2014-10-23 16:09:41 +00:00
|
|
|
/*
|
2017-11-05 16:46:34 +00:00
|
|
|
* This file is part of the TREZOR project, https://trezor.io/
|
2014-10-23 16:09:41 +00:00
|
|
|
*
|
|
|
|
* Copyright (C) 2014 Pavol Rusnak <stick@satoshilabs.com>
|
|
|
|
*
|
|
|
|
* This library is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Lesser General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
|
|
* along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
#include <libopencm3/stm32/rcc.h>
|
|
|
|
#include <libopencm3/stm32/gpio.h>
|
|
|
|
#include <libopencm3/cm3/scb.h>
|
|
|
|
|
|
|
|
#include "bootloader.h"
|
|
|
|
#include "buttons.h"
|
|
|
|
#include "setup.h"
|
|
|
|
#include "usb.h"
|
|
|
|
#include "oled.h"
|
|
|
|
#include "util.h"
|
|
|
|
#include "signatures.h"
|
|
|
|
#include "layout.h"
|
|
|
|
#include "serialno.h"
|
2014-10-30 16:57:33 +00:00
|
|
|
#include "rng.h"
|
2018-03-26 22:33:17 +00:00
|
|
|
#include "timer.h"
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2017-04-15 14:55:01 +00:00
|
|
|
void layoutFirmwareHash(const uint8_t *hash)
|
2016-02-10 13:16:59 +00:00
|
|
|
{
|
|
|
|
char str[4][17];
|
2017-04-15 14:55:01 +00:00
|
|
|
for (int i = 0; i < 4; i++) {
|
2016-02-10 13:16:59 +00:00
|
|
|
data2hex(hash + i * 8, 8, str[i]);
|
|
|
|
}
|
2016-06-08 15:55:25 +00:00
|
|
|
layoutDialog(&bmp_icon_question, "Abort", "Continue", "Compare fingerprints", str[0], str[1], str[2], str[3], NULL, NULL);
|
2016-02-10 13:16:59 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void show_halt(void)
|
|
|
|
{
|
2017-01-10 14:08:08 +00:00
|
|
|
layoutDialog(&bmp_icon_error, NULL, NULL, NULL, "Unofficial firmware", "aborted.", NULL, "Unplug your TREZOR", "contact our support.", NULL);
|
2018-03-19 14:44:41 +00:00
|
|
|
shutdown();
|
2016-02-10 13:16:59 +00:00
|
|
|
}
|
|
|
|
|
2017-04-15 14:55:01 +00:00
|
|
|
void show_unofficial_warning(const uint8_t *hash)
|
2014-10-23 16:09:41 +00:00
|
|
|
{
|
2016-06-08 15:55:25 +00:00
|
|
|
layoutDialog(&bmp_icon_warning, "Abort", "I'll take the risk", NULL, "WARNING!", NULL, "Unofficial firmware", "detected.", NULL, NULL);
|
2014-10-23 16:09:41 +00:00
|
|
|
|
|
|
|
do {
|
|
|
|
delay(100000);
|
|
|
|
buttonUpdate();
|
|
|
|
} while (!button.YesUp && !button.NoUp);
|
|
|
|
|
2016-02-10 13:16:59 +00:00
|
|
|
if (button.NoUp) {
|
|
|
|
show_halt(); // no button was pressed -> halt
|
2014-10-23 16:09:41 +00:00
|
|
|
}
|
|
|
|
|
2016-02-10 13:16:59 +00:00
|
|
|
layoutFirmwareHash(hash);
|
|
|
|
|
|
|
|
do {
|
|
|
|
delay(100000);
|
|
|
|
buttonUpdate();
|
|
|
|
} while (!button.YesUp && !button.NoUp);
|
|
|
|
|
|
|
|
if (button.NoUp) {
|
|
|
|
show_halt(); // no button was pressed -> halt
|
|
|
|
}
|
|
|
|
|
|
|
|
// everything is OK, user pressed 2x Continue -> continue program
|
2014-10-23 16:09:41 +00:00
|
|
|
}
|
|
|
|
|
2018-03-13 14:33:44 +00:00
|
|
|
void __attribute__((noreturn)) load_app(int signed_firmware)
|
2014-10-23 16:09:41 +00:00
|
|
|
{
|
2017-08-08 10:59:39 +00:00
|
|
|
// zero out SRAM
|
|
|
|
memset_reg(_ram_start, _ram_end, 0);
|
|
|
|
|
2018-03-15 18:00:54 +00:00
|
|
|
jump_to_firmware((const vector_table_t *) FLASH_PTR(FLASH_APP_START), signed_firmware);
|
2014-10-23 16:09:41 +00:00
|
|
|
}
|
|
|
|
|
2017-06-30 14:52:00 +00:00
|
|
|
bool firmware_present(void)
|
|
|
|
{
|
|
|
|
#ifndef APPVER
|
2018-03-15 18:00:54 +00:00
|
|
|
if (memcmp(FLASH_PTR(FLASH_META_MAGIC), "TRZR", 4)) { // magic does not match
|
2017-06-30 14:52:00 +00:00
|
|
|
return false;
|
|
|
|
}
|
2018-03-15 18:00:54 +00:00
|
|
|
if (*((const uint32_t *)FLASH_PTR(FLASH_META_CODELEN)) < 4096) { // firmware reports smaller size than 4kB
