1.9.7 ECDSA and postBuild.bat
When using ECDSA verification, a SHA256 signature needs to be generated and stored inside the application binary. This signature is used by the bootloader to verify the application code was signed with the users private key. The bootloader uses the public key generated from the users private key along with the signature stored in the application binary to verify the contents of the application code is valid and has not been modified in any form. The two parts of the final application code consist of the two regions of memory shown below. The first is the signature block which contains the signature of the code along with the start and end address of the application itself. The second part of the memory space is the application itself.
- Generating the signature
-
Generating and inserting the signature into the above file is a multi-step process using standard and custom tools. First how the signature is stored and computed on the device needs to be understood. The signature is computed over the entire space indicated by the "Signature Start Address" and "Signature End Address" fields in the structure above. Notice that these address may include the signature itself. To avoid the obvious issue here of including the signature in the signature space, when computing or verifying the signature the values of these keys will be zero during the computation or verification of the signature of this space. This is straight forward when computing the signature by just setting those value to zero and compute. However, on verifying the signature, the firmware will need to clear these values while doing the computation on these locations but use the actual values to verify the signatures match
Understanding how the files postBuild.bat and postBuild.sh sign the application code MCC generates a script file to compute and embed the signature into the hex file created by the compiler and linker. This script file consists of multiple commands that compute the signature and insert the signature into the hex file. An example script file is located at the end of this page and we will step through what each section does. The verification screen used in this example is also shown belowTo compute the signature on the contents of the hex file, the first step is to prep the application hex file. First , force the signature keys to zero. Then, since the generated application hex file only contains the "used" locations, all of the unused locations in the memory space must be filled with the value of a blank flash(0x00FFFFFF). These two steps are done below.
REM Blank signature location hexmate r0-8FFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r9080-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex -FILL=w1:0x00,0x00,0x00,0x00@0x9000:0x907F REM Fill in unimplemented flash locations hexmate r0-FFFFFFFF,..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex -O..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex -FILL=w1:0xFF,0xFF,0xFF,0x00@0x8000:0x156FFF
The next step is prepare the file for signing. The signing tool needs a pure binary file and the binary file should only include the application itself. The hex file above has not only the application, but includes the interrupt tables and other code outside the application space specified by the "Signature Start Address" and "Signature End Address" fields. This step will remove all of those locations from the hex file and convert it to the pure binary file the signing tool can use. These two operations are performed by the next two commands in the command file. HexMate is used to take the code from application space and shift the data down to address 0. The output of this is then converted to a binary file using xc16-objcopy. The location of the xc16-objcopy is located in the MPLABx bin directory pointed to by the MPLABx path . This path is passed in as the first command line argument %1 below
REM Generate application binary image hexmate r8000-156FFFs-8000,..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex -O..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex xc16-objcopy -I ihex -O binary ..\\..\\dist\\default\\production\\temp_original_copy.X.production.hex ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin
It is now time to create the signature of the file MyProject.X.production.bin generated above which is a pure binary file of just the application code. The script will use the tool "signing_tool.jar". "Signing_tool.jar" will take the pure binary application file from the previous step along with the private key stored in the file private.pem and create a standard signature file with the filename input filename + "signature.der". This is shown below.
REM Sign binary file java -jar signing_tool.jar -sign ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin ..\\..\\..\\..\..\\Temp\\GB610-Boot.X\\private_key.pem ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.der
The previous step created a standard signature file with the input filename appended with "signature.der" This file will then be sent through the signing_tool.jar again to create a pure binary file that contains just the 16 signature words.
REM Export signature value java -jar signing_tool.jar -export ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.der ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.bin
The converted output signature file above is a pure binary file with just the 16, 32-bit signature words in it. The next step is to convert this file to a hex file that can be merged into the final output hex file later on. The signature.bin file is converted to hex formatted file using the below command. The location of the xc16-objcopy is located in the MPLABx bin directory pointed to by the MPLABx path . This path is passed in as the first command line argument %1 below
REM Covert signature to .hex format xc16-objcopy -I binary -O ihex ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.bin ..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex
Finally, the contents of this signature.hex file needs to be merged into the original hex file. The process is made more difficult by needing to account for the phantom bytes of the PIC24/dsPIC architecture. To account for this, each of the sixteen, 32-bit signature words are broken in half and each 16-bit half is stored in sequential 32 bit instructions as shown below
REM Copy signature .hex into application .hex file application header hexmate r0-1s9000,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9002-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-8FFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r2-3s9002,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9006-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9003,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r4-5s9004,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r900A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9007,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r6-7s9006,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r900E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-900B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r8-9s9008,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9012-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-900F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate rA-Bs900A,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9016-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9013,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate rC-Ds900C,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r901A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9017,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate rE-Fs900E,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r901E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-901B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r10-11s9010,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9022-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-901F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r12-13s9012,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9026-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9023,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r14-15s9014,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r902A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9027,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r16-17s9016,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r902E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-902B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r18-19s9018,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9032-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-902F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r1A-1Bs901A,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9036-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9033,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r1C-1Ds901C,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r903A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9037,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r1E-1Fs901E,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r903E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-903B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r20-21s9020,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9042-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-903F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r22-23s9022,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9046-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9043,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r24-25s9024,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r904A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9047,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r26-27s9026,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r904E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-904B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r28-29s9028,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9052-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-904F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r2A-2Bs902A,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9056-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9053,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r2C-2Ds902C,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r905A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9057,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r2E-2Fs902E,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r905E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-905B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r30-31s9030,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9062-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-905F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r32-33s9032,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9066-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9063,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r34-35s9034,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r906A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9067,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r36-37s9036,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r906E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-906B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r38-39s9038,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9072-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-906F,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r3A-3Bs903A,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r9076-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9073,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r3C-3Ds903C,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r907A-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-9077,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex hexmate r3E-3Fs903E,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.bin.signature.hex r907E-FFFFFFFF,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex r0-907B,..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex -O..\\..\\dist\\default\\production\\GB610_CG-App2.X.production.hex