parent
1bc69fa2d6
commit
b24c062a3d
@ -0,0 +1,84 @@
|
||||
/*
|
||||
* This file is part of the TREZOR project, https://trezor.io/
|
||||
*
|
||||
* Copyright (c) SatoshiLabs
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <stdint.h>
|
||||
#include <string.h>
|
||||
#include "common.h"
|
||||
#include "flash.h"
|
||||
#include "blake2s.h"
|
||||
|
||||
// symbols from bootloader.bin => bootloader.o
|
||||
extern const uint32_t _binary_embed_firmware_bootloader_bin_start;
|
||||
extern const uint32_t _binary_embed_firmware_bootloader_bin_size;
|
||||
|
||||
/*
|
||||
static secbool known_bootloader(const uint8_t *hash, int len) {
|
||||
if (len != 32) return secfalse;
|
||||
// bootloader-2.0.1.bin (padded with 0x00)
|
||||
if (0 == memcmp(hash, "\x91\x37\x46\xd0\x2d\xa7\xc4\xbe\x1d\xae\xef\xb0\x9b\x4e\x31\x88\xed\x38\x23\x5e\x0e\x31\xa7\x8c\x01\xde\x4e\xcc\xc2\xd6\x36\xb3", 32)) return sectrue;
|
||||
// bootloader-2.0.1.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\x2f\xdb\xde\x94\x0a\xd8\x91\x1c\xbd\x07\xb0\xba\x06\x2c\x90\x84\x02\xec\x95\x19\xde\x52\x8d\x4b\xe9\xb9\xed\x30\x71\x91\xb4\xd3", 32)) return sectrue;
|
||||
// bootloader-2.0.2.bin (padded with 0x00)
|
||||
if (0 == memcmp(hash, "\x2e\xf7\x47\xf8\x49\x87\x1e\xc8\xc6\x01\x35\xd6\x32\xe5\x5a\xd1\x56\x18\xf8\x64\x87\xb7\xaa\x7c\x62\x0e\xc3\x0d\x25\x69\x4e\x18", 32)) return sectrue;
|
||||
// bootloader-2.0.2.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\xcc\x6b\x35\xc3\x8f\x29\x5c\xbd\x7d\x31\x69\xaf\xae\xf1\x61\x01\xef\xbe\x9f\x3b\x0a\xfd\xc5\x91\x70\x9b\xf5\xa0\xd5\xa4\xc5\xe0", 32)) return sectrue;
|
||||
return secfalse;
|
||||
}
|
||||
*/
|
||||
|
||||
static secbool latest_bootloader(const uint8_t *hash, int len) {
|
||||
if (len != 32) return secfalse;
|
||||
// bootloader.bin (padded with 0x00)
|
||||
if (0 == memcmp(hash, "\x2e\xf7\x47\xf8\x49\x87\x1e\xc8\xc6\x01\x35\xd6\x32\xe5\x5a\xd1\x56\x18\xf8\x64\x87\xb7\xaa\x7c\x62\x0e\xc3\x0d\x25\x69\x4e\x18", 32)) return sectrue;
|
||||
// bootloader.bin (padded with 0xff)
|
||||
if (0 == memcmp(hash, "\xcc\x6b\x35\xc3\x8f\x29\x5c\xbd\x7d\x31\x69\xaf\xae\xf1\x61\x01\xef\xbe\x9f\x3b\x0a\xfd\xc5\x91\x70\x9b\xf5\xa0\xd5\xa4\xc5\xe0", 32)) return sectrue;
|
||||
return secfalse;
|
||||
}
|
||||
|
||||
#define BACKLIGHT_NORMAL 150
|
||||
|
||||
void check_and_replace_bootloader(void)
|
||||
{
|
||||
// compute current bootloader hash
|
||||
uint8_t hash[BLAKE2S_DIGEST_LENGTH];
|
||||
const uint32_t bl_len = 128 * 1024;
|
||||
const void *bl_data = flash_get_address(FLASH_SECTOR_BOOTLOADER, 0, bl_len);
|
||||
blake2s(bl_data, bl_len, hash, BLAKE2S_DIGEST_LENGTH);
|
||||
|
||||
// don't whitelist the valid bootloaders for now
|
||||
// ensure(known_bootloader(hash, BLAKE2S_DIGEST_LENGTH), "Unknown bootloader detected");
|
||||
|
||||
// do we have the latest bootloader?
|
||||
if (sectrue == latest_bootloader(hash, BLAKE2S_DIGEST_LENGTH)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// replace bootloader with the latest one
|
||||
const uint32_t *data = (const uint32_t *)&_binary_embed_firmware_bootloader_bin_start;
|
||||
const uint32_t len = (const uint32_t)&_binary_embed_firmware_bootloader_bin_size;
|
||||
ensure(flash_erase(FLASH_SECTOR_BOOTLOADER), NULL);
|
||||
ensure(flash_unlock_write(), NULL);
|
||||
for (int i = 0; i < len / sizeof(uint32_t); i++) {
|
||||
ensure(flash_write_word(FLASH_SECTOR_BOOTLOADER, i * sizeof(uint32_t), data[i]), NULL);
|
||||
}
|
||||
for (int i = len / sizeof(uint32_t); i < 128 * 1024 / sizeof(uint32_t); i++) {
|
||||
ensure(flash_write_word(FLASH_SECTOR_BOOTLOADER, i * sizeof(uint32_t), 0x00000000), NULL);
|
||||
}
|
||||
ensure(flash_lock_write(), NULL);
|
||||
}
|
@ -0,0 +1,25 @@
|
||||
/*
|
||||
* This file is part of the TREZOR project, https://trezor.io/
|
||||
*
|
||||
* Copyright (c) SatoshiLabs
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef __BL_CHECK_H__
|
||||
#define __BL_CHECK_H__
|
||||
|
||||
void check_and_replace_bootloader(void);
|
||||
|
||||
#endif
|
Binary file not shown.
@ -0,0 +1,20 @@
|
||||
#!/usr/bin/env python3
|
||||
import glob
|
||||
import pyblake2
|
||||
|
||||
ALIGNED_SIZE = 128 * 1024
|
||||
|
||||
files = glob.glob("bootloader*.bin")
|
||||
|
||||
for fn in sorted(files):
|
||||
data = open(fn, "rb").read()
|
||||
if len(data) > ALIGNED_SIZE:
|
||||
raise ValueError(fn, "too big")
|
||||
data_00 = data + b"\x00" * (ALIGNED_SIZE - len(data))
|
||||
data_ff = data + b"\xff" * (ALIGNED_SIZE - len(data))
|
||||
h_00 = pyblake2.blake2s(data=data_00).digest()
|
||||
h_ff = pyblake2.blake2s(data=data_ff).digest()
|
||||
h_00 = "".join(["\\x%02x" % i for i in h_00])
|
||||
h_ff = "".join(["\\x%02x" % i for i in h_ff])
|
||||
print(" // %s (padded with 0x00)\n if (0 == memcmp(hash, \"%s\", 32)) return sectrue;" % (fn, h_00))
|
||||
print(" // %s (padded with 0xff)\n if (0 == memcmp(hash, \"%s\", 32)) return sectrue;" % (fn, h_ff))
|
Loading…
Reference in new issue