From 1641c98c8ac0783e58d6a73cd5c487879d09f5c0 Mon Sep 17 00:00:00 2001 From: Alexey Polyudov Date: Fri, 20 May 2016 16:45:15 -0700 Subject: contexthub: util: update scripts to include support for new tools convenience scripts used to help generate app image and OS image. Keep thme in sync with updated verions of tools Bug: 28265099 Change-Id: Ic9b372031fa064b9b44862eda426da85acde9117 Signed-off-by: Alexey Polyudov --- util/nanoapp_prepare.sh | 103 +++++--------------------------------- util/nanohub_os_update_prepare.sh | 96 +++++------------------------------ 2 files changed, 25 insertions(+), 174 deletions(-) diff --git a/util/nanoapp_prepare.sh b/util/nanoapp_prepare.sh index cb8a5357..546b698a 100755 --- a/util/nanoapp_prepare.sh +++ b/util/nanoapp_prepare.sh @@ -19,60 +19,20 @@ # Exit in error if we use an undefined variable (i.e. commit a typo). set -u -terminate() { #cleanup and exit - rm -rf $stage - exit $1 -} - usage () { #show usage and bail out echo "USAGE:" >&2 - echo " $1 [-e ] [-s [ [ [...]]]] < app.napp > app.final.napp" >&2 - terminate -1 -} - -putchar() { - hexch="0123456789abcdef" - h=$[$1/16] - l=$[$1%16] - h=${hexch:$h:1} - l=${hexch:$l:1} - e="\x"$h$l - echo -ne $e + echo " $1 [-e ] [-s [ [ [...]]]]" >&2 + exit 1 } -printhex() { - w3=$[$1/16777216] - t=$[$w3*16777216] - a=$[$1-$t] - - w2=$[$a/65536] - t=$[$w2*65536] - a=$[$a-$t] - - w1=$[$a/256] - w0=$[$a%256] - - putchar $w0 - putchar $w1 - putchar $w2 - putchar $w3 -} - -#save args and create temp dir -stage=$(mktemp -dt "$(basename $0).XXXXXXXXXX") -args=( "$@" ) - -#sanity checks (on the user) -if [ -t 1 ] -then - usage $0 -fi - -if [ -t 0 ] -then - usage $0 +if [ $# -ge 1 ] ; then +app=${1%.napp} +shift +else +usage $0 fi +args=( $@ ) #get encryption key if it exists & encrypt app encr_key_num="" @@ -92,16 +52,11 @@ then usage $0 fi - nanoapp_encr encr "$encr_key_num" "$encr_key_file" > "$stage/postencr" + nanoapp_encr -e -i "$encr_key_num" -k "$encr_key_file" "${app}.napp" "${app}.encr.napp" + app="${app}.encr" fi fi - -#if app is not encrypted, just copy it to staging area -if [ ! -f "$stage/postencr" ]; then - cat > "$stage/postencr" -fi - #handle signing if [ ${#args[@]} -ge 1 ] then @@ -124,50 +79,16 @@ then i=$[$i+1] done - #get and save file size - signed_sz=$(du -b "$stage/postencr" | cut -f1) - - nanoapp_sign sign "$priv1" "$pub1" < "$stage/postencr" > "$stage/sig" - - #pad data to 16 bytes - t=$signed_sz - while [ $[$t%16] -ne 0 ] - do - echo -ne "\0" >> "$stage/postencr" - t=$(du -b "$stage/postencr" | cut -f1) - done - - #produce signed output - cat "$stage/postencr" "$stage/sig" "$pub1" > "$stage/signed" + nanoapp_sign -s -e "$priv1" -m "$pub1" "${app}.napp" "${app}.sign.napp" #append remaining chunks i=3 while [ $i -lt ${#args[@]} ] do - cat "${args[$i]}" >> "$stage/signed" + cat "${args[$i]}" >> "${app}.sign.napp" i=$[$i+1] done - - #create header - num_sigs=$[${#args[@]}-2] - - echo -n SigndApp > "$stage/finished" - printhex $signed_sz >> "$stage/finished" - printhex $num_sigs >> "$stage/finished" - echo -ne "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" >> "$stage/finished" - cat "$stage/signed" >> "$stage/finished" else usage $0 fi fi - -#if app is not signed, just copy it to staging area -if [ ! -f "$stage/finished" ]; then - mv "$stage/postencr" "$stage/finished" -fi - -#produce output -cat "$stage/finished" - -terminate 0 - diff --git a/util/nanohub_os_update_prepare.sh b/util/nanohub_os_update_prepare.sh index fa802fa2..0227e437 100755 --- a/util/nanohub_os_update_prepare.sh +++ b/util/nanohub_os_update_prepare.sh @@ -19,95 +19,25 @@ # Exit in error if we use an undefined variable (i.e. commit a typo). set -u -terminate() { #cleanup and exit - rm -rf $stage - exit $1 -} - usage () { #show usage and bail out echo "USAGE:" >&2 - echo " $1 < nanohub.update.bin > nanohub.update.signed.bin" >&2 - terminate -1 -} - -putchar() { - hexch="0123456789abcdef" - h=$[$1/16] - l=$[$1%16] - h=${hexch:$h:1} - l=${hexch:$l:1} - e="\x"$h$l - echo -ne $e + echo " $1 nanohub.update.bin" >&2 + exit 1 } -printhex() { - w3=$[$1/16777216] - t=$[$w3*16777216] - a=$[$1-$t] - - w2=$[$a/65536] - t=$[$w2*65536] - a=$[$a-$t] - - w1=$[$a/256] - w0=$[$a%256] - - putchar $w0 - putchar $w1 - putchar $w2 - putchar $w3 -} - -#create temp dir -stage=$(mktemp -dt "$(basename $0).XXXXXXXXXX") - - -#sanity checks (on the user) -if [ -t 1 ] -then - usage $0 +if [ $# != 3 ] ; then +usage $0 fi -if [ -t 0 ] -then - usage $0 -fi - -#handle signing -if [ $# -ne 2 ] -then - usage $0 -fi -priv1="$1" -pub1="$2" - - -#save update to file in dir -cat > "$stage/raw" - -#pad update to 4 byte boundary -t=$(du -b "$stage/raw" | cut -f1) -while [ $[$t%4] -ne 0 ] -do - echo -ne "\0" >> "$stage/raw" - t=$(du -b "$stage/raw" | cut -f1) -done - -#get and save the file size -signed_sz=$(du -b "$stage/raw" | cut -f1) - -#create the header (with the marker set for signing -echo -ne "Nanohub OS\x00\xFF" > "$stage/hdr" -printhex $signed_sz >> "$stage/hdr" - -#concat the data to header -cat "$stage/hdr" "$stage/raw" > "$stage/with_hdr" - -#create the signature -nanoapp_sign sign "$priv1" "$pub1" < "$stage/with_hdr" > "$stage/sig" +priv=$1 +pub=$2 +raw_image=$3 -#produce signed output -cat "$stage/with_hdr" "$stage/sig" "$pub1" +# make signed image with header; suitable for BL +# to be consumed by BL it has to be named nanohub.kernel.signed +nanoapp_postprocess -n os -r ${raw_image} ${raw_image}.oshdr +nanoapp_sign -s -e ${priv} -m ${pub} -r ${raw_image}.oshdr nanohub.kernel.signed -terminate 0 +# embed this image inside nanoapp container +nanoapp_postprocess -n os nanohub.kernel.signed ${raw_image}.napp -- cgit v1.2.3