Removed all compile-time dependency from keytools

Author: danielinux

Makefile

@@ -85,6 +85,9 @@ ifeq ($(TARGET),ti_hercules)
   LSCRIPT_FLAGS+=--run_linker $(LSCRIPT)
 endif
 
+# Environment variables for sign tool
+SIGN_ENV=IMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE) WOLFBOOT_SECTOR_SIZE=$(WOLFBOOT_SECTOR_SIZE)
+
 
 MAIN_TARGET=factory.bin
 TARGET_H_TEMPLATE:=include/target.h.in
@@ -218,7 +221,7 @@ $(SECONDARY_PRIVATE_KEY): $(PRIVATE_KEY) keystore.der
 		-g $(SECONDARY_PRIVATE_KEY)) || true
 	$(Q)(test "$(FLASH_OTP_KEYSTORE)" = "1") && (make -C tools/keytools/otp) || true
 
-keytools: include/target.h
+keytools:
 	@echo "Building key tools"
 	@$(MAKE) -C tools/keytools -s clean
 	@$(MAKE) -C tools/keytools -j
@@ -238,10 +241,10 @@ test-app/image_v1_signed.bin: $(BOOT_IMG)
 	@echo "\tSECONDARY_SIGN_OPTIONS=$(SECONDARY_SIGN_OPTIONS)"
 	@echo "\tSECONDARY_PRIVATE_KEY=$(SECONDARY_PRIVATE_KEY)"
 
-	$(Q)(test $(SIGN) = NONE) || IMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE) "$(SIGN_TOOL)" $(SIGN_OPTIONS) \
+	$(Q)(test $(SIGN) = NONE) || $(SIGN_ENV) $(SIGN_TOOL) $(SIGN_OPTIONS) \
 		$(SECONDARY_SIGN_OPTIONS) $(BOOT_IMG) $(PRIVATE_KEY) \
 		$(SECONDARY_PRIVATE_KEY) 1 || true
-	$(Q)(test $(SIGN) = NONE) && IMAGE_HEADER_SIZE=$(IMAGE_HEADER_SIZE) "$(SIGN_TOOL)" $(SIGN_OPTIONS) $(BOOT_IMG) 1 || true
+	$(Q)(test $(SIGN) = NONE) && $(SIGN_ENV) $(SIGN_TOOL) $(SIGN_OPTIONS) $(BOOT_IMG) 1 || true
 
 test-app/image.elf: wolfboot.elf
 	$(Q)$(MAKE) -C test-app WOLFBOOT_ROOT="$(WOLFBOOT_ROOT)" image.elf

include/delta.h

@@ -72,6 +72,7 @@ int wb_patch_init(WB_PATCH_CTX *bm, uint8_t *src, uint32_t ssz, uint8_t *patch,
 int wb_patch(WB_PATCH_CTX *ctx, uint8_t *dst, uint32_t len);
 int wolfBoot_get_delta_info(uint8_t part, int inverse, uint32_t **img_offset,
     uint32_t **img_size, uint8_t **base_hash, uint16_t *base_hash_size);
+int wb_diff_get_sector_size(void);
 
 #endif
 

include/wolfboot/wolfboot.h

@@ -30,7 +30,9 @@ extern "C" {
 #endif
 
 #include <stdint.h>
+#ifdef __WOLFBOOT
 #include "target.h"
+#endif
 #include "wolfboot/version.h"
 
 #ifdef WOLFCRYPT_SECURE_MODE

src/delta.c

@@ -22,11 +22,11 @@
 #include <stdint.h>
 #include <string.h>
 #include <delta.h>
-#include <target.h> /* WOLFBOOT_SECTOR_SIZE */
 
 
 #define ESC 0x7f
 
+
 #if (defined(__IAR_SYSTEMS_ICC__) && (__IAR_SYSTEMS_ICC__ > 8)) || \
     defined(__GNUC__)
 #define BLOCK_HDR_PACKED __attribute__ ((packed))
@@ -46,7 +46,7 @@ struct BLOCK_HDR_PACKED block_hdr {
 #include "encrypt.h"
 #define ext_flash_check_write ext_flash_encrypt_write
 #define ext_flash_check_read ext_flash_decrypt_read
-#else
+#elif defined(__WOLFBOOT)
 #include "hal.h"
 #define ext_flash_check_write ext_flash_write
 #define ext_flash_check_read ext_flash_read
@@ -169,6 +169,36 @@ int wb_patch(WB_PATCH_CTX *ctx, uint8_t *dst, uint32_t len)
     return dst_off;
 }
 
