM format

Closes https://github.com/espressif/esptool/issues/357
 2018-12-20 17:11:52 +11:00
Angus Gratton
955ee9b18b espsecure: Fix verify_signature (regression in 8305193b44) 
Closes https://github.com/espressif/esptool/issues/374
 2018-12-20 14:58:54 +11:00
Angus Gratton
057a7e2d84 espsecure digest_secure_bootloader: Fix Python 3 string vs bytes usage 
Closes https://github.com/espressif/esptool/issues/382
 2018-12-20 14:16:44 +11:00
Angus Gratton
f262eacbc0 espsecure encrypt_data: Making padding a 'note' rather than a a 'WARNING' 2018-12-18 09:49:46 +11:00
Angus Gratton
8305193b44 espsecure.py: Add support for 192 bit key operations on the host: 
* encrypt_flash_data
* decrypt_flash_data
* digest_private_key
 2018-10-12 13:18:48 +11:00
Angus Gratton
86094717dd espsecure: Fix bug in digest_secure_bootloader() producing incorrect digest 
ROM bootloader ignores any part of the appended SHA-256 digest
after the last 128 byte block.
 2018-07-17 15:21:31 +10:00
Angus Gratton
754f81aa35 Merge pull request #233 from Cabalist/import_cleanup 
PEP8 imports  Remove unused import statements.
 2017-10-24 12:58:40 +08:00
Angus Gratton
ab23d5d52a Remove bare except: statements 
New requirement of pycodestyle
 2017-10-24 12:57:08 +08:00
Milan Kupcevic
f4bd22b4db correct espsecure.py command name 2017-10-23 23:48:46 -04:00
Ryan Jarvis
fa7e37aa4c PEP8 imports (https://www.python.org/dev/peps/pep-0008/#imports). Remove unused import statements. 2017-09-17 12:22:03 -07:00
Miro Hrončok
476128901e Display usage information when no arguments are provided 
Previously a traceback was shown instead.

Fixes https://github.com/espressif/esptool/issues/211
 2017-06-22 11:54:55 +02:00
Angus Gratton
1ff7ee801d especure & espefuse: Fix pyflakes future failures 2017-04-24 15:01:41 +10:00
M Hickford
d291846bb4 In setup.py specify console_scripts rather than scripts. 
This is preferable cross-platform compatibility. See https://packaging.python.org/distributing/#scripts and https://setuptools.readthedocs.io/en/latest/setuptools.html#automatic-script-creation.

Fixes https://github.com/espressif/esptool/issues/181
 2017-03-06 08:27:17 +00:00
Angus Gratton
7f4dda26b4 Update README for esptool.py v2.0 2017-01-09 17:59:58 +11:00
Angus Gratton
d2b304f181 Forward-port Python 3 compatibility to esptool v2.0 
Merge commit 'cda4f2b5e5bc09571b55c4b5e6b1c9f5ec349514' into feature/esp32_v20_refactor
 2017-01-09 12:27:30 +11:00
Angus Gratton
20460465fb Flake8 fixes 2016-12-14 11:52:03 +11:00
Angus Gratton
cd5688411c espsecure.py: Add generate_flash_encryption_key command 2016-11-24 15:47:19 +11:00
Angus Gratton
f337fbd175 espsecure.py: Generate flash decryption to encrypt/decrypt routines 2016-11-23 18:49:18 +11:00
Angus Gratton
da75e2281d espsecure.py: Add support for decrypting encrypted flash (with known key) 2016-11-17 16:28:02 +11:00
Angus Gratton
d8b1ffdd50 espsecure: Fix sign_data, add verify_signature command for testing 2016-11-07 17:59:32 +11:00
Angus Gratton
98e5dbfa78 espsecure: Derive a pre-known secure bootloader key from signing key 
Rather than randomly generating it. Means only key needs to be kept
around (and it can be in an openssl-compatible format.)
 2016-11-04 15:28:10 +11:00
Angus Gratton
68ed7c7a4e espsecure: Add ECDSA signature support 2016-11-04 11:42:39 +11:00
Angus Gratton
95dae1651e espefuse: Fix bugs with read/write protection, add read_protect_efuse / write_protect_efuse commands 2016-11-01 16:03:07 +11:00
Angus Gratton
6d92b30bcc Add complementary espefuse.py & espsecure.py command line tools 
espefuse.py reads/writes ESP32 EFUSE data.
espsecure.py provides helpers for generating/validating secure boot data.
 2016-11-01 12:20:22 +11:00