From e8eb48cd0d7482f0b453086362c7a57aee6f95fc Mon Sep 17 00:00:00 2001 From: tychovrahe Date: Thu, 23 Jan 2025 11:36:58 +0100 Subject: [PATCH] chore(core): add T3W1 production keys vendorheaders [no changelog] --- core/embed/models/T3W1/model_T3W1.h | 13 ++++++------ .../vendorheader/vendor_dev_DO_NOT_SIGN.toif | Bin 791 -> 20 bytes .../T3W1/vendorheader/vendor_prodtest.json | 20 ++++++++++++++++++ .../T3W1/vendorheader/vendor_prodtest.toif | 1 + .../T3W1/vendorheader/vendor_trezor.json | 20 ++++++++++++++++++ .../T3W1/vendorheader/vendor_trezor.toif | Bin 0 -> 635 bytes .../vendorheader/vendor_trezor_btconly.json | 20 ++++++++++++++++++ .../vendorheader/vendor_trezor_btconly.toif | 1 + .../T3W1/vendorheader/vendor_unsafe.json | 20 ++++++++++++++++++ .../T3W1/vendorheader/vendor_unsafe.toif | Bin 0 -> 791 bytes .../vendorheader_prodtest_unsigned.bin | Bin 0 -> 1024 bytes .../vendorheader_trezor_btconly_unsigned.bin | Bin 0 -> 1024 bytes .../vendorheader_trezor_unsigned.bin | Bin 0 -> 1024 bytes .../vendorheader_unsafe_signed_dev.bin | Bin 0 -> 1024 bytes .../vendorheader_unsafe_unsigned.bin | Bin 0 -> 1024 bytes 15 files changed, 88 insertions(+), 7 deletions(-) mode change 100644 => 120000 core/embed/models/T3W1/vendorheader/vendor_dev_DO_NOT_SIGN.toif create mode 100644 core/embed/models/T3W1/vendorheader/vendor_prodtest.json create mode 120000 core/embed/models/T3W1/vendorheader/vendor_prodtest.toif create mode 100644 core/embed/models/T3W1/vendorheader/vendor_trezor.json create mode 100644 core/embed/models/T3W1/vendorheader/vendor_trezor.toif create mode 100644 core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.json create mode 120000 core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.toif create mode 100644 core/embed/models/T3W1/vendorheader/vendor_unsafe.json create mode 100644 core/embed/models/T3W1/vendorheader/vendor_unsafe.toif create mode 100644 core/embed/models/T3W1/vendorheader/vendorheader_prodtest_unsigned.bin create mode 100644 core/embed/models/T3W1/vendorheader/vendorheader_trezor_btconly_unsigned.bin create mode 100644 core/embed/models/T3W1/vendorheader/vendorheader_trezor_unsigned.bin create mode 100644 core/embed/models/T3W1/vendorheader/vendorheader_unsafe_signed_dev.bin create mode 100644 core/embed/models/T3W1/vendorheader/vendorheader_unsafe_unsigned.bin