Merge branch 'master' of github.com:solokeys/solo

.gitmodules

@@ -1,9 +1,6 @@
 [submodule "tinycbor"]
 	path = tinycbor
 	url = https://github.com/intel/tinycbor
-[submodule "python-fido2"]
-	path = python-fido2
-	url = https://github.com/solokeys/python-fido2
 [submodule "crypto/micro-ecc"]
 	path = crypto/micro-ecc
 	url = https://github.com/kmackay/micro-ecc.git

Dockerfile

@@ -14,7 +14,7 @@ RUN echo "fb31fbdfe08406ece43eef5df623c0b2deb8b53e405e2c878300f7a1f303ee52  gcc.
 RUN sha256sum -c gcc.sha256
 RUN tar -C /opt -xf gcc.tar.bz2
 
-# 2. Python3.7: for solotool (merging etc.)
+# 2. Python3.7: for solo-python (merging etc.)
 RUN wget -q -O miniconda.sh https://repo.anaconda.com/miniconda/Miniconda3-4.5.12-Linux-x86_64.sh
 #   from website
 RUN echo "866ae9dff53ad0874e1d1a60b1ad1ef8  miniconda.sh" > miniconda.md5
@@ -24,8 +24,10 @@ RUN echo "e5e5b4cd2a918e0e96b395534222773f7241dc59d776db1b9f7fedfcb489157a  mini
 RUN sha256sum -c miniconda.sha256
 
 RUN bash ./miniconda.sh -b -p /opt/conda
-RUN ln -s /opt/conda/bin/python3 /usr/local/bin/python3
+RUN ln -s /opt/conda/bin/python /usr/local/bin/python3
-RUN ln -s /opt/conda/bin/python3 /usr/local/bin/python
+RUN ln -s /opt/conda/bin/python /usr/local/bin/python
+RUN ln -s /opt/conda/bin/pip /usr/local/bin/pip3
+RUN ln -s /opt/conda/bin/pip /usr/local/bin/pip
 
 # 3. Source code
 RUN git clone --recurse-submodules https://github.com/solokeys/solo /solo --config core.autocrlf=input

Makefile

@@ -61,6 +61,7 @@ crypto/micro-ecc/uECC.o: ./crypto/micro-ecc/uECC.c
 
 venv:
 	python3 -m venv venv
+	venv/bin/pip -q install --upgrade pip
 	venv/bin/pip -q install --upgrade -r tools/requirements.txt
 	venv/bin/pip -q install --upgrade black
 
@@ -69,7 +70,7 @@ black: venv
 	venv/bin/black --skip-string-normalization --check tools/
 
 wink: venv
-	venv/bin/python tools/solotool.py solo --wink
+	venv/bin/solo key wink
 
 fido2-test: venv
 	venv/bin/python tools/ctap_test.py

README.md

@@ -48,7 +48,8 @@ cd ../..
 
 make venv
 source venv/bin/activate
-python tools/solotool.py program targets/stm32l432/solo.hex
+solo program aux enter-bootloader
+solo program bootloader targets/stm32l432/solo.hex
 ```
 
 Alternatively, run `make docker-build` and use the firmware generated in `/tmp`.

STABLE_VERSION

@@ -1 +1 @@
-1.1.0
+1.1.1

docs/solo/building.md

@@ -55,11 +55,11 @@ If you use `DEBUG=2`, that means Solo will not boot until something starts readi
 it's debug messages.  So it basically it waits to tether to a serial terminal so that you don't
 miss any debug messages.
 
-We recommend using our `solotool.py` as a serial emulator since it will automatically
+We recommend using our `solo` tool as a serial emulator since it will automatically
 reconnect each time you program Solo.
 
 ```
-python tools/solotool.py monitor <serial-port>
+solo monitor <serial-port>
 ```
 
 #### Linux Users:
@@ -86,7 +86,7 @@ Programming `all.hex` will cause the device to permanently lock itself.
 It's recommended to test a debug/hacker build first to make sure Solo is working as expected.
 Then you can switch to a locked down build, which cannot be reprogrammed as easily (or not at all!).
 
-We recommend using our `solotool.py` to manage programming.  It is cross platform.  First you must
+We recommend using our `solo` tool to manage programming.  It is cross platform.  First you must
 install the prerequisites:
 
 ```
@@ -101,7 +101,8 @@ If your Solo device is already programmed (it flashes green when powered), we re
 programming it using the Solo bootloader.
 
 ```
-python tools/solotool.py program solo.hex
+solo program aux enter-bootloader
+solo program bootloader solo.hex
 ```
 
 Make sure to program `solo.hex` and not `all.hex`.  Nothing bad would happen, but you'd
@@ -125,7 +126,10 @@ off and it enumerates as "STM BOOTLOADER".
 You can program it by running the following.
 
 ```
-python tools/solotool.py program all.hex --use-dfu --detach
+solo program aux enter-bootloader
+solo program aux enter-dfu
+# powercycle key
+solo program dfu all.hex
 ```
 
 Make sure to program `all.hex`, as this contains both the bootloader and the Solo application.
@@ -145,14 +149,14 @@ A locked Solo will only accept signed updates.
 If this is not a device with a hacker build, you can only program signed updates.
 
 ```
-python tools/solotool.py program /path/to/firmware.json
+solo program bootloader /path/to/firmware.json
 ```
 
 If you've provisioned the Solo bootloader with your own secp256r1 public key, you can sign your
 firmware by running the following command.
 
 ```
-python tools/solotool.py sign /path/to/signing-key.pem /path/to/solo.hex /output-path/to/firmware.json
+solo sign /path/to/signing-key.pem /path/to/solo.hex /output-path/to/firmware.json
 ```
 
 If your Solo isn't locked, you can always reprogram it using a debugger connected directly
@@ -175,5 +179,5 @@ If you'd like to also permanently disable signed updates, plug in your programme
 
 ```
 # WARNING: No more signed updates.
-python tools/programmer.py --disable
+solo program disable-bootloader
 ```

in-docker-build.sh

@@ -35,3 +35,10 @@ build bootloader nonverifying
 build bootloader verifying
 build firmware hacker solo
 build firmware secure solo
+
+pip install -U pip
+pip install -U solo-python
+cd ${out_dir}
+bundle="bundle-hacker-${version}"
+/opt/conda/bin/solo mergehex bootloader-nonverifying-${version}.hex firmware-hacker-${version}.hex ${bundle}.hex
+sha256sum ${bundle}.hex > ${bundle}.sha2

python-fido2

@@ -1 +0,0 @@
-Subproject commit 329434fdd476870ff0a73196b6de8a963409235f

targets/stm32l432/Makefile

@@ -5,7 +5,7 @@ endif
 APPMAKE=build/application.mk
 BOOTMAKE=build/bootloader.mk
 
-merge_hex=../../tools/solotool.py mergehex
+merge_hex=solo mergehex
 
 .PHONY: all all-hacker all-locked debugboot-app debugboot-boot boot-sig-checking boot-no-sig build-release-locked build-release build-release build-hacker build-debugboot clean clean2 flash flash_dfu flashboot detach cbor test
 

tools/requirements.txt

@@ -2,5 +2,6 @@ ecdsa
 fido2
 intelhex
 pyserial
+solo-python
 pyusb
 wheel