+#ifndef __WOLFBOOT
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+
+static uint32_t wolfboot_sector_size = 0;
+
+int wb_diff_get_sector_size(void)
+{
+    uint32_t sec_sz = 0;
+    char *env_sector_size = NULL;
+    env_sector_size = getenv("WOLFBOOT_SECTOR_SIZE");
+    if (!env_sector_size) {
+       fprintf(stderr, "Please set the WOLFBOOT_SECTOR_SIZE environment variable in\n"
+               "order to sign a delta update.\n");
+       exit(6);
+    } else {
+        sec_sz = atoi(env_sector_size);
+        if (sec_sz == 0) {
+            errno = 0;
+            sec_sz = strtol(env_sector_size, NULL, 16);
+            if (errno != 0) {
+                fprintf(stderr, "Invalid WOLFBOOT_SECTOR_SIZE value\n");
+                exit(6);
+            }
+        }
+    }
+    return sec_sz;
+}
 
 int wb_diff_init(WB_DIFF_CTX *ctx, uint8_t *src_a, uint32_t len_a, uint8_t *src_b, uint32_t len_b)
 {
@@ -179,6 +209,8 @@ int wb_diff_init(WB_DIFF_CTX *ctx, uint8_t *src_a, uint32_t len_a, uint8_t *src_
     ctx->src_b = src_b;
     ctx->size_a = len_a;
     ctx->size_b = len_b;
+    wolfboot_sector_size = wb_diff_get_sector_size();
+    printf("WOLFBOOT_SECTOR_SIZE: %u\n", wolfboot_sector_size);
     return 0;
 }
 
@@ -196,7 +228,7 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
         return -1;
 
     while ((ctx->off_b + BLOCK_HDR_SIZE < ctx->size_b) && (len > p_off + BLOCK_HDR_SIZE)) {
-        uintptr_t page_start = ctx->off_b / WOLFBOOT_SECTOR_SIZE;
+        uintptr_t page_start = ctx->off_b / wolfboot_sector_size;
         uintptr_t pa_start;
         found = 0;
         if (p_off + BLOCK_HDR_SIZE >  len)
@@ -210,14 +242,14 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
          * base for the sectors that have already been updated.
          */
 
-        pa_start = WOLFBOOT_SECTOR_SIZE  * page_start;
+        pa_start = wolfboot_sector_size  * page_start;
         pa = ctx->src_a + pa_start;
         while (((uintptr_t)(pa - ctx->src_a) < (uintptr_t)ctx->size_a) && (p_off < len)) {
             if ((uintptr_t)(ctx->size_a - (pa - ctx->src_a)) < BLOCK_HDR_SIZE)
                 break;
             if ((ctx->size_b - ctx->off_b) < BLOCK_HDR_SIZE)
                 break;
-            if ((WOLFBOOT_SECTOR_SIZE - (ctx->off_b % WOLFBOOT_SECTOR_SIZE)) < BLOCK_HDR_SIZE)
+            if ((wolfboot_sector_size - (ctx->off_b % wolfboot_sector_size)) < BLOCK_HDR_SIZE)
                 break;
             if ((memcmp(pa, (ctx->src_b + ctx->off_b), BLOCK_HDR_SIZE) == 0)) {
                 uintptr_t b_start;
@@ -238,7 +270,7 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
                         /* Stop matching if the source image size limit is hit. */
                         break;
                     }
-                    if ((b_start / WOLFBOOT_SECTOR_SIZE) < ((ctx->off_b + 1) / WOLFBOOT_SECTOR_SIZE)) {
+                    if ((b_start / wolfboot_sector_size) < ((ctx->off_b + 1) / wolfboot_sector_size)) {
                         /* Stop matching when the sector bound is hit. */
                         break;
                     }
@@ -262,7 +294,7 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
         }
         if (!found) {
             /* Try matching an earlier section in the resulting image */
-            uintptr_t pb_end = page_start * WOLFBOOT_SECTOR_SIZE;
+            uintptr_t pb_end = page_start * wolfboot_sector_size;
             pb = ctx->src_b;
             while (((uintptr_t)(pb - ctx->src_b) < pb_end) && (p_off < len)) {
                 /* Check image boundary */
@@ -274,7 +306,7 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
                 /* Don't try matching backwards if the distance between the two
                  * blocks is smaller than one sector.
                  */
-                if (WOLFBOOT_SECTOR_SIZE > (page_start * WOLFBOOT_SECTOR_SIZE)
+                if (wolfboot_sector_size > (page_start * wolfboot_sector_size)
                         - (pb - ctx->src_b))
                     break;
 