diff --git a/core/embed/models/T3W1/model_T3W1.h b/core/embed/models/T3W1/model_T3W1.h index bbc72c4520..85b27a7825 100644 --- a/core/embed/models/T3W1/model_T3W1.h +++ b/core/embed/models/T3W1/model_T3W1.h @@ -13,16 +13,15 @@ #define MODEL_USB_MANUFACTURER "Trezor Company" #define MODEL_USB_PRODUCT MODEL_FULL_NAME -// todo replace dev keys with produciton ones #define MODEL_BOARDLOADER_KEYS \ - (const uint8_t *)"\xdb\x99\x5f\xe2\x51\x69\xd1\x41\xca\xb9\xbb\xba\x92\xba\xa0\x1f\x9f\x2e\x1e\xce\x7d\xf4\xcb\x2a\xc0\x51\x90\xf3\x7f\xcc\x1f\x9d", \ -(const uint8_t *)"\x21\x52\xf8\xd1\x9b\x79\x1d\x24\x45\x32\x42\xe1\x5f\x2e\xab\x6c\xb7\xcf\xfa\x7b\x6a\x5e\xd3\x00\x97\x96\x0e\x06\x98\x81\xdb\x12", \ -(const uint8_t *)"\x22\xfc\x29\x77\x92\xf0\xb6\xff\xc0\xbf\xcf\xdb\x7e\xdb\x0c\x0a\xa1\x4e\x02\x5a\x36\x5e\xc0\xe3\x42\xe8\x6e\x38\x29\xcb\x74\xb6", + (const uint8_t *)"\xe8\x91\x2f\x81\xb3\xe7\x80\xee\x65\x0e\xd3\x85\x6d\xb5\x32\x6e\x0b\x9e\xff\x10\x36\x4b\x33\x91\x93\xe7\xa8\xf1\x0f\x76\x21\xb9", \ + (const uint8_t *)"\xbd\xe7\x0a\x38\xee\xe6\x33\xd2\x6f\x43\x4e\xee\x2f\x53\x6d\xf4\x57\xb8\xde\xb8\xbd\x98\x82\x94\xf4\xa0\xc8\xd9\x05\x49\x03\xd2", \ + (const uint8_t *)"\xa8\x5b\x60\x1d\xfb\xda\x1d\x22\xcc\xb5\xdd\x49\x2d\x26\x03\x4d\x87\xf6\x7f\x2a\x0b\x85\x84\xb7\x77\x44\x39\x46\x1f\xc4\x71\xa9", #define MODEL_BOOTLOADER_KEYS \ - (const uint8_t *)"\xd7\x59\x79\x3b\xbc\x13\xa2\x81\x9a\x82\x7c\x76\xad\xb6\xfb\xa8\xa4\x9a\xee\x00\x7f\x49\xf2\xd0\x99\x2d\x99\xb8\x25\xad\x2c\x48", \ -(const uint8_t *)"\x63\x55\x69\x1c\x17\x8a\x8f\xf9\x10\x07\xa7\x47\x8a\xfb\x95\x5e\xf7\x35\x2c\x63\xe7\xb2\x57\x03\x98\x4c\xf7\x8b\x26\xe2\x1a\x56", \ -(const uint8_t *)"\xee\x93\xa4\xf6\x6f\x8d\x16\xb8\x19\xbb\x9b\xeb\x9f\xfc\xcd\xfc\xdc\x14\x12\xe8\x7f\xee\x6a\x32\x4c\x2a\x99\xa1\xe0\xe6\x71\x48", + (const uint8_t *)"\x32\x0e\x11\x1e\x9d\xde\xd5\xfe\x7f\x5d\x41\xfd\x37\x2e\xf0\xe9\x1b\x2d\xfa\x4c\x6c\xdc\x9f\xe5\x22\x1b\xfb\x16\xaa\xf9\x17\x75", \ + (const uint8_t *)"\x2e\x34\x9f\x8d\x06\xb2\x33\x42\x62\xec\xb6\x03\xed\x04\xcb\x5a\x7c\xc0\xb6\x60\xeb\xe3\xcd\x5c\x29\x72\xb5\xcd\x1f\x38\xef\x85", \ + (const uint8_t *)"\xab\x0d\x3f\x91\xa4\xad\xf7\x44\x71\x9d\xba\x66\x17\x83\xec\x54\x9f\x73\xa4\xe4\x54\x57\xcb\x6d\x02\x75\x2a\x40\xfb\x63\xd3\xbf", #define IMAGE_CHUNK_SIZE SIZE_256K #define IMAGE_HASH_SHA256 diff --git a/core/embed/models/T3W1/vendorheader/vendor_dev_DO_NOT_SIGN.toif b/core/embed/models/T3W1/vendorheader/vendor_dev_DO_NOT_SIGN.toif deleted file mode 100644 index 24b655daec76d5873fd07c108a8ef894ac460890..