|
2017-06-30 14:52:00 +00:00
|
|
|
return false;
|
|
|
|
}
|
2018-03-15 18:00:54 +00:00
|
|
|
if (*((const uint32_t *)FLASH_PTR(FLASH_META_CODELEN)) > FLASH_TOTAL_SIZE - (FLASH_APP_START - FLASH_ORIGIN)) { // firmware reports bigger size than flash size
|
2017-06-30 14:52:00 +00:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
return true;
|
|
|
|
}
|
2016-09-26 11:09:09 +00:00
|
|
|
|
2014-10-23 16:09:41 +00:00
|
|
|
void bootloader_loop(void)
|
|
|
|
{
|
2016-09-26 11:09:09 +00:00
|
|
|
oledClear();
|
2014-10-23 16:09:41 +00:00
|
|
|
oledDrawBitmap(0, 0, &bmp_logo64);
|
2017-06-30 14:52:00 +00:00
|
|
|
if (firmware_present()) {
|
2018-02-06 21:29:33 +00:00
|
|
|
oledDrawString(52, 0, "TREZOR", FONT_STANDARD);
|
2016-09-26 11:09:09 +00:00
|
|
|
static char serial[25];
|
|
|
|
fill_serialno_fixed(serial);
|
2018-02-06 21:29:33 +00:00
|
|
|
oledDrawString(52, 20, "Serial No.", FONT_STANDARD);
|
|
|
|
oledDrawString(52, 40, serial + 12, FONT_STANDARD); // second part of serial
|
2016-09-26 11:09:09 +00:00
|
|
|
serial[12] = 0;
|
2018-02-06 21:29:33 +00:00
|
|
|
oledDrawString(52, 30, serial, FONT_STANDARD); // first part of serial
|
|
|
|
oledDrawStringRight(OLED_WIDTH - 1, OLED_HEIGHT - 8, "Loader " VERSTR(VERSION_MAJOR) "." VERSTR(VERSION_MINOR) "." VERSTR(VERSION_PATCH), FONT_STANDARD);
|
2016-09-26 11:09:09 +00:00
|
|
|
} else {
|
2018-02-06 21:29:33 +00:00
|
|
|
oledDrawString(52, 10, "Welcome!", FONT_STANDARD);
|
|
|
|
oledDrawString(52, 30, "Please visit", FONT_STANDARD);
|
|
|
|
oledDrawString(52, 50, "trezor.io/start", FONT_STANDARD);
|
2016-09-26 11:09:09 +00:00
|
|
|
}
|
2014-10-23 16:09:41 +00:00
|
|
|
oledRefresh();
|
|
|
|
|
2017-06-30 14:52:00 +00:00
|
|
|
usbLoop(firmware_present());
|
2014-10-23 16:09:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int main(void)
|
|
|
|
{
|
2017-06-10 18:36:58 +00:00
|
|
|
#ifndef APPVER
|
2014-10-23 16:09:41 +00:00
|
|
|
setup();
|
2017-06-10 18:36:58 +00:00
|
|
|
#endif
|
2017-02-17 12:18:50 +00:00
|
|
|
__stack_chk_guard = random32(); // this supports compiler provided unpredictable stack protection checks
|
2017-06-10 18:36:58 +00:00
|
|
|
#ifndef APPVER
|
2014-10-23 16:09:41 +00:00
|
|
|
memory_protect();
|
|
|
|
oledInit();
|
2017-06-10 18:36:58 +00:00
|
|
|
#endif
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2017-06-10 18:36:58 +00:00
|
|
|
#ifndef APPVER
|
2014-10-23 16:09:41 +00:00
|
|
|
// at least one button is unpressed
|
|
|
|
uint16_t state = gpio_port_read(BTN_PORT);
|
2016-09-26 11:09:09 +00:00
|
|
|
int unpressed = ((state & BTN_PIN_YES) == BTN_PIN_YES || (state & BTN_PIN_NO) == BTN_PIN_NO);
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2017-06-30 14:52:00 +00:00
|
|
|
if (firmware_present() && unpressed) {
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2016-09-26 11:09:09 +00:00
|
|
|
oledClear();
|
|
|
|
oledDrawBitmap(40, 0, &bmp_logo64_empty);
|
|
|
|
oledRefresh();
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2016-09-26 11:09:09 +00:00
|
|
|
uint8_t hash[32];
|
2018-03-13 14:33:44 +00:00
|
|
|
int signed_firmware = signatures_ok(hash);
|
|
|
|
if (SIG_OK != signed_firmware) {
|
2016-09-26 11:09:09 +00:00
|
|
|
show_unofficial_warning(hash);
|
2018-03-26 22:33:17 +00:00
|
|
|
timer_init();
|
2016-09-25 13:49:12 +00:00
|
|
|
}
|
2014-10-23 16:09:41 +00:00
|
|
|
|
2018-03-13 14:33:44 +00:00
|
|
|
load_app(signed_firmware);
|
2014-10-23 16:09:41 +00:00
|
|
|
}
|
2017-06-10 18:36:58 +00:00
|
|
|
#endif
|
2014-10-23 16:09:41 +00:00
|
|
|
|
|
|
|
bootloader_loop();
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|