| # |
| # Copyright (c) 2022 Project CHIP Authors |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| |
| |
| # Create a binary file with factory data given via kConfigs. |
| # |
| # This function creates a list of arguments for external script and then run it to write a factory data file. |
| # |
| # This script can be manipulated using following kConfigs: |
| # - To merge generated factory data with final zephyr.hex file set kConfig CONFIG_CHIP_FACTORY_DATA_MERGE_WITH_FIRMWARE=y |
| # - To use default certification paths set CONFIG_CHIP_FACTORY_DATA_USE_DEFAULTS_CERTS_PATH=y |
| # |
| # During generation process a some file will be created in zephyr's build directory under factory subdirectory: |
| # - factory_data.bin |
| # - factory_data.hex |
| # - DAC_cert.der |
| # - DAC_cert.pem |
| # - DAC_key.pem |
| # - DAC_private_key.bin |
| # - DAC_public_key.bin |
| # - pai_cert.der |
| # - onb_codes.csv |
| # - pin_disc.csv |
| # - qrcode.png |
| # - summary.json |
| # |
| # [Args]: |
| # factory_data_target - a name for target to generate factory_data. |
| # script_path - a path to script that makes a JSON factory data file from given arguments. |
| # output_path - a path to output directory, where created JSON file will be stored. |
| function(telink_create_factory_data_json factory_data_target script_path output_path) |
| |
| # set script args for future purpose |
| set(script_args) |
| ## generate all script arguments |
| string(APPEND script_args "--serial-num \"${CONFIG_CHIP_DEVICE_SERIAL_NUMBER}\"\n") |
| string(APPEND script_args "--mfg-date \"${CONFIG_CHIP_DEVICE_MANUFACTURING_DATE}\"\n") |
| string(APPEND script_args "--vendor-id ${CONFIG_CHIP_DEVICE_VENDOR_ID}\n") |
| string(APPEND script_args "--product-id ${CONFIG_CHIP_DEVICE_PRODUCT_ID}\n") |
| string(APPEND script_args "--vendor-name \"${CONFIG_CHIP_DEVICE_VENDOR_NAME}\"\n") |
| string(APPEND script_args "--product-name \"${CONFIG_CHIP_DEVICE_PRODUCT_NAME}\"\n") |
| string(APPEND script_args "--hw-ver ${CONFIG_CHIP_DEVICE_HARDWARE_VERSION}\n") |
| string(APPEND script_args "--hw-ver-str \"${CONFIG_CHIP_DEVICE_HARDWARE_VERSION_STRING}\"\n") |
| string(APPEND script_args "--overwrite\n") |
| string(APPEND script_args "--in-tree\n") |
| |
| # check if Rotating Device Id Unique Id should be generated |
| if(NOT CONFIG_CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID) |
| if(NOT DEFINED CONFIG_CHIP_DEVICE_ROTATING_DEVICE_UID) |
| message(FATAL_ERROR "CHIP_DEVICE_ROTATING_DEVICE_UID was not provided. To generate it use CONFIG_CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID=y") |
| else() |
| string(APPEND script_args "--rd-id-uid \"${CONFIG_CHIP_DEVICE_ROTATING_DEVICE_UID}\"\n") |
| endif() |
| else() |
| string(APPEND script_args "--enable-rotating-device-id\n") |
| endif() |
| |
| # find chip cert tool |
| find_program(chip_cert_exe NAMES chip-cert PATHS ${CHIP_ROOT}/out REQUIRED) |
| string(APPEND script_args "--chip-cert-path ${chip_cert_exe}\n") |
| |
| # for development purpose user can use default certs instead of generating or providing them |
| if(CONFIG_CHIP_FACTORY_DATA_USE_DEFAULT_CERTS) |
| # convert decimal VID to its hexadecimal representation to find out certification files in repository |
| math(EXPR LOCAL_VID "${CONFIG_CHIP_DEVICE_VENDOR_ID}" OUTPUT_FORMAT HEXADECIMAL) |
| string(SUBSTRING ${LOCAL_VID} 2 -1 raw_vid) |
| string(TOUPPER ${raw_vid} raw_vid_upper) |
| # convert decimal PID to its hexadecimal representation to find out certification files in repository |
| math(EXPR LOCAL_PID "${CONFIG_CHIP_DEVICE_PRODUCT_ID}" OUTPUT_FORMAT HEXADECIMAL) |
| string(SUBSTRING ${LOCAL_PID} 2 -1 raw_pid) |
| string(TOUPPER ${raw_pid} raw_pid_upper) |
| # all certs are located in ${CHIP_ROOT}/credentials/development/attestation |
| # it can be used during development without need to generate new certifications |
| string(APPEND script_args "--dac-cert \"${CHIP_ROOT}/credentials/development/attestation/Matter-Development-DAC-${raw_vid_upper}-${raw_pid_upper}-Cert.pem\"\n") |