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 791 zcmV+y1L*uzPf1320C)fk0{{T+l0k0dFbo9qARYbwylVl$$U-m{Nk(mtNVa6sOYmyZ zU9A52^O2L2larH^larGZVoKfieoB2R>*p7qr!il#K8<;V^*PKE+W5q!N?89*RAL=% zRAOn9qqka5dk{aP%iI3bUF*QvU1Ax=6xiC?w{eIO!Bzg|Ic}$Mm#=MU-uSjV=ao;p zW4RHrcf+OXQ{zkdCf3`HXxL&mqG3ckZr9!q4_%hou{PvxyYi$_4D)ivFw9FC!7w)? zx}7g#luzHmQW3H5F57%~HjKNhw|j2bw$rcO^DBC_>-UaUT3zo-9r*_F-rH%7gKhtw zScb7($%}Wsd>NMCzkeb9{yxK{O0%FBpI_I$5b-^RQ^NzI)3*8BS-dkl&9lqnooBdI=4Kx6EW?Oan-Oi( zC!ArJeMKfOw|R4J*x!%4&C)&oJ~l7g2fr_DUZxSgT|O_mwJqcPS3Xc zbN{G;nTF@u?NjlHHOY}(W|!A*zrH7G#asi-{qppy?|*lH`tNzyU%}fOzS>^uYa(Wr z6}^hq3qrNd4Bx`8T%gwUl559PRJ7&9;GOXZje`(B(b;fp^-)-k7nmaPy z*RSLAwjOb=<8h=7?RjGvmgev86UneVeW~a|F^CcE`|Le$3}Qt4uFYqLy))Y~V+n+9beiKZQ}0hu}NR^__0^~wYdELMI4R-ERJ^SE*Vp|`2K(XzSe*GlB=tH z`jyYl47)$~|Mr(#m6ZOhm9kd<8sXfx3~Ax)z<{J zueloaHXy8KlGzm5{N=okK2N9JS{U+cwQAGuwR`UfK3r{{x&0d7+TH$@r>`HI*?&(p z|K<&&vp2uGoO`5``TTsL_`R~7mtU#v^Tw}zb5z%^zqj_RWio4d|NGmwt!EW) z`!>(WwCrT8T}8WE?wq|-{U-c-l?UVSJs?+wYYqyWqMTM z_ft9YdlyG)D=k~I-tX&m>sh^LZ<1ze*`h`X+mA$=&UGcb9Lv-?YFhH7cm6Qz5aft_5AO@Y(w_#d%kP+xxfa^%a@;4X3unER6o}f zn`Ik&Xj`1K%cXOXy}g@XILtIFKHfFQm7Pa$O~$Y4w}ET72UyPP-+g`lnUK0JQBXRW GP!9mkEKx83 literal 0 HcmV?d00001 diff --git a/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.json b/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.json new file mode 100644 index 0000000000..39e33087fe --- /dev/null +++ b/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.json @@ -0,0 +1,20 @@ +{ + "header_len": 1024, + "text": "Trezor Bitcoin-only", + "hw_model": "T3W1", + "expiry": 0, + "version": [0, 0], + "sig_m": 2, + "trust": { + "allow_run_with_secret": true, + "show_vendor_string": false, + "require_user_click": false, + "red_background": false, + "delay": 0 + }, + "pubkeys": [ + "408f8d50c3d87211883a2cd33d69d1dc86a653fa6a1c2f0a9ca50c92adf9578c", + "18175b8eaf3feb21b55c127cebd9a59bc790996caaff73bd24a1cde2c8edc8f4", + "37022ce1ccbf4f991def8688c89a4bbb6da369aa49a5ce840bbfca0d1ee3210f" + ] +} diff --git a/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.toif b/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.toif