Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
from .hexParser import IntelHexPrinter
from .ecWrapper import PublicKey
import hashlib
import binascii
args = get_argparser().parse_args()
if args.hex == None:
raise Exception("Missing hex filename to verify")
if args.key == None:
raise Exception("Missing public key")
if args.signature == None:
raise Exception("Missing signature")
# parse
parser = IntelHexParser(args.hex)
# prepare data
m = hashlib.sha256()
# consider areas are ordered by ascending address and non-overlaped
for a in parser.getAreas():
m.update(a.data)
dataToSign = m.digest()
publicKey = PublicKey(bytes(bytearray.fromhex(args.key)), raw=True)
signature = publicKey.ecdsa_deserialize(bytes(bytearray.fromhex(args.signature)))
if not publicKey.ecdsa_verify(bytes(dataToSign), signature, raw=True):
raise Exception("Signature not verified")
print("Signature verified")
return ""
if __name__ == '__main__':
from .hexParser import IntelHexParser
from .hexParser import IntelHexPrinter
import sys
import hashlib
import binascii
args = get_argparser().parse_args()
if args.hex == None:
raise Exception("Missing hex filename to hash")
# parse
parser = IntelHexParser(args.hex)
# prepare data
m = hashlib.sha256()
if (args.targetId):
m.update(struct.pack(">I", args.targetId))
if (args.targetVersion):
m.update(args.targetVersion)
# consider areas are ordered by ascending address and non-overlaped
for a in parser.getAreas():
m.update(a.data)
dataToSign = m.digest()
print(hexstr(dataToSign))
raise Exception("Missing fileName")
if args.appName == None:
raise Exception("Missing appName")
if args.path_slip21 != None and args.apilevel < 10:
raise Exception("SLIP 21 path not supported using this API level")
if args.appFlags == None:
args.appFlags = 0
if args.rootPrivateKey == None:
privateKey = PrivateKey()
publicKey = binascii.hexlify(privateKey.pubkey.serialize(compressed=False))
print("Generated random root public key : %s" % publicKey)
args.rootPrivateKey = privateKey.serialize()
args.appName = string_to_bytes(args.appName)
parser = IntelHexParser(args.fileName)
if args.bootAddr == None:
args.bootAddr = parser.getBootAddr()
path = b""
curveMask = 0xff
if args.curve != None:
curveMask = 0x00
for curve in args.curve:
if curve == 'secp256k1':
curveMask |= 0x01
elif curve == 'prime256r1':
curveMask |= 0x02
elif curve == 'ed25519':
curveMask |= 0x04
else:
raise Exception("Unknown curve " + curve)
parser.add_argument("--nocrc", help="Load HEX file without checking CRC of loaded sections", action='store_true')
return parser
if __name__ == '__main__':
from .hexParser import IntelHexParser
from .hexLoader import HexLoader
from .comm import getDongle
args = get_argparser().parse_args()
if args.targetId == None:
raise Exception("Missing targetId")
if args.fileName == None:
raise Exception("Missing fileName")
parser = IntelHexParser(args.fileName)
if args.bootAddr == None:
args.bootAddr = parser.getBootAddr()
dongle = getDongle(args.apdu)
#relative load
loader = HexLoader(dongle, 0xe0, False, None, False)
loader.validateTargetId(args.targetId)
hash = loader.load(0xFF, 0xF0, parser, reverse=args.reverse, doCRC=(not args.nocrc))
loader.run(args.bootAddr)