bootloader: wip

2024-11-22 23:48:12 +00:00 · 2017-02-19 17:48:28 +01:00 · 2017-02-19 17:48:28 +01:00 · b8af656e0a
commit b8af656e0a
parent 89ec08eec0
3 changed files with 70 additions and 34 deletions
--- a/micropython/stmhal/bootloader/bootloader.c
+++ b/micropython/stmhal/bootloader/bootloader.c
@ -68,8 +68,7 @@ bool check_sdcard(void)

    sdcard_power_off();

-    uint32_t codelen;
-    if (parse_header(buf, &codelen)) {
+    if (parse_header(buf, NULL, NULL, NULL)) {
        BOOTLOADER_PRINTLN("SD card header is valid");
        return true;
    } else {
@ -112,7 +111,7 @@ bool copy_sdcard(void)
    sdcard_read_blocks((uint8_t *)buf, 0, 1);

    uint32_t codelen;
-    if (!parse_header((uint8_t *)buf, &codelen)) {
+    if (!parse_header((uint8_t *)buf, &codelen, NULL, NULL)) {
        BOOTLOADER_PRINTLN("wrong header");
        return false;
    }
@ -153,10 +152,9 @@ int main(void)
    }

    BOOTLOADER_PRINTLN("checking stage 2");
-    uint32_t codelen;
-    if (parse_header((const uint8_t *)STAGE2_START, &codelen)) {
+    if (parse_header((const uint8_t *)STAGE2_START, NULL, NULL, NULL)) {
        BOOTLOADER_PRINTLN("valid stage 2 header");
-        if (check_signature()) {
+        if (check_signature((const uint8_t *)STAGE2_START)) {
            BOOTLOADER_PRINTLN("valid stage 2 signature");
            BOOTLOADER_PRINTLN("JUMP!");
            // TODO: jump to second stage
--- a/micropython/stmhal/bootloader/crypto.c
+++ b/micropython/stmhal/bootloader/crypto.c
@ -7,17 +7,7 @@

 #define FLASH_BASE 0x08000000

-void hash_flash(uint8_t hash[SHA256_DIGEST_LENGTH])
-{
-     sha256_Raw((const uint8_t *)FLASH_BASE, 1024*1024, hash);
-}
-
-bool ed25519_verify(const uint8_t *msg, uint32_t msglen, const uint8_t *pubkey, const uint8_t *signature)
-{
-    return (0 == ed25519_sign_open(msg, msglen, *(const ed25519_public_key *)pubkey, *(const ed25519_signature *)signature));
-}
-
-bool parse_header(const uint8_t *data, uint32_t *codelen)
+bool parse_header(const uint8_t *data, uint32_t *codelen, uint8_t *sigidx, uint8_t *sig)
 {
    uint32_t magic;
    memcpy(&magic, data, 4);
@ -31,32 +21,80 @@ bool parse_header(const uint8_t *data, uint32_t *codelen)
    memcpy(&expiry, data + 8, 4);
    if (expiry != 0) return false;

-    memcpy(codelen, data + 12, 4);
+    uint32_t clen;
+    memcpy(&clen, data + 12, 4);
    // stage 2 (+header) must fit into sectors 4...11 - see docs/memory.md for more info
-    if (*codelen + hdrlen < 4 * 1024) return false;
-    if (*codelen + hdrlen > 64 * 1024 + 7 * 128 * 1024) return false;
-    if ((*codelen + hdrlen) % 512 != 0) return false;
+    if (clen + hdrlen < 4 * 1024) return false;
+    if (clen + hdrlen > 64 * 1024 + 7 * 128 * 1024) return false;
+    if ((clen + hdrlen) % 512 != 0) return false;
+
+    if (codelen) {
+        *codelen = clen;
+    }

    uint32_t version;
    memcpy(&version, data + 16, 4);

    // uint8_t reserved[171];

-    uint8_t sigidx;
-    memcpy(&sigidx, data + 0x00BF, 1);
+    if (sigidx) {
+        memcpy(sigidx, data + 0x00BF, 1);
+    }

-    uint8_t sig[64];
-    memcpy(sig, data + 0x00C0, 64);
+    if (sig) {
+        memcpy(sig, data + 0x00C0, 64);
+    }

    return true;
 }

-bool check_signature(void)
-{
-    uint8_t hash[SHA256_DIGEST_LENGTH];
-    hash_flash(hash);
+const uint8_t *SL_PUBKEY[5] = {
+    (const uint8_t *)"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+    (const uint8_t *)"BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
+    (const uint8_t *)"CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC",
+    (const uint8_t *)"DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD",
+    (const uint8_t *)"EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE",
+};

-    const uint8_t *pub = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF";
-    const uint8_t *sig = (const uint8_t *)"0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF";
-    return ed25519_verify(hash, SHA256_DIGEST_LENGTH, pub, sig);
+const uint8_t *get_pubkey(uint8_t index)
+{
+    // TODO: compute combinations of pubkeys from index
+    switch (index) {
+        case 0x01:
+            return SL_PUBKEY[0];
+        case 0x02:
+            return SL_PUBKEY[1];
+        case 0x04:
+            return SL_PUBKEY[2];
+        case 0x08:
+            return SL_PUBKEY[3];
+        case 0x10:
+            return SL_PUBKEY[4];
+        default:
+            return NULL;
+    }
+}
+
+bool check_signature(const uint8_t *start)
+{
+    uint32_t codelen;
+    uint8_t sigidx;
+    uint8_t sig[64];
+    if (!parse_header(start, &codelen, &sigidx, sig)) {
+        return false;
+    }
+
+    uint8_t hash[SHA256_DIGEST_LENGTH];
+    SHA256_CTX ctx;
+    sha256_Init(&ctx);
+    sha256_Update(&ctx, start, 256 - 65);
+    for (int i = 0; i < 65; i++) {
+        sha256_Update(&ctx, (const uint8_t *)"\x00", 1);
+    }
+    sha256_Update(&ctx, start + 256, codelen);
+    sha256_Final(&ctx, hash);
+
+    const uint8_t *pub = get_pubkey(sigidx);
+
+    return pub && (0 == ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
 }
--- a/micropython/stmhal/bootloader/crypto.h
+++ b/micropython/stmhal/bootloader/crypto.h
@ -4,8 +4,8 @@
 #include <stdint.h>
 #include <stdbool.h>

-bool parse_header(const uint8_t *data, uint32_t *codelen);
+bool parse_header(const uint8_t *data, uint32_t *codelen, uint8_t *sigidx, uint8_t *sig);

-bool check_signature(void);
+bool check_signature(const uint8_t *start);

 #endif