mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
Merge branch 'fix/prod_mode_in_configure_ds_script' into 'master'
configure_ds.py: Fix the error for prod mode. They script now only verifies... Closes IDFGH-6649 See merge request espressif/esp-idf!16995
This commit is contained in:
Mahavir Jain
commit
a32a7729b3
@ -1,16 +1,6 @@
|
|||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# Copyright 2020 Espressif Systems (Shanghai) Co., Ltd.
|
# SPDX-FileCopyrightText: 2020-2022 Espressif Systems (Shanghai) CO LTD
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
# you may not use this file except in compliance with the License.
|
|
||||||
# You may obtain a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
# See the License for the specific language governing permissions and
|
|
||||||
# limitations under the License.
|
|
||||||
import argparse
|
import argparse
|
||||||
import hashlib
|
import hashlib
|
||||||
import hmac
|
import hmac
|
||||||
@ -263,18 +253,26 @@ def configure_efuse_key_block(args, idf_target):
|
|||||||
key_file.write(new_hmac_key)
|
key_file.write(new_hmac_key)
|
||||||
# Burn efuse key
|
# Burn efuse key
|
||||||
efuse_burn_key(args, idf_target)
|
efuse_burn_key(args, idf_target)
|
||||||
# Read fresh summary of the efuse to read the key value from efuse.
|
if args.production is False:
|
||||||
# If the key read from efuse matches with the key generated
|
# Read fresh summary of the efuse to read the key value from efuse.
|
||||||
# on host then burn_key operation was successfull
|
# If the key read from efuse matches with the key generated
|
||||||
new_efuse_summary_json = get_efuse_summary_json(args, idf_target)
|
# on host then burn_key operation was successfull
|
||||||
hmac_key_read = new_efuse_summary_json[key_blk]['value']
|
new_efuse_summary_json = get_efuse_summary_json(args, idf_target)
|
||||||
hmac_key_read = bytes.fromhex(hmac_key_read)
|
hmac_key_read = new_efuse_summary_json[key_blk]['value']
|
||||||
if new_hmac_key == hmac_key_read:
|
print(hmac_key_read)
|
||||||
print('Key was successfully written to the efuse (KEY BLOCK %1d)' % (args.efuse_key_id))
|
hmac_key_read = bytes.fromhex(hmac_key_read)
|
||||||
|
if new_hmac_key == hmac_key_read:
|
||||||
|
print('Key was successfully written to the efuse (KEY BLOCK %1d)' % (args.efuse_key_id))
|
||||||
|
else:
|
||||||
|
print('ERROR: Failed to burn the hmac key to efuse (KEY BLOCK %1d),'
|
||||||
|
'\nPlease execute the script again using a different key id' % (args.efuse_key_id))
|
||||||
|
return None
|
||||||
else:
|
else:
|
||||||
print('ERROR: Failed to burn the hmac key to efuse (KEY BLOCK %1d),'
|
new_efuse_summary_json = get_efuse_summary_json(args, idf_target)
|
||||||
'\nPlease execute the script again using a different key id' % (args.efuse_key_id))
|
if new_efuse_summary_json[key_purpose]['value'] != 'HMAC_DOWN_DIGITAL_SIGNATURE':
|
||||||
return None
|
print('ERROR: Failed to verify the key purpose of the key block{})'.format(args.efuse_key_id))
|
||||||
|
return None
|
||||||
|
hmac_key_read = new_hmac_key
|
||||||
else:
|
else:
|
||||||
# If the efuse key block is redable, then read the key from efuse block and use it for encrypting the RSA private key parameters.
|
# If the efuse key block is redable, then read the key from efuse block and use it for encrypting the RSA private key parameters.
|
||||||
# If the efuse key block is not redable or it has key purpose set to a different
|
# If the efuse key block is not redable or it has key purpose set to a different
|
||||||
@ -297,7 +295,7 @@ def configure_efuse_key_block(args, idf_target):
|
|||||||
'\nplease execute the script again with a different value of the efuse key id.' % (args.efuse_key_id))
|
'\nplease execute the script again with a different value of the efuse key id.' % (args.efuse_key_id))
|
||||||
return None
|
return None
|
||||||
|
|
||||||
# Return the hmac key read from the efuse
|
# Return the hmac key burned into the efuse
|
||||||
return hmac_key_read
|
return hmac_key_read
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -2657,7 +2657,6 @@ examples/protocols/mdns/main/mdns_example_main.c
|
|||||||
examples/protocols/mdns/mdns_example_test.py
|
examples/protocols/mdns/mdns_example_test.py
|
||||||
examples/protocols/mqtt/ssl/main/app_main.c
|
examples/protocols/mqtt/ssl/main/app_main.c
|
||||||
examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py
|
examples/protocols/mqtt/ssl/mqtt_ssl_example_test.py
|
||||||
examples/protocols/mqtt/ssl_ds/configure_ds.py
|
|
||||||
examples/protocols/mqtt/ssl_ds/main/app_main.c
|
examples/protocols/mqtt/ssl_ds/main/app_main.c
|
||||||
examples/protocols/mqtt/ssl_mutual_auth/main/app_main.c
|
examples/protocols/mqtt/ssl_mutual_auth/main/app_main.c
|
||||||
examples/protocols/mqtt/ssl_psk/main/app_main.c
|
examples/protocols/mqtt/ssl_psk/main/app_main.c
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user