@@ -338,5 +370,6 @@ int wb_diff(WB_DIFF_CTX *ctx, uint8_t *patch, uint32_t len)
     }
     return (int)p_off;
 }
+#endif /* __WOLFBOOT */
 
 #endif /* DELTA_UPDATES */

test-app/app_hifive1.c

@@ -24,6 +24,7 @@
 #include <string.h>
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 /* Change to '1' to enable uart update */
 #define UART_UPDATE 0

test-app/app_imx_rt.c

@@ -24,6 +24,7 @@
 #include "fsl_debug_console.h"
 #include "fsl_gpio.h"
 #include "fsl_iomuxc.h"
+#include "target.h"
 
 static int g_pinSet = false;
 extern void imx_rt_init_boot_clock(void);

test-app/app_kinetis.c

@@ -27,6 +27,7 @@
 #include "fsl_gpio.h"
 #include "fsl_clock.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 /* FRDM-K64 board */
 #if defined(CPU_MK64FN1M0VLL12)

test-app/app_mcxa.c

@@ -31,6 +31,7 @@
 #include "fsl_clock.h"
 
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 extern void hal_init(void);
 

test-app/app_nrf52.c

@@ -25,6 +25,7 @@
 #include "wolfboot/wolfboot.h"
 #include "hal/nrf52.h"
 #include "printf.h"
+#include "target.h"
 
 static const char extradata[1024 * 16] = "hi!";
 

test-app/app_nrf5340.c

@@ -25,6 +25,7 @@
 #include "wolfboot/wolfboot.h"
 #include "hal/nrf5340.h"
 #include "printf.h"
+#include "target.h"
 
 void gpiotoggle(uint32_t port, uint32_t pin)
 {

test-app/app_nrf5340_net.c

@@ -25,6 +25,7 @@
 #include "wolfboot/wolfboot.h"
 #include "hal/nrf5340.h"
 #include "printf.h"
+#include "target.h"
 
 void gpiotoggle(uint32_t port, uint32_t pin)
 {

test-app/app_renesas_rx.c

@@ -28,6 +28,7 @@
 #include "hal.h"
 #include "printf.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 /* route stdout to UART */
 int write(int fileno, char *buf, int count)

test-app/app_sim.c

@@ -26,6 +26,7 @@
 #include <string.h>
 #include <stdio.h>
 #include <unistd.h>
+#include "target.h"
 
 #include "wolfboot/wolfboot.h"
 

test-app/app_stm32f4.c

@@ -30,6 +30,7 @@
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
 #include "spi_flash.h"
+#include "target.h"
 
 #ifdef TARGET_stm32f4
 

test-app/app_stm32f7.c

@@ -27,6 +27,7 @@
 #include "system.h"
 #include "wolfboot/wolfboot.h"
 #include "hal.h"
+#include "target.h"
 
 
 /* UART module */

test-app/app_stm32h5.c

@@ -32,6 +32,7 @@
 #include "uart_drv.h"
 #include "wolfboot/wolfboot.h"
 #include "keystore.h"
+#include "target.h"
 
 #ifdef SECURE_PKCS11
 #include "wcs/user_settings.h"
@@ -867,4 +868,4 @@ void * _sbrk(unsigned int incr)
     }
     return old_heap;
 }
-#endif
+#endif

test-app/app_stm32h7.c

@@ -38,6 +38,7 @@
 #include "system.h"
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 #define SET_BIT(REG, BIT)   ((REG) |= (BIT))
 #define CLEAR_BIT(REG, BIT) ((REG) &= ~(BIT))

test-app/app_stm32l0.c

@@ -29,6 +29,7 @@
 #ifdef SPI_FLASH
 #include "spi_flash.h"
 #endif
+#include "target.h"
 
