From 2a8498210c782a104798bd0fac10aefe572e9532 Mon Sep 17 00:00:00 2001 From: Conor Patrick Date: Mon, 10 Dec 2018 21:21:56 -0500 Subject: [PATCH] update solo hacker key --- targets/stm32l442/merge_hex.py | 10 +++++----- tools/gencert/gen_intermediate.sh | 2 +- tools/gencert/genca.sh | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/targets/stm32l442/merge_hex.py b/targets/stm32l442/merge_hex.py index a0d2470..55e6792 100644 --- a/targets/stm32l442/merge_hex.py +++ b/targets/stm32l442/merge_hex.py @@ -16,16 +16,15 @@ def flash_addr(num): args = sys.argv[:] # generic / hacker attestation key -secret_attestation_key = "cd67aa310d091ed16e7e9892aa070e1994fcd714ae7c408fb946b72e5fe75d30" +secret_attestation_key = "1b2626ecc8f69b0f69e34fb236d76466ba12ac16c3ab5750ba064e8b90e02448" # user supplied, optional for i,x in enumerate(args): if x == '-s': secret_attestation_key = args[i+1] + args = args[:i] + args[i+2:] break -if secret_attestation_key is not None: - args = args[:i] + args[i+2:] # TODO put definitions somewhere else PAGES = 128 @@ -35,6 +34,7 @@ ATTEST_ADDR = (flash_addr(PAGES - 15)) first = IntelHex(args[1]) for i in range(2, len(args)-1): + print('merging %s with ' % (args[1]), args[i]) first.merge(IntelHex( args[i] ), overlap = 'replace') first[AUTH_WORD_ADDR] = 0 @@ -49,9 +49,9 @@ first[AUTH_WORD_ADDR+7] = 0xff if secret_attestation_key is not None: key = unhexlify(secret_attestation_key) - print('using key ',key) + + for i,x in enumerate(key): - print(hex(ATTEST_ADDR + i)) first[ATTEST_ADDR + i] = x first.tofile(args[len(args)-1], format='hex') diff --git a/tools/gencert/gen_intermediate.sh b/tools/gencert/gen_intermediate.sh index 290905f..138339b 100644 --- a/tools/gencert/gen_intermediate.sh +++ b/tools/gencert/gen_intermediate.sh @@ -11,7 +11,7 @@ curve=prime256v1 openssl ecparam -genkey -name "$curve" -out "$keyname" -rand seed.txt # generate a "signing request" -openssl req -new -key "$keyname" -out "$keyname".csr -subj "/C=US/ST=Maryland/O=Solo Keys/OU=Authenticator Attestation/CN=solokeys.com/emailAddress=hello@solokeys.com" +openssl req -new -key "$keyname" -out "$keyname".csr -subj "/C=US/ST=Maryland/O=SOLO HACKER/OU=Authenticator Attestation/CN=solokeys.com/emailAddress=hello@solokeys.com" # sign the request openssl x509 -req -days 18250 -in "$keyname".csr -extfile v3.ext -CA "$2" -CAkey "$1" -set_serial 01 -out "$certname" -sha256 diff --git a/tools/gencert/genca.sh b/tools/gencert/genca.sh index f282fdf..bbde708 100644 --- a/tools/gencert/genca.sh +++ b/tools/gencert/genca.sh @@ -8,7 +8,7 @@ curve=prime256v1 # generate EC private key openssl ecparam -genkey -name "$curve" -out "$keyname" -rand seed.txt # generate a "signing request" -openssl req -new -key "$keyname" -out "$keyname".csr -subj "/C=US/ST=Maryland/O=Solo Keys/OU=Root CA/CN=solokeys.com/emailAddress=hello@solokeys.com" +openssl req -new -key "$keyname" -out "$keyname".csr -subj "/C=US/ST=Maryland/O=SOLO HACKER/OU=Root CA/CN=solokeys.com/emailAddress=hello@solokeys.com" # self sign the request openssl x509 -trustout -req -days 18250 -in "$keyname".csr -signkey "$keyname" -out "$certname" -sha256