From a99838f79a9249264f881b63857df9235ec96f4d Mon Sep 17 00:00:00 2001 From: Michal Starecek Date: Thu, 4 Apr 2024 15:02:47 +0200 Subject: [PATCH] Use stdlib ast.unparse for python 3.9+; add missing test file (#70) --- .gitignore | 2 +- requirements.txt | 2 +- spsdk/pfr/processor.py | 12 ++++-- .../lpc55s3x/sb3_256_256_keys_dont_match.yaml | 37 +++++++++++++++++++ 4 files changed, 47 insertions(+), 6 deletions(-) create mode 100644 tests/nxpimage/data/workspace/cfgs/lpc55s3x/sb3_256_256_keys_dont_match.yaml diff --git a/.gitignore b/.gitignore index 0ca3f4ce..ade8a77d 100644 --- a/.gitignore +++ b/.gitignore @@ -86,7 +86,7 @@ target/ # Jupyter Notebook .ipynb_checkpoints -workspace +examples/**/workspace # pyenv .python-version diff --git a/requirements.txt b/requirements.txt index c0f9c6e1..b3a095d6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ asn1crypto>=1.2,<1.6 -astunparse>=1.6,<1.7 +astunparse>=1.6,<1.7 ; python_version < '3.9' bincopy>=17.14.5,<20.1 bitstring>=3.1,<4.2 click-option-group>=0.3.0,<0.6 diff --git a/spsdk/pfr/processor.py b/spsdk/pfr/processor.py index be078bee..f225de92 100644 --- a/spsdk/pfr/processor.py +++ b/spsdk/pfr/processor.py @@ -1,7 +1,7 @@ #!/usr/bin/env python # -*- coding: UTF-8 -*- # -# Copyright 2020-2023 NXP +# Copyright 2020-2024 NXP # # SPDX-License-Identifier: BSD-3-Clause @@ -10,9 +10,13 @@ import ast import logging import re +import sys from typing import Tuple -import astunparse +if sys.version_info < (3, 9): + from astunparse import unparse +else: + from ast import unparse from .translator import Translator @@ -33,7 +37,7 @@ def __init__(self, translator: Translator) -> None: def visit_Attribute(self, node: ast.Attribute) -> ast.Constant: # pylint: disable=invalid-name """Translate Attribute Nodes.""" self.logger.debug("Transforming node attribute...") - thing = astunparse.unparse(node).strip() + thing = unparse(node).strip() value = self.translator.translate(thing) self.logger.debug(f"Attribute '{thing}' transformed into {value:x}") result = ast.Constant(value=value, kind=None) @@ -67,7 +71,7 @@ def process(self, condition: str) -> Tuple[bool, str]: self.logger.debug(f"Transforming condition: {condition}") org_node = ast.parse(condition, mode="eval") new_node = self.transformer.visit(org_node) - node_str = astunparse.unparse(new_node).rstrip() + node_str = unparse(new_node).rstrip() self.logger.debug(f"Transformed condition: {node_str}") node_str = self._replace_int_as_hex(node_str) # pylint: disable=eval-used diff --git a/tests/nxpimage/data/workspace/cfgs/lpc55s3x/sb3_256_256_keys_dont_match.yaml b/tests/nxpimage/data/workspace/cfgs/lpc55s3x/sb3_256_256_keys_dont_match.yaml new file mode 100644 index 00000000..41d04082 --- /dev/null +++ b/tests/nxpimage/data/workspace/cfgs/lpc55s3x/sb3_256_256_keys_dont_match.yaml @@ -0,0 +1,37 @@ +# Copyright 2023 NXP +# +# SPDX-License-Identifier: BSD-3-Clause +# =========== Secure Binary v3.1 converted config. =========== +# ---------------------------------------------------------------------------------------------------- +# == Basic Settings == +# ---------------------------------------------------------------------------------------------------- +firmwareVersion: '0x1' # [Optional], Firmware version; Version of application image firmware. +family: lpc55s3x # [Required], MCU family name; Possible options:['k32w1xx', 'kw45xx', 'lpc55s3x', 'mcxn9xx'] +containerOutputFile: .\workspace\output_images\lpc55s3x\sb3_256_256.sb3 # [Required], SB3 filename; Generated SB3 container filename. +# ---------------------------------------------------------------------------------------------------- +# == ISK Certificate Settings == +# ---------------------------------------------------------------------------------------------------- +certBlock: .\workspace\cfgs\cert_block\cert_256_256_data.yaml +signPrivateKey: .\workspace\keys_certs\ec_pk_secp256r1_cert3.pem # [Optional], ISK Certificate private key used to sign certificate. It can be replaced by signProvider key. +# ---------------------------------------------------------------------------------------------------- +# == Secure Binary v3.1 Settings == +# ---------------------------------------------------------------------------------------------------- +containerKeyBlobEncryptionKey: .\workspace\keys\userkey.txt # [Optional], Part Common Key; Path to PCK/NPK key in plain hex string format. +isNxpContainer: false # [Optional], Enable NXP Container format; Internal usage only, used for generating SB files with NXP content e.g. provisioning firmware, etc... +kdkAccessRights: 3 # [Optional], KDK access rights; Accepted values are 0, 1, 2 and 3. Value used as key properties for key derivation process, more details can be found in CSSv2 manual; Possible options:[0, 1, 2, 3] +containerConfigurationWord: '0x0' # [Optional], Container configuration word; Flag value in SB3.1 manifest, not used by silicons with LPC55S3x ROM. Value can be kept 0, or it can be removed from the configuration file. +description: sb3_256_256.sb3 # [Optional], Description up to 16 characters, longer will be truncated. Stored in SB3.1 manifest. +# ---------------------------------------------------------------------------------------------------- +# == Secure Binary v3.1 Commands Settings == +# ---------------------------------------------------------------------------------------------------- +commands: # [Required], SB3.1 Commands; Secure Binary v3.1 commands block, list of all possible options - Modify it according to your application + - erase: # [Required], Erase; Performs a flash erase of the given address range. The erase will be rounded up to the sector size. + address: '0x0' # [Required], Address of memory block to be erased. + size: '0x10000' # [Required], Size of memory block to be erased. + - load: # [Required], Load; If set, then the data to write immediately follows the range header. The length field contains the actual data length + address: '0x0' # [Required], Address of memory block to be loaded. + file: .\workspace\output_images\lpc55s3x\normal_boot_sign.bin # [Optional], Binary file to be loaded. +# ---------------------------------------------------------------------------------------------------- +# == Secure Binary v3.1 Testing Settings == +# ---------------------------------------------------------------------------------------------------- +timestamp: '0x123456' # [Optional], SB3 file force timestamp; For testing purposes. This option can override real timestamp of SB3 file.