Install user SecOCKey to params #34401
Conversation
|
Made it a bit shorter. I'm not sure how to make it simpler without removing validation or user interactions. |
UI Previewsettings_device : |
master  | proposed  |
diff  | composite diff  |
driver_camera : $${\color{red}\text{DIFFERENT}}$$
master  | proposed  |
diff  | composite diff  |
All Screenshots
 | |
 |  |
 |  |
 |  |
 |  |
 |  |
 |  |
 |  |
 | |
 |  |
 |
|
You can do this in two lines of shell script. Just make launch_openpilot.sh copy the /cache key to params if it exists. You don't even need to add backup functionality, just start instructing users to put the key in /cache. |
|
I can totally do that if they're okay with me changing launch_openpilot.sh. But at the same time, a GUI button can also show the current key which is nice. I guess why not both? Have the settings just show the current key without a button |
|
I could say a lot of things, but if I may skip to the point: there's a window here to ship the one-liner (nice!) but the UI change is much harder to justify, so let's take yes for an answer on the things we are all agreeing on and ship it. |
|
One liner done |
jyoung8607
left a comment
jyoung8607
left a comment
There was a problem hiding this comment.
I forgot most of the code was still in launch_chffrplus, move it there and put it inside the agnos_init function, so it only runs on AGNOS. Eventually comma wants launch_openpilot.sh to work on PC. Other than that, LGTM.
jyoung8607
left a comment
jyoung8607
left a comment
There was a problem hiding this comment.
Correction, you'll need to handle the first time startup case when /data/params hasn't been created yet.
|
Should it go into |
|
Never mind, I see what you mean. Moving it into agnos_init |
adeebshihadeh
left a comment
adeebshihadeh
left a comment
There was a problem hiding this comment.
Let's move it here for better locality:
openpilot/selfdrive/car/card.py
Line 127 in c515021
|
Ready for a review |
|
All checks passing |
* Install user SecOCKey to params * Move it to launch_chffrplus.sh/launch * Move it to card.py * Basic error check * Catch Exception to suppress the linter * Make it local to secOC section
* Install user SecOCKey to params * Move it to launch_chffrplus.sh/launch * Move it to card.py * Basic error check * Catch Exception to suppress the linter * Make it local to secOC section
* Install user SecOCKey to params * Move it to launch_chffrplus.sh/launch * Move it to card.py * Basic error check * Catch Exception to suppress the linter * Make it local to secOC section
Install user SecOCKey to params (commaai#34401)
* Install user SecOCKey to params * Move it to launch_chffrplus.sh/launch * Move it to card.py * Basic error check * Catch Exception to suppress the linter * Make it local to secOC section
Install user SecOCKey to params (commaai#34401)
3 participants
Description
Owners of Toyota Security Key (TSK) vehicles need to extract the security key and then and write it to
SecOCKeyparam. The biggest hurdle for this is the SSH requirement, as many people have not used SSH or GitHub before.Extracting the security key is now possible to do without SSH through a community-developed GUI application TSK Manager. By pushing a GUI button, users are able to extract the security key and then write to 1.
/data/params/d/SecOCKeyto install the param and also to 2./cache/params/SecOCKeyto archive it.While this works well for the initial extraction and putting the param before the initial openpilot installation, reinstalling openpilot remains to be cumbersome. Uninstalling openpilot deletes the param, so the users must SSH in and write the key again on each uninstall/reinstall.
This PR takes the archived user key and puts it in
SecOCKeyparam. This allows the users who already extracted and archived the key using TSK Manager to restore the key upon a reinstall without using SSH.A shortcoming of this button is that
/cache/params/SecOCKeyarchive file must already contain the key. The existing users who had used SSH in the past to extract the key (as opposed to using TSK Manager) don't have this file, but such people already have SSH configured so it's not difficult to guide them to create the archive file.Verification
Tested on my device