Closed notronrj closed 6 months ago
Contributor agreement approved. @danielinux over to you.
Looks good to me. I was able to test using
./tools/keytools/sign --custom-tlv-string 0x0030 "0.99.910(6)" --no-sign --sha256 test-app/image.bin 6
. It would be nice to have documentation added to docs/Signing.md. It would also be nice to have a test case added to.github/workflows/test-custom-tlv-simulator.yml
. Over to @danielinux to finalize.
I updated the documentation. I hope you don't mind.
Looks good to me. I was able to test using
./tools/keytools/sign --custom-tlv-string 0x0030 "0.99.910(6)" --no-sign --sha256 test-app/image.bin 6
. It would be nice to have documentation added to docs/Signing.md. It would also be nice to have a test case added to.github/workflows/test-custom-tlv-simulator.yml
. Over to @danielinux to finalize.I updated the documentation. I hope you don't mind.
Thank you so much!
@notronrj this looks good! Thanks for taking the time to update the doc as well!
I think we should also add a non-regression test to the github workflow:
--- a/.github/workflows/test-keytools.yml
+++ b/.github/workflows/test-keytools.yml
@@ -264,3 +264,8 @@ jobs:
./tools/keytools/sign --ecc256 --sha256 --custom-tlv-buffer 0x46 48656C6C6F20776F726C64 test-app/image.elf wolfboot_signing_private_key.der 3
grep "Hello world" test-app/image_v3_signed.bin
+ - name: Sign app with custom string TLV included
+ run: |
+ ./tools/keytools/sign --ecc256 --sha256 --custom-tlv-string 0x46 "Hello world" test-app/image.elf wolfboot_signing_private_key.der 3
+ grep "Hello world" test-app/image_v3_signed.bin
+
[edit: updated patch to include Tag]
@notronrj could you please add a commit with the added test in the github workflow ?
@danielinux taking care of that now.
I'm having an issue pushing the github workflow commit. See below.
The error is:
! [remote rejected] custom-tlv-string -> custom-tlv-string (refusing to allow a Personal Access Token to create or update workflow .github/workflows/test-keytools.yml
without workflow
scope)
error: failed to push some refs to 'https://github.com/notronrj/wolfBoot.git'
tact@zephyr:~/development/wolfBoot$ git log commit ec8e537ee424f755c857964df29d533f6fdb1677 (HEAD -> custom-tlv-string) Author: Jim Norton jnorton@transact-tech.com Date: Thu Apr 4 10:34:31 2024 -0400
Added custom-tlv-string non-regression test to github workflows
What am I missing?
Thank you.
@danielinux
I fixed my git workflow issue. My personal access token didn't have workflow
set. See, you learn something new everyday!
@dgarske @danielinux Non-regression tests seem to be hung?
Thank you all for accepting the PR.
Thank you!
Added the ability to create a custom-tlv using an ASCII string to the keytools/sign tool.
Example usage:
sign --custom-tlv-string 0x0030 "0.99.910(6)" --no-sign --sha256 ${projectBaseDir}/release/zephyr.bin 6
This will create a custom TLV tag as if you'd used --custom-tlv-buffer 0x0030 302E39392E393130283629 Tag: 0030 Len: 11 Val: 302E39392E393130283629
The above invocation of the sign tool generates the following header in the binary:
Showing that the two commands are equivalent see the following:
Invocation:
sign --custom-tlv-string 0x0030 "0.99.910(6)" --custom-tlv-buffer 0x0031 302E39392E393130283629 --no-sign --sha256 ${projectBaseDir}/release/zephyr.bin 6
And the resulting header in the binary:
Note: This PR came out of a support ticket at https://wolfssl.zendesk.com/hc/en-us/requests/17637