- adding in support for legacy crypto, which was removed previously. Turns out it is still needed by TinyBooter/mfdeploy for firmware signature checks as a small footprint crypto lib.

- added default keys for signing. Users should create their own keys for security but providing a key prevents errors from hitting the build until they get to understanding that phase of things.

Author: smaillet-ms

.gitignore

@@ -30,6 +30,8 @@
 [Oo]bj/
 ipch/
 
+!/tools/bin/
+
 #uVision
 *.uvguix*
 Listings/
@@ -39,3 +41,4 @@ Listings/
 /DeviceCode/Targets/OS/Win32/DeviceCode/WinPcap_Eth/Dependencies/WpdPack/
 
 *.axfdump
+/crypto/lib

crypto/dotNetMF.proj

@@ -52,39 +52,46 @@
     <CryptoStub Condition="'$(PLATFORM_FAMILY)'=='SHC'"     >true</CryptoStub>
     <CryptoStub Condition="'$(COMPILER_TOOL)'  =='GCCOP'"   >true</CryptoStub>
 
+    <!--
+    Force thumb2fp to use the same lib as thumb2 (There's no floating point code in the crypto libs)
+    so this saves replicating the libs into another directory for the instruction set and then again
+    for the tool chain.
+    -->
+    <CryptoInstructionSet Condition="'$(INSTRUCTION_SET)'=='thumb2fp'">thumb2</CryptoInstructionSet>
+    <CryptoInstructionSet Condition="'$(INSTRUCTION_SET)'!='thumb2fp'">$(INSTRUCTION_SET)</CryptoInstructionSet>
     <CustomTargets Condition="'$(CryptoStub)'=='false'">CryptoLib</CustomTargets>
-    <CustomTargets Condition="'$(INSTRUCTION_SET)'=='x86'">CryptoLibX86</CustomTargets>
+    <CustomTargets Condition="'$(CryptoInstructionSet)'=='x86'">CryptoLibX86</CustomTargets>
   </PropertyGroup>
 
 
-  <PropertyGroup Condition="'$(INSTRUCTION_SET)'!='x86'">
-    <LibSrc                                                                >lib\$(INSTRUCTION_SET)\$(DOTNETMF_COMPILER)\crypto.$(LIB_EXT)</LibSrc>
-    <LibSrc Condition="'$(COMPILER_TOOL)'=='ARM' AND !EXISTS('$(LibSrc)')" >lib\$(INSTRUCTION_SET)\RVDS4.0\crypto.$(LIB_EXT)</LibSrc>
-    <LibSrc Condition="'$(COMPILER_TOOL)'=='GCC'"                          >lib\$(INSTRUCTION_SET)\RVDS3.1\crypto.$(LIB_EXT)</LibSrc>
-    <LibSrc Condition="'$(COMPILER_TOOL)'=='ARC'"                          >lib\$(INSTRUCTION_SET)\MTWR8.0\crypto.$(LIB_EXT)</LibSrc>
+  <PropertyGroup Condition="'$(CryptoInstructionSet)'!='x86'">
+    <LibSrc                                                                >lib\$(CryptoInstructionSet)\$(DOTNETMF_COMPILER)\crypto.$(LIB_EXT)</LibSrc>
+    <LibSrc Condition="'$(COMPILER_TOOL)'=='ARM' AND !EXISTS('$(LibSrc)')" >lib\$(CryptoInstructionSet)\RVDS4.0\crypto.$(LIB_EXT)</LibSrc>
+    <LibSrc Condition="'$(COMPILER_TOOL)'=='GCC'"                          >lib\$(CryptoInstructionSet)\RVDS3.1\crypto.$(LIB_EXT)</LibSrc>
+    <LibSrc Condition="'$(COMPILER_TOOL)'=='ARC'"                          >lib\$(CryptoInstructionSet)\MTWR8.0\crypto.$(LIB_EXT)</LibSrc>
     <LibSrc Condition="!EXISTS('$(LibSrc)')"                               >$(LIB_DIR)\crypto_stub.$(LIB_EXT)</LibSrc>
     <LibTo>crypto.$(LIB_EXT)</LibTo>
   </PropertyGroup>
 
