Changes in make_secure_fw.py to adapt the RSA algorithm

I am changing the make_secure_fw.py to adapt the wolfssl RSA algorithm by already integrating the wolfssl module into Ardupilot. Here, i could not understand the below line. Also, why the variable desc_len is mentioned as 92. my RSA private key signature lenth is 256. Please let me know, whether i need to change anything in this script.


img = img[:(offset + 16)] + desc + img[(offset + desc_len):]


Please see the complete modified code of make_secure_fw.py, provided as below

#!/usr/bin/env python
import sys
import json, base64, zlib
from Crypto.Signature import DSS
from Crypto.PublicKey import ECC
from Crypto.PublicKey import RSA
from Crypto.Hash import SHA256
from Crypto.Signature import pkcs1_15
import struct
import binascii

def to_unsigned(i):
‘’‘convert a possibly signed integer to unsigned’‘’
if i < 0:
i += 2**32
return i

key_len = 32
#sig_len = 64
sig_len = 256
sig_version = 30437
descriptor = b’\x41\xa3\xe5\xf2\x65\x69\x92\x07’

#sign the image if key declared
if len(sys.argv) == 3:
# open apj file
apj = open(sys.argv[1],‘r’).read()
# decode json in apj
d = json.loads(apj)
# get image data
img = zlib.decompress(base64.b64decode(d[‘image’]))
img_len = len(img)
#key = ECC.import_key(open(sys.argv[2], “r”).read())
key = RSA.import_key(open(sys.argv[2], “r”).read())
#descriptor = b’\x41\xa3\xe5\xf2\x65\x69\x92\x07’
offset = img.find(descriptor)
if offset == -1:
print(“No APP_DESCRIPTOR found”)
sys.exit(1)
offset += 8
desc_len = 92
digest = SHA256.new(img[:offset] + img[offset+desc_len:])
#signer = DSS.new(key, ‘fips-186-3’, encoding=‘der’)
signature = pkcs1_15.new(key).sign(digest)
#signature = signer.sign(digest)
siglen = to_unsigned(len(signature))
print(“MY RSA SIGNATURE LENGTH %d”,len(signature))
#signature += bytes(bytearray([0 for i in range(72 - len(signature))]))
#signature += bytes(bytearray([0 for i in range(257 - len(signature))]))
#pack signature in 4 bytes and length into 72 byte array
#desc = struct.pack(“<I72s”, siglen, signature)
desc = struct.pack(“<IQ256s”, sig_len+8, sig_version, signature)
img = img[:(offset + 16)] + desc + img[(offset + desc_len):]
print(“offset”,offset)
print(“desc”,desc)
print(“desc_len”,desc_len)
print(“sig_len”,sig_len)
print(“img len”,len(img))
print(“Applying APP_DESCRIPTOR Signature %d %s” % (siglen, binascii.hexlify(desc)))
d[“image”] = base64.b64encode(zlib.compress(img,9)).decode(‘utf-8’)
d[“image_size”] = len(img)
d[“flash_free”] = d[“flash_total”] - d[“image_size”]
d[“signed_firmware”] = True
f = open(sys.argv[1], “w”)
f.write(json.dumps(d, indent=4))
f.close()
else:
print(“Usage: make_secure_fw.py <apj_file> <key_file>”)
sys.exit(1)

Please do a GitHub - ArduPilot/ardupilot: ArduPlane, ArduCopter, ArduRover, ArduSub source pull request instead.

Since you seem unsure of things, you could fork the repository and simply point us to a file in your branch on GitHub as well, without making a PR. The post above is unreadable.

Please find the forked repository that have the changes made:

OBJECTIVE: To achieve the Secure Tamperproof, We wanted to use the private and public key files generated using RSA algorithm from the .pfx Digital certifiate.

OPTION-A: Is there any way to achieve the above objective using private and public key files (from .pfx) with the given Monocypher based firmware tamperproof so that there is no need to change the tamperproof functionality.

OPTION-B: Else, we need to change the tamperproof functionality to adapt for RSA algorithm based private and public key.

Currently, we are opting for OPTION-B, as i believe the Option-A is not achievable (please suggest, is there a way to achieve this)

As a process of achieving OPTION-B we did the following changes:

  1. Forked the latest Ardupilot Master (refer the above link)

  2. Integrated the wolfssl as a Module

  3. change the file make_secure_fw.py to adapt the RSA algorithm.

  4. I have not changed any Bootloader files. Also, i understand that, we need to implement the changes in AP_CheckFirmware.cpp

  5. Also, i have not changed the file the make_secure_bl.py

  6. I have also attached the private key and public generated from the pfx file.

    I used the follwing commands to generate the public key
    openssl rsa -in certfile.pem -outform PEM -pubout -out pubkey.pem

    I used the follwing commands to generate the private key
    openssl pkcs12 encyrptioncer.pfx -nocerts -out privkey.pem -nodes

Now, i need help to achieve the OPTION-B.
privkey.txt (1.8 KB)
pubkey.txt (451 Bytes)

To achieve security and tamper-proofing, we generated private and public key files via the RSA algorithm from a .pfx digital certificate. The private key was generated using the command “openssl pkcs12 -in (Name of the .PFX file).pfx -out certfile.pem –nodes”, and the public key was generated using “openssl rsa -in certfile.pem -outform PEM -pubout -out pubkey.pem”. We now have two files: certfile.pem and pubkey.pem. We need assistance with using these keys to secure the bootloader and firmware to prevent tampering. Can you please provide guidance on how to accomplish this?
Thanks in Advance…