new file mode 120000 index 0000000000..f005020b4e --- /dev/null +++ b/core/embed/models/T3W1/vendorheader/vendor_trezor_btconly.toif @@ -0,0 +1 @@ +./vendor_trezor.toif \ No newline at end of file diff --git a/core/embed/models/T3W1/vendorheader/vendor_unsafe.json b/core/embed/models/T3W1/vendorheader/vendor_unsafe.json new file mode 100644 index 0000000000..1881294d93 --- /dev/null +++ b/core/embed/models/T3W1/vendorheader/vendor_unsafe.json @@ -0,0 +1,20 @@ +{ + "header_len": 1024, + "text": "UNSAFE, DO NOT USE!", + "hw_model": "T3W1", + "expiry": 0, + "version": [0, 0], + "sig_m": 2, + "trust": { + "allow_run_with_secret": false, + "show_vendor_string": true, + "require_user_click": true, + "red_background": true, + "delay": 1 + }, + "pubkeys": [ + "e28a8970753332bd72fef413e6b0b2ef1b4aadda7aa2c141f233712a6876b351", + "d4eec1869fb1b8a4e817516ad5a931557cb56805c3eb16e8f3a803d647df7869", + "772c8a442b7db06e166cfbc1ccbcbcde6f3eba76a4e98ef3ffc519502237d6ef" + ] +} diff --git a/core/embed/models/T3W1/vendorheader/vendor_unsafe.toif b/core/embed/models/T3W1/vendorheader/vendor_unsafe.toif new file mode 100644 index 0000000000000000000000000000000000000000..24b655daec76d5873fd07c108a8ef894ac460890 GIT binary patch literal 791 zcmV+y1L*uzPf1320C)fk0{{T+l0k0dFbo9qARYbwylVl$$U-m{Nk(mtNVa6sOYmyZ zU9A52^O2L2larH^larGZVoKfieoB2R>*p7qr!il#K8<;V^*PKE+W5q!N?89*RAL=% zRAOn9qqka5dk{aP%iI3bUF*QvU1Ax=6xiC?w{eIO!Bzg|Ic}$Mm#=MU-uSjV=ao;p zW4RHrcf+OXQ{zkdCf3`HXxL&mqG3ckZr9!q4_%hou{PvxyYi$_4D)ivFw9FC!7w)? zx}7g#luzHmQW3H5F57%~HjKNhw|j2bw$rcO^DBC_>-UaUT3zo-9r*_F-rH%7gKhtw zScb7($%}Wsd>NMCzkeb9{yxK{O0%FBpI_I$5b-^RQ^NzI)3*8BS-dkl&9lqnooBdI=4Kx6EW?Oan-Oi( zC!ArJeMKfOw|R4J*x!%4&C)&oJ~l7g2fr_DUZxSgT|O_mwJqcPS3Xc zbN{G;nTF@u?NjlHHOY}(W|!A*zrH7G#asi-{qppy?|*lH`tNzyU%}fOzS>^uYa(Wr z6}^hq3qrNd4Bx`8T%gwUl559PRJ7&9;GOXZje`(B(b;fp^-)-k7nmaPy z*RSLAwjOb=<8h=7?RjGvmgev86UneVeW~a|F^CcE`|Le$3}Qt4uFYqLy))Y~W#j-*FxOl@4r3Sj0aCR8Hjnh<@S4QOS$CzA?sr7ntwk&Pn-+` z!bx6tztwrwYQ26gK5w~U{6@Rp%9gK|XM}G3II`3$;=gZ5l5B2BQs(5v+oSxe1?(4} zzWwiV?CS$JW0NG0iQKq#b9-Tj;K9&;&n)wn7fxTFn|bfYHtXk8{dXtt6x>*Tc|V3II`77|%j@rc)~?$6`g>nkRP1{%*`I75@7>PqZO;8aFQRQ@ z?8)x(eKnHP?(eTx{QJ-D@KUeM3&iKgU*9M2(YEcW=LPPwz3&XxoLuhHU>?rYLF-pxG5|5BdErb=8q z^*{M}s%m9y<6QcZ~J*Wa*wg~+0CaP&rRPE@+?j6 zz0To|u-SsSm(}Ma&Zu=&)8AfMoOk1X|L(JwZ2#Gr>ECAGub&gQOmJVUo&IId{h7Dd zzKq)*_5QkEM~7wk=HH$?