mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-22 22:38:08 +00:00
bootloader: wip
This commit is contained in:
parent
89ec08eec0
commit
b8af656e0a
@ -68,8 +68,7 @@ bool check_sdcard(void)
|
||||
|
||||
sdcard_power_off();
|
||||
|
||||
uint32_t codelen;
|
||||
if (parse_header(buf, &codelen)) {
|
||||
if (parse_header(buf, NULL, NULL, NULL)) {
|
||||
BOOTLOADER_PRINTLN("SD card header is valid");
|
||||
return true;
|
||||
} else {
|
||||
@ -112,7 +111,7 @@ bool copy_sdcard(void)
|
||||
sdcard_read_blocks((uint8_t *)buf, 0, 1);
|
||||
|
||||
uint32_t codelen;
|
||||
if (!parse_header((uint8_t *)buf, &codelen)) {
|
||||
if (!parse_header((uint8_t *)buf, &codelen, NULL, NULL)) {
|
||||
BOOTLOADER_PRINTLN("wrong header");
|
||||
return false;
|
||||
}
|
||||
@ -153,10 +152,9 @@ int main(void)
|
||||
}
|
||||
|
||||
BOOTLOADER_PRINTLN("checking stage 2");
|
||||
uint32_t codelen;
|
||||
if (parse_header((const uint8_t *)STAGE2_START, &codelen)) {
|
||||
if (parse_header((const uint8_t *)STAGE2_START, NULL, NULL, NULL)) {
|
||||
BOOTLOADER_PRINTLN("valid stage 2 header");
|
||||
if (check_signature()) {
|
||||
if (check_signature((const uint8_t *)STAGE2_START)) {
|
||||
BOOTLOADER_PRINTLN("valid stage 2 signature");
|
||||
BOOTLOADER_PRINTLN("JUMP!");
|
||||
// TODO: jump to second stage
|
||||
|
@ -7,17 +7,7 @@
|
||||
|
||||
#define FLASH_BASE 0x08000000
|
||||
|
||||
void hash_flash(uint8_t hash[SHA256_DIGEST_LENGTH])
|
||||
{
|
||||
sha256_Raw((const uint8_t *)FLASH_BASE, 1024*1024, hash);
|
||||
}
|
||||
|
||||
bool ed25519_verify(const uint8_t *msg, uint32_t msglen, const uint8_t *pubkey, const uint8_t *signature)
|
||||
{
|
||||
return (0 == ed25519_sign_open(msg, msglen, *(const ed25519_public_key *)pubkey, *(const ed25519_signature *)signature));
|
||||
}
|
||||
|
||||
bool parse_header(const uint8_t *data, uint32_t *codelen)
|
||||
bool parse_header(const uint8_t *data, uint32_t *codelen, uint8_t *sigidx, uint8_t *sig)
|
||||
{
|
||||
uint32_t magic;
|
||||
memcpy(&magic, data, 4);
|
||||
@ -31,32 +21,80 @@ bool parse_header(const uint8_t *data, uint32_t *codelen)
|
||||
memcpy(&expiry, data + 8, 4);
|
||||
if (expiry != 0) return false;
|
||||
|
||||
memcpy(codelen, data + 12, 4);
|
||||
uint32_t clen;
|
||||
memcpy(&clen, data + 12, 4);
|
||||
// stage 2 (+header) must fit into sectors 4...11 - see docs/memory.md for more info
|
||||
if (*codelen + hdrlen < 4 * 1024) return false;
|
||||
if (*codelen + hdrlen > 64 * 1024 + 7 * 128 * 1024) return false;
|
||||
if ((*codelen + hdrlen) % 512 != 0) return false;
|
||||
if (clen + hdrlen < 4 * 1024) return false;
|
||||
if (clen + hdrlen > 64 * 1024 + 7 * 128 * 1024) return false;
|
||||
if ((clen + hdrlen) % 512 != 0) return false;
|
||||
|
||||
if (codelen) {
|
||||
*codelen = clen;
|
||||
}
|
||||
|
||||
uint32_t version;
|
||||
memcpy(&version, data + 16, 4);
|
||||
|
||||
// uint8_t reserved[171];
|
||||
|
||||
uint8_t sigidx;
|
||||
memcpy(&sigidx, data + 0x00BF, 1);
|
||||
if (sigidx) {
|
||||
memcpy(sigidx, data + 0x00BF, 1);
|
||||
}
|
||||
|
||||
uint8_t sig[64];
|
||||
memcpy(sig, data + 0x00C0, 64);
|
||||
if (sig) {
|
||||
memcpy(sig, data + 0x00C0, 64);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool check_signature(void)
|
||||
{
|
||||
uint8_t hash[SHA256_DIGEST_LENGTH];
|
||||
hash_flash(hash);
|
||||
const uint8_t *SL_PUBKEY[5] = {
|
||||
(const uint8_t *)"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
|
||||
(const uint8_t *)"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
|
||||
(const uint8_t *)"CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC",
|
||||
(const uint8_t *)"DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
|
||||
(const uint8_t *)"EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE",
|
||||
};
|
||||
|
||||
const uint8_t *pub = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF";
|
||||
const uint8_t *sig = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
|
||||
return ed25519_verify(hash, SHA256_DIGEST_LENGTH, pub, sig);
|
||||
const uint8_t *get_pubkey(uint8_t index)
|
||||
{
|
||||
// TODO: compute combinations of pubkeys from index
|
||||
switch (index) {
|
||||
case 0x01:
|
||||
return SL_PUBKEY[0];
|
||||
case 0x02:
|
||||
return SL_PUBKEY[1];
|
||||
case 0x04:
|
||||
return SL_PUBKEY[2];
|
||||
case 0x08:
|
||||
return SL_PUBKEY[3];
|
||||
case 0x10:
|
||||
return SL_PUBKEY[4];
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
bool check_signature(const uint8_t *start)
|
||||
{
|
||||
uint32_t codelen;
|
||||
uint8_t sigidx;
|
||||
uint8_t sig[64];
|
||||
if (!parse_header(start, &codelen, &sigidx, sig)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
uint8_t hash[SHA256_DIGEST_LENGTH];
|
||||
SHA256_CTX ctx;
|
||||
sha256_Init(&ctx);
|
||||
sha256_Update(&ctx, start, 256 - 65);
|
||||
for (int i = 0; i < 65; i++) {
|
||||
sha256_Update(&ctx, (const uint8_t *)"\x00", 1);
|
||||
}
|
||||
sha256_Update(&ctx, start + 256, codelen);
|
||||
sha256_Final(&ctx, hash);
|
||||
|
||||
const uint8_t *pub = get_pubkey(sigidx);
|
||||
|
||||
return pub && (0 == ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
|
||||
}
|
||||
|
@ -4,8 +4,8 @@
|
||||
#include <stdint.h>
|
||||
#include <stdbool.h>
|
||||
|
||||
bool parse_header(const uint8_t *data, uint32_t *codelen);
|
||||
bool parse_header(const uint8_t *data, uint32_t *codelen, uint8_t *sigidx, uint8_t *sig);
|
||||
|
||||
bool check_signature(void);
|
||||
bool check_signature(const uint8_t *start);
|
||||
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user