| string(APPEND script_args "--dac-key \"${CHIP_ROOT}/credentials/development/attestation/Matter-Development-DAC-${raw_vid_upper}-${raw_pid_upper}-Key.pem\"\n") |
| string(APPEND script_args "--cert \"${CHIP_ROOT}/credentials/development/attestation/Matter-Development-PAI-${raw_vid_upper}-noPID-Cert.pem\"\n") |
| string(APPEND script_args "--key \"${CHIP_ROOT}/credentials/development/attestation/Matter-Development-PAI-${raw_vid_upper}-noPID-Key.pem\"\n") |
| string(APPEND script_args "-cd \"${CHIP_ROOT}/credentials/development/cd-certs/Chip-Test-CD-Cert.der\"\n") |
| string(APPEND script_args "--pai\n") |
| else() |
| # generate PAI and DAC certs |
| string(APPEND script_args "--cert \"${CHIP_ROOT}/credentials/test/attestation/Chip-Test-PAA-NoVID-Cert.pem\"\n") |
| string(APPEND script_args "--key \"${CHIP_ROOT}/credentials/test/attestation/Chip-Test-PAA-NoVID-Key.pem\"\n") |
| string(APPEND script_args "-cd \"${CHIP_ROOT}/credentials/development/cd-certs/Chip-Test-CD-Cert.der\"\n") |
| string(APPEND script_args "--paa\n") |
| endif() |
| |
| # find chip tool requied for generating QRCode |
| find_program(chip_tool_exe NAMES chip-tool PATHS ${CHIP_ROOT}/out REQUIRED) |
| string(APPEND script_args "--chip-tool-path ${chip_tool_exe}\n") |
| |
| # add Password-Authenticated Key Exchange parameters |
| string(APPEND script_args "--spake2-it \"${CONFIG_CHIP_DEVICE_SPAKE2_IT}\"\n") |
| string(APPEND script_args "--discriminator ${CONFIG_CHIP_DEVICE_DISCRIMINATOR}\n") |
| string(APPEND script_args "--passcode ${CONFIG_CHIP_DEVICE_SPAKE2_PASSCODE}\n") |
| |
| # request spake2p to generate a new spake2_verifier |
| find_program(spake_exe NAMES spake2p PATHS ${CHIP_ROOT}/out REQUIRED) |
| string(APPEND script_args "--spake2-path ${spake_exe}\n") |
| |
| if(CONFIG_CHIP_DEVICE_ENABLE_KEY) |
| # Add optional EnableKey that triggers user-specific action. |
| string(APPEND script_args "--enable-key \"${CONFIG_CHIP_DEVICE_ENABLE_KEY}\"\n") |
| endif() |
| |
| # get code-partition factory_partition address |
| dt_nodelabel(dts_partition_path NODELABEL "factory_partition") |
| dt_reg_addr(factory_off PATH ${dts_partition_path}) |
| |
| # get code-partition factory_partition size |
| dt_nodelabel(dts_partition_path NODELABEL "factory_partition") |
| dt_reg_size(factory_size PATH ${dts_partition_path}) |
| |
| string(APPEND script_args "--offset ${factory_off}\n") |
| string(APPEND script_args "--size ${factory_size}\n") |
| |
| string(APPEND script_args "--output \"${output_path}\"/factory\n") |
| |
| set(factory_data_bin ${output_path}/factory/factory_data.bin) |
| |
| # execute a script to create a factory data file |
| separate_arguments(separated_script_args NATIVE_COMMAND ${script_args}) |
| add_custom_command( |
| OUTPUT ${factory_data_bin} |
| DEPENDS ${FACTORY_DATA_SCRIPT_PATH} |
| COMMAND ${Python3_EXECUTABLE} ${FACTORY_DATA_SCRIPT_PATH} ${separated_script_args} |
| COMMENT "Generating new Factory Data..." |
| ) |
| add_custom_target(${factory_data_target} ALL |
| DEPENDS ${factory_data_bin} |
| ) |
| |
| endfunction() |
| |
| |
| # Generate factory data partition using given args |
| # |
| # |
| # During generation process a some file will be created in zephyr's build directory: |
| # - merged.hex a file containing firmware and factory data merged to single file |
| # - factory_data.hex a file containing only a factory data partition including proper offset |
| # |
| function(telink_generate_factory_data) |
| |
| find_package(Python REQUIRED) |
| |
| # CHIP_ROOT must be provided as a reference set all localization of scripts |
| if(NOT CHIP_ROOT) |
| message(FATAL_ERROR "CHIP_ROOT variable is not set, please add it to CMakeLists.txt file") |
| endif() |
| |
| # Localize all scripts needed to generate factory data partition |
| set(FACTORY_DATA_SCRIPT_PATH ${CHIP_ROOT}/scripts/tools/telink/mfg_tool.py) |
| set(OUTPUT_FILE_PATH ${APPLICATION_BINARY_DIR}/zephyr) |
| |
| # create a binary file with all factory data |
| telink_create_factory_data_json(factory_data |
| ${FACTORY_DATA_SCRIPT_PATH} |
| ${OUTPUT_FILE_PATH}) |
| |
| endfunction() |