-  <ItemGroup Condition="'$(INSTRUCTION_SET)'=='x86'">
-    <LibFiles Include="lib\$(INSTRUCTION_SET)\crypto.lib" Condition="EXISTS('lib\$(INSTRUCTION_SET)\crypto.lib')">
+  <ItemGroup Condition="'$(CryptoInstructionSet)'=='x86'">
+    <LibFiles Include="lib\$(CryptoInstructionSet)\crypto.lib" Condition="EXISTS('lib\$(CryptoInstructionSet)\crypto.lib')">
         <DestFile>crypto.lib</DestFile>
     </LibFiles>
-    <LibFiles Include="lib\$(INSTRUCTION_SET)\crypto.pdb" Condition="Exists('lib\$(INSTRUCTION_SET)\crypto.pdb')">
+    <LibFiles Include="lib\$(CryptoInstructionSet)\crypto.pdb" Condition="Exists('lib\$(CryptoInstructionSet)\crypto.pdb')">
         <DestFile>crypto.pdb</DestFile>
     </LibFiles>
-    <LibFiles Include="$(LIB_DIR)\crypto_stub.lib"        Condition="!Exists('lib\$(INSTRUCTION_SET)\crypto.lib')">
+    <LibFiles Include="$(LIB_DIR)\crypto_stub.lib"        Condition="!Exists('lib\$(CryptoInstructionSet)\crypto.lib')">
         <DestFile>crypto.lib</DestFile>
     </LibFiles>
   </ItemGroup>
 
   <Import Project="$(SPOCLIENT)\tools\targets\Microsoft.SPOT.System.Targets" />
 
-  <ItemGroup Condition="'$(INSTRUCTION_SET)'!='x86'">
+  <ItemGroup Condition="'$(CryptoInstructionSet)'!='x86'">
     <ExtraCleanFiles Include="$(LIB_DIR)\$(LibTo)"/>
   </ItemGroup>
 
-  <ItemGroup Condition="'$(INSTRUCTION_SET)'=='x86'">
+  <ItemGroup Condition="'$(CryptoInstructionSet)'=='x86'">
     <ExtraCleanFiles Include="@(LibFiles -> '$(LIB_DIR)\%(Filename)%(Extension)')" />
   </ItemGroup>
 

setup/Features/Tools.wxs

@@ -11,6 +11,7 @@
       <ComponentRef Id="Component_BuildHelper"/>
       <ComponentRef Id="Component_MFDeploy"/>
       <ComponentRef Id="Component_MFDeployEngine"/>       
+      <ComponentRef Id="Component_Crypto"/>
       <ComponentRef Id="COMPONENT_TRUETYPEFONTS"/>
       <ComponentRef Id="Component_ToolsDirectoryShortcut"/>
 <!--

setup/UnManagedAssemblies/build.dirproj

@@ -7,6 +7,7 @@
         TinyCLR.wixproj;
         TFConvert.wixproj;
         BuildHelper.wixproj;
+        Crypto.wixproj
         " />
   </ItemGroup>
 

tools/bin/BLANK.KEY

@@ -0,0 +1,5 @@
+<?xml version="1.0"?>
+<KeyPair xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <PrivateKey>//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////8=</PrivateKey>
+  <PublicKey>//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////8=</PublicKey>
+</KeyPair>

tools/bin/tinybooter_metadataprocessor_key_readme.txt

@@ -0,0 +1,16 @@
+this is an example of how to use the signature facilities in the metadata processor to be uploaded to the device with the tinybooter
+the bin file must be signed and upload must use the hex file 
+
+the public key is heardcoded in the tinybooter and must match the private key
+
+of course a decent Key management strategy generates the private key only once and does not keep it in the source tree 
+
+use the sign_file script to sign files after building them
+remember to sign the binary files and to upload the corresponding hex files
+if the signature files are placed in the same directory where the hex files are and if they have the same name plus the ".sig" extension, than FlashLiteClient will load the signature automatically 
+
+MetaDataProcessor.exe 
+-dump_key tinybooter_public_key.bin 
+-dump_key tinybooter_private_key.bin 
+-sign_file %SPOCLIENT%_BUILD\arm\FLASH\release\AUXD\bin\tinyclr.bin\ER_DAT tinybooter_private_key.bin %SPOCLIENT%_BUILD\arm\FLASH\release\AUXD\bin\tinyclr.hex\ER_DAT.sig 
+-verify_signature %SPOCLIENT%_BUILD\arm\FLASH\release\AUXD\bin\tinyclr.bin\ER_DAT tinybooter_public_key.bin %SPOCLIENT%_BUILD\arm\FLASH\release\AUXD\bin\tinyclr.hex\ER_DAT.sig