parent
74759310bb
commit
324502cc17
@ -1 +0,0 @@
|
||||
model_T2T1_layout.c
|
@ -0,0 +1,87 @@
|
||||
#include "flash.h"
|
||||
#include "model.h"
|
||||
|
||||
const flash_area_t STORAGE_AREAS[STORAGE_AREAS_COUNT] = {
|
||||
{
|
||||
.num_subareas = 1,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 4,
|
||||
.num_sectors = 1,
|
||||
},
|
||||
},
|
||||
{
|
||||
.num_subareas = 1,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 16,
|
||||
.num_sectors = 1,
|
||||
},
|
||||
},
|
||||
};
|
||||
|
||||
const flash_area_t BOARDLOADER_AREA = {
|
||||
.num_subareas = 1,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 0,
|
||||
.num_sectors = 3,
|
||||
},
|
||||
};
|
||||
|
||||
const flash_area_t SECRET_AREA = {
|
||||
.num_subareas = 1,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 12,
|
||||
.num_sectors = 1,
|
||||
},
|
||||
};
|
||||
|
||||
const flash_area_t BOOTLOADER_AREA = {
|
||||
.num_subareas = 1,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 5,
|
||||
.num_sectors = 1,
|
||||
},
|
||||
};
|
||||
|
||||
const flash_area_t FIRMWARE_AREA = {
|
||||
.num_subareas = 2,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 6,
|
||||
.num_sectors = 6,
|
||||
},
|
||||
.subarea[1] =
|
||||
{
|
||||
.first_sector = 17,
|
||||
.num_sectors = 7,
|
||||
},
|
||||
};
|
||||
|
||||
const flash_area_t WIPE_AREA = {
|
||||
.num_subareas = 4,
|
||||
.subarea[0] =
|
||||
{
|
||||
.first_sector = 4,
|
||||
.num_sectors = 1,
|
||||
},
|
||||
.subarea[1] =
|
||||
{
|
||||
.first_sector = 6,
|
||||
.num_sectors = 6,
|
||||
},
|
||||
.subarea[2] =
|
||||
{
|
||||
.first_sector = 13,
|
||||
.num_sectors = 2, // sector 15 skipped due to bootloader MPU
|
||||
// settings, sector 12 is secret
|
||||
},
|
||||
.subarea[3] =
|
||||
{
|
||||
.first_sector = 16,
|
||||
.num_sectors = 8,
|
||||
},
|
||||
};
|
@ -0,0 +1,18 @@
|
||||
|
||||
#include <stdint.h>
|
||||
#include "secbool.h"
|
||||
|
||||
#define SECRET_HEADER_MAGIC "TRZS"
|
||||
#define SECRET_HEADER_LEN 16
|
||||
#define SECRET_OPTIGA_KEY_OFFSET 16
|
||||
#define SECRET_OPTIGA_KEY_LEN 32
|
||||
|
||||
void secret_write(uint8_t* data, uint32_t offset, uint32_t len);
|
||||
|
||||
secbool secret_read(uint8_t* data, uint32_t offset, uint32_t len);
|
||||
|
||||
secbool secret_wiped(void);
|
||||
|
||||
void secret_erase(void);
|
||||
|
||||
void secret_write_header(void);
|
@ -0,0 +1,59 @@
|
||||
#include "secret.h"
|
||||
#include <string.h>
|
||||
#include "common.h"
|
||||
#include "flash.h"
|
||||
#include "model.h"
|
||||
|
||||
static secbool verify_header(void) {
|
||||
uint8_t header[SECRET_HEADER_LEN] = {0};
|
||||
|
||||
memcpy(header, flash_area_get_address(&SECRET_AREA, 0, SECRET_HEADER_LEN),
|
||||
SECRET_HEADER_LEN);
|
||||
|
||||
return memcmp(header, SECRET_HEADER_MAGIC, 4) == 0 ? sectrue : secfalse;
|
||||
}
|
||||
|
||||
void secret_write_header(void) {
|
||||
uint8_t header[SECRET_HEADER_LEN] = {0};
|
||||
memcpy(header, SECRET_HEADER_MAGIC, 4);
|
||||
secret_write(header, 0, SECRET_HEADER_LEN);
|
||||
}
|
||||
|
||||
void secret_write(uint8_t* data, uint32_t offset, uint32_t len) {
|
||||
ensure(flash_unlock_write(), "secret write");
|
||||
for (int i = 0; i < len; i++) {
|
||||
ensure(flash_area_write_byte(&SECRET_AREA, offset + i, data[i]),
|
||||
"secret write");
|
||||
}
|
||||
ensure(flash_lock_write(), "secret write");
|
||||
}
|
||||
|
||||
secbool secret_read(uint8_t* data, uint32_t offset, uint32_t len) {
|
||||
if (sectrue != verify_header()) {
|
||||
return secfalse;
|
||||
}
|
||||
|
||||
memcpy(data, flash_area_get_address(&SECRET_AREA, offset, len), len);
|
||||
|
||||
return sectrue;
|
||||
}
|
||||
|
||||
secbool secret_wiped(void) {
|
||||
flash_area_get_address(&SECRET_AREA, 0, 1);
|
||||
|
||||
flash_area_get_size(&SECRET_AREA);
|
||||
|
||||
uint32_t size = flash_area_get_size(&SECRET_AREA);
|
||||
|
||||
for (int i = 0; i < size; i += 4) {
|
||||
uint32_t* addr = (uint32_t*)flash_area_get_address(&SECRET_AREA, i, 4);
|
||||
if (*addr != 0xFFFFFFFF) {
|
||||
return secfalse;
|
||||
}
|
||||
}
|
||||
return sectrue;
|
||||
}
|
||||
|
||||
void secret_erase(void) {
|
||||
ensure(flash_area_erase(&SECRET_AREA, NULL), "secret erase");
|
||||
}
|
@ -0,0 +1,9 @@
|
||||
#include "secret.h"
|
||||
|
||||
void secret_write(uint8_t* data, uint32_t offset, uint32_t len) {}
|
||||
|
||||
void secret_read(uint8_t* data, uint32_t offset, uint32_t len) {}
|
||||
|
||||
secbool secret_wiped(void) { return secfalse; }
|
||||
|
||||
void secret_erase(void) {}
|
@ -0,0 +1,19 @@
|
||||
{
|
||||
"header_len": 4608,
|
||||
"text": "UNSAFE, FACTORY TEST ONLY",
|
||||
"hw_model": null,
|
||||
"expiry": 0,
|
||||
"version": [0, 0],
|
||||
"sig_m": 2,
|
||||
"trust": {
|
||||
"allow_run_with_secret": true,
|
||||
"show_vendor_string": false,
|
||||
"require_user_click": false,
|
||||
"red_background": false,
|
||||
"delay": 0
|
||||
},
|
||||
"pubkeys": [
|
||||
"c17d221529b70da08aa42ccb1b2cef773736a7d48434209f6eb16b1b474716d2",
|
||||
"6622ee8403464acfc2fe1e20311937b115e60771f3ee6e70f22bf2921977e534"
|
||||
]
|
||||
}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in new issue