Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

scripts/bootloader: Add ed25519/sha512 to scripts #18959

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

scripts/bootloader: Add ed25519/sha512 to scripts #18959

wants to merge 1 commit into from
+1,011 −112

Conversation

fundakol
Copy link

@fundakol fundakol commented Nov 19, 2024
edited
Loading

  • added sha512 to hash.py script
  • added ed25519 to keygen.py scipt
  • added ed25519 to do_sign.py script with optional sha512
  • added ed25519 to validation_data.py` script

@CLAassistant
Copy link

CLAassistant commented Nov 19, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Nov 19, 2024
@NordicBuilder
Copy link
Contributor

NordicBuilder commented Nov 19, 2024
edited
Loading

CI Information

To view the history of this post, clich the 'edited' button above
Build number: 29

Inputs:

Sources:

sdk-nrf: PR head: 74b17dfa499ade92a35a9be3bc04fb46a3d4e7e3

more details

sdk-nrf:

PR head: 74b17dfa499ade92a35a9be3bc04fb46a3d4e7e3
merge base: d839e3cda69a64e0f3de12cea337aef824512bcb
target head (main): ce8fde036e24298f6a952e73237706fed09073f1
Diff

Github labels

Enabled Name Description
ci-disabled Disable the ci execution
ci-all-test Run all of ci, no test spec filtering will be done
ci-force-downstream Force execution of downstream even if twister fails
ci-run-twister Force run twister
ci-run-zephyr-twister Force run zephyr twister
List of changed files detected by CI (9) 
scripts
│  ├── bootloader
│  │  ├── do_sign.py
│  │  ├── hash.py
│  │  ├── keygen.py
│  │  ├── tests
│  │  │  ├── asn1parse_test.py
│  │  │  ├── conftest.py
│  │  │  ├── do_sign_test.py
│  │  │  ├── keygen_test.py
│  │  │  │ validation_data_test.py
│  │  │ validation_data.py

Outputs:

Toolchain

Version: b77d8c1312
Build docker image: docker-dtr.nordicsemi.no/sw-production/ncs-build:b77d8c1312_912848a074

Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped; ⚠️ Quarantine

  • ◻️ Toolchain - Skipped: existing toolchain is used
  • ✅ Build twister
    • sdk-nrf test count: 44
  • ✅ Integration tests
    • ✅ test-fw-nrfconnect-boot
    • ✅ test-sdk-mcuboot
    • ⚠️ test-fw-nrfconnect-fw-update
Disabled integration tests
    • desktop52_verification
    • doc-internal
    • test_ble_nrf_config
    • test-fw-nrfconnect-apps
    • test-fw-nrfconnect-ble_mesh
    • test-fw-nrfconnect-ble_samples
    • test-fw-nrfconnect-chip
    • test-fw-nrfconnect-fem
    • test-fw-nrfconnect-nfc
    • test-fw-nrfconnect-nrf-iot_libmodem-nrf
    • test-fw-nrfconnect-nrf-iot_lwm2m
    • test-fw-nrfconnect-nrf-iot_mosh
    • test-fw-nrfconnect-nrf-iot_nrf_provisioning
    • test-fw-nrfconnect-nrf-iot_positioning
    • test-fw-nrfconnect-nrf-iot_samples
    • test-fw-nrfconnect-nrf-iot_serial_lte_modem
    • test-fw-nrfconnect-nrf-iot_thingy91
    • test-fw-nrfconnect-nrf-iot_zephyr_lwm2m
    • test-fw-nrfconnect-nrf_crypto
    • test-fw-nrfconnect-ps
    • test-fw-nrfconnect-rpc
    • test-fw-nrfconnect-rs
    • test-fw-nrfconnect-tfm
    • test-fw-nrfconnect-thread
    • test-fw-nrfconnect-zigbee
    • test-low-level
    • test-sdk-audio
    • test-sdk-dfu
    • test-sdk-find-my
    • test-sdk-pmic-samples
    • test-sdk-sidewalk
    • test-sdk-wifi
    • test-secdom-samples-public

Note: This message is automatically posted and updated by the CI

@fundakol fundakol force-pushed the bootloader/ed25519-keygen branch 3 times, most recently from 1c315d2 to b436a1d Compare November 19, 2024 15:09
nordicjm
nordicjm requested changes Nov 20, 2024
View reviewed changes
Copy link
Contributor

@nordicjm nordicjm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also missing changes to validation_data.py

scripts/bootloader/do_sign.py Outdated Show resolved Hide resolved
scripts/bootloader/keygen.py Outdated Show resolved Hide resolved
scripts/bootloader/keygen.py Outdated Show resolved Hide resolved
@fundakol fundakol force-pushed the bootloader/ed25519-keygen branch 11 times, most recently from adc2886 to ffa7e39 Compare November 22, 2024 08:36
@fundakol fundakol marked this pull request as ready for review November 22, 2024 08:39
@fundakol fundakol requested a review from a team as a code owner November 22, 2024 08:39
@fundakol fundakol force-pushed the bootloader/ed25519-keygen branch 4 times, most recently from 33c4465 to e78e5ec Compare November 25, 2024 15:59
nvlsianpu
nvlsianpu reviewed Nov 25, 2024
View reviewed changes
Copy link
Contributor

@nvlsianpu nvlsianpu left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
note for me.: usage cmake/sysbuild/debug_keys.cmake
nRF54l15 KMU is place for public keys BL_PUBKY_[n], digests unwanted.

@fundakol fundakol force-pushed the bootloader/ed25519-keygen branch 4 times, most recently from 4a4b80b to 380e9d9 Compare November 28, 2024 12:30
@fundakol fundakol force-pushed the bootloader/ed25519-keygen branch 2 times, most recently from 613256f to 0f262bd Compare November 28, 2024 13:23
@nordicjm nordicjm mentioned this pull request Nov 29, 2024
Open
@fundakol
scripts/bootloader: Add ed25519/sha512 to scripts
74b17df 
Python scripts implementing ed25519 and sha512 support needed
for nsib image signing.

Signed-off-by: Lukasz Fundakowski <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nvlsianpu nvlsianpu nvlsianpu left review comments

@nordicjm nordicjm nordicjm requested changes

@gchwier gchwier Awaiting requested review from gchwier

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@fundakol @CLAassistant @NordicBuilder @nvlsianpu @nordicjm