From 727a5f83932fd32b0963bb34bf7d530563e2c1c6 Mon Sep 17 00:00:00 2001 From: Pavol Rusnak Date: Tue, 4 Oct 2016 18:01:48 +0200 Subject: [PATCH] add crypto calls to bootloader --- bootloader/Makefile.bootloader | 3 ++- bootloader/bootloader.c | 11 ++++++++++- bootloader/crypto.c | 15 +++++++++++++++ bootloader/crypto.h | 12 ++++++++++++ bootloader/{bootloader_trezor.h => toi_trezor.h} | 0 bootloader/{bootloader_ui.c => ui.c} | 5 ++++- bootloader/{bootloader_ui.h => ui.h} | 0 7 files changed, 43 insertions(+), 3 deletions(-) create mode 100644 bootloader/crypto.c create mode 100644 bootloader/crypto.h rename bootloader/{bootloader_trezor.h => toi_trezor.h} (100%) rename bootloader/{bootloader_ui.c => ui.c} (95%) rename bootloader/{bootloader_ui.h => ui.h} (100%) diff --git a/bootloader/Makefile.bootloader b/bootloader/Makefile.bootloader index ebced7cd56..622be61ec2 100644 --- a/bootloader/Makefile.bootloader +++ b/bootloader/Makefile.bootloader @@ -81,7 +81,8 @@ SRC_LIB = $(addprefix lib/,\ SRC_C = \ bootloader/bootloader.c \ - bootloader/bootloader_ui.c \ + bootloader/crypto.c \ + bootloader/ui.c \ system_stm32.c \ $(wildcard boards/$(BOARD)/*.c) diff --git a/bootloader/bootloader.c b/bootloader/bootloader.c index 2ec539f5f0..a31f271ea0 100644 --- a/bootloader/bootloader.c +++ b/bootloader/bootloader.c @@ -1,7 +1,9 @@ #include STM32_HAL_H +#include "crypto.h" +#include "ui.h" + #include "display.h" -#include "bootloader_ui.h" // ### from main.c @@ -83,8 +85,15 @@ int main(void) { display_init(); display_clear(); + uint8_t hash[32]; + hash_flash(hash); + screen_welcome(); + uint8_t *pubkey = (uint8_t *)"ThisIsJustAFakePublicKeyForTest!"; + uint8_t *signature = (uint8_t *)"ThisIsJustAFakeSignatureToTestTheVerifyMechanismInTRZRBootloader"; + ed25519_verify(hash, 32, pubkey, signature); + for (;;) { display_backlight(255); HAL_Delay(250); diff --git a/bootloader/crypto.c b/bootloader/crypto.c new file mode 100644 index 0000000000..c7b5ff1533 --- /dev/null +++ b/bootloader/crypto.c @@ -0,0 +1,15 @@ +#include "crypto.h" + +#include "ed25519-donna/ed25519.h" + +#include "cmsis/stm32f405xx.h" + +void hash_flash(uint8_t hash[SHA256_DIGEST_LENGTH]) +{ + sha256_Raw((const uint8_t *)FLASH_BASE, 1024*1024, hash); +} + +bool ed25519_verify(const uint8_t *msg, uint32_t msglen, uint8_t *pubkey, uint8_t *signature) +{ + return (0 == ed25519_sign_open(msg, msglen, *(const ed25519_public_key *)pubkey, *(const ed25519_signature *)signature)); +} diff --git a/bootloader/crypto.h b/bootloader/crypto.h new file mode 100644 index 0000000000..892a421c81 --- /dev/null +++ b/bootloader/crypto.h @@ -0,0 +1,12 @@ +#ifndef __BOOTLOADER_CRYPTO_H__ +#define __BOOTLOADER_CRYPTO_H__ + +#include +#include + +#include "sha2.h" + +void hash_flash(uint8_t hash[SHA256_DIGEST_LENGTH]); +bool ed25519_verify(const uint8_t *msg, uint32_t msglen, uint8_t *pubkey, uint8_t *signature); + +#endif diff --git a/bootloader/bootloader_trezor.h b/bootloader/toi_trezor.h similarity index 100% rename from bootloader/bootloader_trezor.h rename to bootloader/toi_trezor.h diff --git a/bootloader/bootloader_ui.c b/bootloader/ui.c similarity index 95% rename from bootloader/bootloader_ui.c rename to bootloader/ui.c index e113139fac..643d4cd034 100644 --- a/bootloader/bootloader_ui.c +++ b/bootloader/ui.c @@ -1,5 +1,8 @@ +#include "ui.h" + #include "display.h" -#include "bootloader_trezor.h" + +#include "toi_trezor.h" #define ui_WHITE 0xFFFF #define ui_BLACK 0x0000 diff --git a/bootloader/bootloader_ui.h b/bootloader/ui.h similarity index 100% rename from bootloader/bootloader_ui.h rename to bootloader/ui.h