 #ifdef TARGET_stm32l0
 

test-app/app_stm32l4.c

@@ -25,6 +25,7 @@
 #include "led.h"
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 #ifdef TARGET_stm32l4
 

test-app/app_stm32l5.c

@@ -30,6 +30,7 @@
 #include "uart_drv.h"
 #include "wolfboot/wolfboot.h"
 #include "wolfboot/wc_secure.h"
+#include "target.h"
 
 #ifdef SECURE_PKCS11
 #include "wcs/user_settings.h"

test-app/app_stm32u5.c

@@ -28,6 +28,7 @@
 #include "system.h"
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
+#include "target.h"
 
 #define LED_BOOT_PIN (7) /* PH7 - Discovery - Green Led */
 #define LED_USR_PIN  (6) /* PH6 - Discovery - Red Led */

test-app/app_stm32wb.c

@@ -28,6 +28,7 @@
 #include "hal.h"
 #include "wolfboot/wolfboot.h"
 #include "uart_drv.h"
+#include "target.h"
 
 #ifdef TARGET_stm32wb
 

tools/efi/compile_efi_linux.sh

@@ -4,6 +4,7 @@ WORK_DIR=/tmp/wolfBoot_efi
 BR_VER=2022.08.3
 BR_DIR=buildroot-$BR_VER
 IMAGE_DIR=$WORK_DIR/output
+. .config
 
 if (test ! -d $WORK_DIR);then
     mkdir -p $WORK_DIR
@@ -17,10 +18,7 @@ fi
 BR2_EXTERNAL=$(pwd)/tools/efi/br_ext_dir make -C $WORK_DIR/$BR_DIR tiny_defconfig O=$IMAGE_DIR
 make -C $WORK_DIR/$BR_DIR O=$IMAGE_DIR
 
-SIGN_TOOL="python3 ./tools/keytools/sign.py"
-if [ -f "./tools/keytools/sign" ]; then
-    SIGN_TOOL="./tools/keytools/sign"
-fi
+SIGN_TOOL="./tools/keytools/sign"
 
 $SIGN_TOOL --ed25519 $IMAGE_DIR/images/bzImage wolfboot_signing_private_key.der 1
 $SIGN_TOOL --ed25519 $IMAGE_DIR/images/bzImage wolfboot_signing_private_key.der 2

tools/keytools/Makefile

@@ -177,25 +177,11 @@ endif
 
 .PHONY: clean all
 
-all: $(WOLFBOOTDIR)/include/target.h sign keygen
+all: sign keygen
 
 debug: CFLAGS+=$(DEBUG_FLAGS)
 debug: all
 
-# Target.h is required for key tools
-$(WOLFBOOTDIR)/include/target.h: $(WOLFBOOTDIR)/include/target.h.in
-	@cat $(WOLFBOOTDIR)/include/target.h.in | \
-	sed -e "s/@WOLFBOOT_PARTITION_SIZE@/$(WOLFBOOT_PARTITION_SIZE)/g" | \
-	sed -e "s/@WOLFBOOT_SECTOR_SIZE@/$(WOLFBOOT_SECTOR_SIZE)/g" | \
-	sed -e "s/@WOLFBOOT_PARTITION_BOOT_ADDRESS@/$(WOLFBOOT_PARTITION_BOOT_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_PARTITION_UPDATE_ADDRESS@/$(WOLFBOOT_PARTITION_UPDATE_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_PARTITION_SWAP_ADDRESS@/$(WOLFBOOT_PARTITION_SWAP_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_DTS_BOOT_ADDRESS@/$(WOLFBOOT_DTS_BOOT_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_DTS_UPDATE_ADDRESS@/$(WOLFBOOT_DTS_UPDATE_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_LOAD_ADDRESS@/$(WOLFBOOT_LOAD_ADDRESS)/g" | \
-	sed -e "s/@WOLFBOOT_LOAD_DTS_ADDRESS@/$(WOLFBOOT_LOAD_DTS_ADDRESS)/g" \
-		> $@
-
 # build objects
 $(OBJDIR)/%.o: %.c
 	$(Q)$(CC) $(CFLAGS) -c -o $@ $<