A scalpel and stitch tool for binaries. Maybe also a signing tool, maybe.
This is mostly used for the case where parts of the binary need to be extracted or replaced.
cut firmware into pieces from an all-in-one blob
bash
scalpel cut --start 0 --end 4Ki --output bootloader.bin firmware.bin
scalpel cut --start 4Ki --size 241664 --output part_A.bin firmware.bin
scalpel cut --start 282624 --size 241664 --output part_B.bin firmware.bin
stitch firmware pieces together such as bootloader and application
bash
scalpel stitch --binary tmp/test_bytes --offset 0 --binary tmp/test_bytes --offset 2048 --fill-pattern zero --output stitched.bin
scalpel stitch --binary tmp/test_bytes --offset 2Ki --binary tmp/test_bytes --offset 0 --fill-pattern one --output stitched.bin
scalpel stitch --binary tmp/test_bytes --offset 2058 --binary tmp/test_bytes --offset 10 --fill-pattern random --output stitched.bin
[alpha] sign firmware for authenticity
bash
scalpel sign tmp/ed25519_keypair.pk8 --format pkcs8 tmp/signme.bin
scalpel sign tmp/ed25519_keypair.pk8 --output tmp/signme_signed.bin tmp/signme.bin
scalpel sign tmp/ed25519_keypair.pk8 tmp/test_bytes tmp/signme.bin
You need th extracted binary as include? Use xxd -i sliced.bin > sliced_binary.h to create a header file out of the result.
Convert RSA keys in .pem format to pkcs8 format via openssl (see ring doc [doc-ring] ), openssl supports Ed25519 algorithm currently only on master branch
bash
openssl pkcs8 -toppk8 -nocrypt -outform der -in [key.pem] > [pkcs8_key.pk8]
Generate valid Ed25519 Keypair use small tool from ring author:
bash
cargo install kt
kt generate ed25519 --out=FILE