SB 2.1 generation using BD file
This is a user guide describing how to generate a secure binary rev. 2.1 based on a configuration file (a so called BD file or command file) and additional inputs like certificates, keys, binary files etc.
Supported Syntax
The syntax is written in EBNF (Extended Backus Naur Form), however, the elftosb
application uses (namely SLY - python implementation of Lex/Yacc) only BNF. From this perspective the graphs visualize the EBNF form with the grammar and the conversion into BNF as well as remarks what is supported.
EBNF:
command_file
BNF:
command_file
no references
Comments:
The options block, constants block, sources block and keyblob block must be defined prior to the section block. There may be multiple blocks in any order, but all must precede the section blocks.
# options, sources, keyblob & constants must precede section block, but there may be
# multiple definitions in any order
options {
}
sources {
}
keyblob (0) {
}
constants {
}
options {
}
# Section blocks must be the very last blocks defined
section (1) {
}
section (2) {
}
EBNF:
pre_section_block
::=
options_block
BNF:
pre_section_block
|
empty
referenced by:
EBNF: options_block
::=
OPTIONS '{'
option_def* '}'
BNF: options_block
::=
OPTIONS '{'
option_def '}'
referenced by:
Comments:
Example:
options {
opt1 = "some_string";
opt2 = 1234;
opt3 = 1 > 3;
...
}
EBNF: option_def
::=
IDENT '='
const_expr ';'
BNF: option_def
|
empty
referenced by:
EBNF: constants_block
::=
CONSTANTS '{'
constant_def* '}'
BNF: constants_block
::=
CONSTANTS '{'
constant_def '}'
referenced by:
Comments: Only numbers can be assigned to identifiers in the constants block.
EBNF: constant_def
BNF: constant_def
|
empty
referenced by:
EBNF: sources_block
::=
SOURCES '{'
source_def* '}'
BNF: sources_block
::=
SOURCES '{'
source_def '}'
referenced by:
EBNF: source_def
BNF: source_def
|
empty
referenced by:
Comments:
option_list
in source_def
is not supported and raises syntax error when used!
According to the grammar, identifiers defined in source block are referenced in the grammar
as source_name
, however, the grammar can’t be defined using this type of token, as there is
no rule to distinguish between an identifier token and a source name token. So the grammar uses
the IDENT
token instead and documents this fact in description, that it’s a source_name
identifier.
EBNF: source_value
::=
STRING_LITERAL
|
EXTERN '('
int_const_expr ')'
BNF: source_value
::=
STRING_LITERAL
|
EXTERN '('
int_const_expr ')'
referenced by:
Comments:
The EXTERN keyword references source files defined on the command line as the very last arguments indexed from 0. In the example below, extern(1) would reference the “./file2” file provided on command line.
Command file example:
sources {
my_binary_file = extern(1); # my_binary_file = file2.bin
}
Command line usage:
elf2sb -c.. -o.. "some/path/to/file1.bin" "./file2.bin"
EBNF: option_list
BNF: option_list
|
IDENT '='
const_expr
referenced by:
EBNF: keyblob_block
BNF: keyblob_block
referenced by:
Comments:
The keyblob block grammar has been modified and it supports only single keyblob_contents definition, which must not be empty!
Example
keyblob (1) {
(
start = 0x0800000,
end = 0x08001000,
key = "12345678901234567890123456789012",
counter = "1122334455667788",
byteSwap = False
)
# No further definitions allowed, if present, syntax error will be raised!
}
EBNF: keyblob_contents
::= '('
option_list* ')'
BNF: keyblob_contents
::=
keyblob_contents '('
option_list ')'
|
empty
referenced by:
Comments:
The keyblob contents must define:
start [integer] - start address 'maintained' by this keyblob
end [integer] - end address 'maintained' by this keyblob
key [string] - key used to encode data stored into address range defined by this keyblob
counter [string] - TODO
byteSwap [boolean, optional] - TODO
Anything else defined under keyblob is ignored. If definition of keywords listed above, except ‘byteSwap’ is missing, a syntax error will be raised.
EBNF: section_block
BNF: section_block
|
empty
referenced by:
Comments:
section_options
is not supported and raises syntax error when used!
