From 822b1c344f3e1d297ef773fc6448a59960149b1c Mon Sep 17 00:00:00 2001 From: Andrew Kozlik Date: Tue, 3 May 2022 00:16:38 +0200 Subject: [PATCH] feat(core): Return fw_vendor in firmware Features message. --- core/SConscript.firmware | 1 + .../extmod/modtrezorutils/modtrezorutils.c | 27 +++++++++++++++++++ core/embed/trezorhal/image.c | 13 +++++++-- core/embed/trezorhal/image.h | 3 +++ core/mocks/generated/trezorutils.pyi | 7 +++++ core/src/apps/base.py | 1 + core/src/trezor/utils.py | 1 + 7 files changed, 51 insertions(+), 2 deletions(-) diff --git a/core/SConscript.firmware b/core/SConscript.firmware index a849a8e98..33225a840 100644 --- a/core/SConscript.firmware +++ b/core/SConscript.firmware @@ -364,6 +364,7 @@ SOURCE_FIRMWARE = [ SOURCE_TREZORHAL = [ 'embed/trezorhal/common.c', 'embed/trezorhal/dma.c', + 'embed/trezorhal/image.c', 'embed/trezorhal/flash.c', 'embed/trezorhal/mini_printf.c', 'embed/trezorhal/mpu.c', diff --git a/core/embed/extmod/modtrezorutils/modtrezorutils.c b/core/embed/extmod/modtrezorutils/modtrezorutils.c index 1bba4eef6..6025ebc46 100644 --- a/core/embed/extmod/modtrezorutils/modtrezorutils.c +++ b/core/embed/extmod/modtrezorutils/modtrezorutils.c @@ -32,6 +32,10 @@ #include "common.h" #include "flash.h" +#ifndef TREZOR_EMULATOR +#include "image.h" +#endif + /// def consteq(sec: bytes, pub: bytes) -> bool: /// """ /// Compares the private information in `sec` with public, user-provided @@ -162,6 +166,27 @@ STATIC mp_obj_t mod_trezorutils_firmware_hash(size_t n_args, STATIC MP_DEFINE_CONST_FUN_OBJ_VAR_BETWEEN(mod_trezorutils_firmware_hash_obj, 0, 1, mod_trezorutils_firmware_hash); +/// def firmware_vendor() -> str: +/// """ +/// Returns the firmware vendor string from the vendor header. +/// """ +STATIC mp_obj_t mod_trezorutils_firmware_vendor(void) { +#ifdef TREZOR_EMULATOR + return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)"EMULATOR", 8); +#else + vendor_header vhdr = {0}; + uint32_t size = flash_sector_size(FLASH_SECTOR_FIRMWARE_START); + const void *data = flash_get_address(FLASH_SECTOR_FIRMWARE_START, 0, size); + if (data == NULL || sectrue != read_vendor_header(data, &vhdr)) { + mp_raise_msg(&mp_type_RuntimeError, "Failed to read vendor header."); + } + return mp_obj_new_str_copy(&mp_type_str, (const uint8_t *)vhdr.vstr, + vhdr.vstr_len); +#endif +} +STATIC MP_DEFINE_CONST_FUN_OBJ_0(mod_trezorutils_firmware_vendor_obj, + mod_trezorutils_firmware_vendor); + STATIC mp_obj_str_t mod_trezorutils_revision_obj = { {&mp_type_bytes}, 0, sizeof(SCM_REVISION) - 1, (const byte *)SCM_REVISION}; @@ -180,6 +205,8 @@ STATIC const mp_rom_map_elem_t mp_module_trezorutils_globals_table[] = { {MP_ROM_QSTR(MP_QSTR_halt), MP_ROM_PTR(&mod_trezorutils_halt_obj)}, {MP_ROM_QSTR(MP_QSTR_firmware_hash), MP_ROM_PTR(&mod_trezorutils_firmware_hash_obj)}, + {MP_ROM_QSTR(MP_QSTR_firmware_vendor), + MP_ROM_PTR(&mod_trezorutils_firmware_vendor_obj)}, // various built-in constants {MP_ROM_QSTR(MP_QSTR_SCM_REVISION), MP_ROM_PTR(&mod_trezorutils_revision_obj)}, diff --git a/core/embed/trezorhal/image.c b/core/embed/trezorhal/image.c index 4ee74aedd..97039891d 100644 --- a/core/embed/trezorhal/image.c +++ b/core/embed/trezorhal/image.c @@ -99,8 +99,7 @@ secbool load_image_header(const uint8_t *const data, const uint32_t magic, *(const ed25519_signature *)hdr->sig)); } -secbool load_vendor_header(const uint8_t *const data, uint8_t key_m, - uint8_t key_n, const uint8_t *const *keys, +secbool read_vendor_header(const uint8_t *const data, vendor_header *const vhdr) { memcpy(&vhdr->magic, data, 4); if (vhdr->magic != 0x565A5254) return secfalse; // TRZV @@ -141,6 +140,16 @@ secbool load_vendor_header(const uint8_t *const data, uint8_t key_m, memcpy(vhdr->sig, data + vhdr->hdrlen - IMAGE_SIG_SIZE + 1, IMAGE_SIG_SIZE - 1); + return sectrue; +} + +secbool load_vendor_header(const uint8_t *const data, uint8_t key_m, + uint8_t key_n, const uint8_t *const *keys, + vendor_header *const vhdr) { + if (sectrue != read_vendor_header(data, vhdr)) { + return secfalse; + } + // check header signature uint8_t hash[BLAKE2S_DIGEST_LENGTH]; diff --git a/core/embed/trezorhal/image.h b/core/embed/trezorhal/image.h index 95d079980..56d233efa 100644 --- a/core/embed/trezorhal/image.h +++ b/core/embed/trezorhal/image.h @@ -87,6 +87,9 @@ secbool __wur load_vendor_header(const uint8_t *const data, uint8_t key_m, uint8_t key_n, const uint8_t *const *keys, vendor_header *const vhdr); +secbool __wur read_vendor_header(const uint8_t *const data, + vendor_header *const vhdr); + void vendor_header_hash(const vendor_header *const vhdr, uint8_t *hash); secbool __wur check_single_hash(const uint8_t *const hash, diff --git a/core/mocks/generated/trezorutils.pyi b/core/mocks/generated/trezorutils.pyi index 41ef32064..080d5b344 100644 --- a/core/mocks/generated/trezorutils.pyi +++ b/core/mocks/generated/trezorutils.pyi @@ -48,6 +48,13 @@ def firmware_hash(challenge: bytes | None = None) -> bytes: Computes the Blake2s hash of the firmware with an optional challenge as the key. """ + + +# extmod/modtrezorutils/modtrezorutils.c +def firmware_vendor() -> str: + """ + Returns the firmware vendor string from the vendor header. + """ SCM_REVISION: bytes VERSION_MAJOR: int VERSION_MINOR: int diff --git a/core/src/apps/base.py b/core/src/apps/base.py index d3b0f7d34..be523e587 100644 --- a/core/src/apps/base.py +++ b/core/src/apps/base.py @@ -36,6 +36,7 @@ def get_features() -> Features: f = Features( vendor="trezor.io", + fw_vendor=utils.firmware_vendor(), language="en-US", major_version=utils.VERSION_MAJOR, minor_version=utils.VERSION_MINOR, diff --git a/core/src/trezor/utils.py b/core/src/trezor/utils.py index e0b554faa..d7d55ddb9 100644 --- a/core/src/trezor/utils.py +++ b/core/src/trezor/utils.py @@ -10,6 +10,7 @@ from trezorutils import ( # noqa: F401 VERSION_PATCH, consteq, firmware_hash, + firmware_vendor, halt, memcpy, )