EBNF: section_options
::= ';'
option_list?
BNF: section_options
::= ';'
option_list
|
';'
|
empty
referenced by:
EBNF: section_contents
::= '{'
statement* '}'
|
'<=' IDENT ';'
BNF: section_contents
::= '{'
statement '}'
|
'<=' IDENT ';'
referenced by:
Comments:
<= IDENT
is not supported and raises syntax error when used!
The IDENT in <= IDENT
must be an identifier defined in the sources block, otherwise an error is raised.
EBNF: statement
::=
basic_stmt ';'
|
if_stmt
referenced by:
EBNF: basic_stmt
::=
load_stmt
BNF: basic_stmt
::=
load_stmt
referenced by:
EBNF: load_stmt
BNF: load_stmt
referenced by:
EBNF: load_data
::=
int_const_expr
|
IDENT
BNF: load_data
::=
int_const_expr
|
IDENT
referenced by:
EBNF: load_target
::= '>' ( '.' |
address_or_range )
BNF: load_target
::= '>' '.'
| '>'
address_or_range
| '>'
empty
referenced by:
EBNF: section_list
::=
section_ref ( ','
section_ref )*
BNF: section_list
::=
section_list ','
section_ref
referenced by:
EBNF: section_ref
::= '~'?
SECTION_NAME
BNF: section_ref
::= '~'
SECTION_NAME
referenced by:
EBNF: erase_stmt
BNF: erase_stmt
|
ALL
referenced by:
EBNF: address_or_range
::=
int_const_expr ( '..'
int_const_expr )?
BNF: address_or_range
::=
int_const_expr
|
int_const_expr '..'
int_const_expr
referenced by:
EBNF: symbol_ref
BNF: symbol_ref
referenced by:
EBNF: load_ifr_stmt
BNF: load_ifr_stmt
referenced by:
EBNF: call_stmt
BNF: call_stmt
referenced by:
referenced by:
EBNF: call_target
::=
int_const_expr
|
IDENT
BNF: call_target
::=
int_const_expr
|
IDENT
referenced by:
EBNF: call_arg ::= '('
int_const_expr? ')'
BNF: call_arg ::= '(' ')'
|
'(' int_const_expr ')'
|
empty
referenced by:
EBNF: jump_sp_stmt
BNF: jump_sp_stmt
referenced by:
EBNF: from_stmt
BNF: from_stmt
referenced by:
EBNF: in_from_stmt
::=
basic_stmt ';'
|
if_stmt
BNF: in_from_stmt
::=
in_from_stmt
basic_stmt ';'
|
empty
referenced by:
EBNF: mode_stmt
::=
MODE
int_const_expr
BNF: mode_stmt
::=
MODE
int_const_expr
referenced by:
EBNF: message_stmt
BNF: message_stmt
referenced by:
EBNF: message_type
::=
INFO
|
WARNING
|
ERROR
BNF: message_type
::=
INFO
|
WARNING
|
ERROR
no references
referenced by:
referenced by:
EBNF: encrypt_stmt
BNF: encrypt_stmt
referenced by:
EBNF: enable_stmt
BNF: enable_stmt
referenced by:
EBNF: reset_stmt
::=
RESET
BNF: reset_stmt
::=
RESET
referenced by:
EBNF: const_expr
::=
STRING_LITERAL
BNF: const_expr
::=
STRING_LITERAL
referenced by:
EBNF: int_const_expr
::=
expr
BNF: int_const_expr
::=
expr
referenced by:
- address_or_range
- bool_expr
- call_arg
- call_target
- enable_stmt
- encrypt_stmt
- jump_sp_stmt
- keyblob_block
- load_data
- load_ifr_stmt
- mode_stmt
- section_block
- source_value
EBNF: bool_expr
referenced by:
BNF: expr
|
'(' expr ')'
|
IDENT
|
SIZEOF '(' SYMBOL_REF ')'
referenced by:
EBNF: unary_expr
::= ( '+' | '-' ) expr
BNF: unary_expr
::=
'+' expr
|
'-' expr
referenced by:
|