+tvI-;+|dh^7NZ?jjwIFu`c|U@uR@QJ#}m3 zax!#2|IwRX)zj{Ge%tTj|0^12wmrY~Huz(Q>B)()Y16Og@874Mbu@I6R==+= zumAPF@_PKi+tT}P#l6Z_N}DFS=db;?zjtQ5v6}UI@jgRomF$f3r_XMB#J{hi-a2jf zRHHQya_ckC^p+kgn|(j`x%wsx%DSL$BxGE3gV{!uu?eb*nEB+lHD xq?xz#ALah9&*<-TUz6UOely8T%DDThdg|f literal 0 HcmV?d00001 diff --git a/core/embed/models/T3W1/vendorheader/vendorheader_trezor_btconly_unsigned.bin b/core/embed/models/T3W1/vendorheader/vendorheader_trezor_btconly_unsigned.bin new file mode 100644 index 0000000000000000000000000000000000000000..7ca9e3256117dd6171962899f47defbabefa9f28 GIT binary patch literal 1024 zcmWFuiV9<3VSoZA=6c2u<8VV5pMk-lzc=9UjUvGgE1k=>nHTT0EermYC8N(ZXDQF5 zwLimqB*dfp*4w{U+!`ZP^ZMq}*~cf$%vtrnc(2OBvyV=^J@LhyN$262{r)p$-?w#~ znB~1YcX8$_&!y*Dxc8spm3yqnFC0>oT9sd<;FMXCoS&Jeo1d3c8RGBhR>4rgkk7=x z@b=QiiHi*+SQD67S-3<5ECLn@Wi$%iY4QqS=W%ve;ILRxVMmWp#zEB!OOo{?$U$ymFJcD39& zd#l{%T)lg#y5=L$kFWmB4!gg{dG@?hOE<5qIrnOD`Ap07sKW23a^&|ej?`9Kwr0KG z*X!1^de7c8tL8mueeFi!c^8S@bx~hlFWmI<`fUH{Ta9-lAN`yC@%El&rS7R;o&`jf z|BiU9b4#=ETioZDo92I&QkwKl_S%xW_kYP5mmhnk^GU}=;`H5bQEUHfzIW#8&X?P7 zYiloJ2%3BS{Y>lm-+$SL?A!Nz*XnbD4VsrPKdsE3>Bgvjt|vCjHuliAIA@nj=OTN1 xH@|S0X;yr^YmO^BkKme&U)65|*KQB6oYlYk`usB?bzP#MbTXkHk?=cUm0Z`i zPGJ3ogN75U&EK6o^<$A&txn*+gRBwz#dO=>sl-mYQ^Pws@=sH-%9IE4Qwpa0pJhFr z%qJSwk}lkHnN2J__Qy1i*|opeLW)wW@{1Tk{5{<&7%CX@nHU(}UfMWuv4I3@0uw6> zmxzExz#^fHMxi@RUIFYp&JGJ47Aq?3=n={|sCuEvYsZ(iM4Pz#dTi3yJbvsIe=RP* ze-VeH0E?rYx=Y5?Ex!MszpwS5zU1mEpMK@DGsEuB{lER?RwboBYo)B!|3)PrHs!B= z`cCp~#9F5-(_a3Oo~KoA$?fg^boDiX?Q5<^y$uMfnPfIaHh(#~9kX7=Ax&A)lW=+h{SYnjYi-v9pgZR=UZ+rG^+GA%n9Ygf^(mOE!}mHV8lcP~}fd<6RO z)t}j6_xCu@o_A{L=9M+)UM()4X_+2X`2AFl{NBZp+DgmTtoQqR-FjB<*_&q7ya%nX z-6%ZoBC)$J>dWhen_ga@?LU31@s8x9f3rW{-m|RKJ@w18fXMRS5s!6lX%>Eq`}}g# z{I609|OozWXg|?Vru}&RpI3a{Fy~iT`WN+{07Y;McijQ~Aab@Qb kT$Ayu`fcFa?E#jv`gdQSe( zu(IzPO0C*@qQOD(GjS?tcC%5`?!ktivACq@7g1`}sWDZ2wP*#y>lWzqr~}qV-*{5lXN#Tif{H`ebHRZdeuMnx*p7qr!il#K8<;V^*PKE+W5q!N?89*RAL=%RAOn9qqka5 zdk{aP%iI3bUF*QvU1Ax=6xiC?w{eIO!Bzg|Ic}$Mm#=MU-uSjV=ao;pW4RHrcf+OX zQ{zkdCf3`HXxL&mqG3ckZr9!q4_%hou{PvxyYi$_4D)ivFw9FC!7w)?x}7g#luzHm zQW3H5F57%~HjKNhw|j2bw$rcO^DBC_>-UaUT3zo-9r*_F-rH%7gKhtwScb7($%}Ws zd>NMCzkeb9{yxK{O0%FBpI_I$5b-^RQ^NzI)3*8BS-dkl&9lqnooBdI=4Kx6EW?Oan-Oi(C!ArJeMKfO zw|R4J*x!%4&C)&oJ~l7g2fr_DUZxSgT|O_mwJqcPS3XcbN{G;nTF@u z?NjlHHOY}(W|!A*zrH7G#asi-{qppy?|*lH`tNzyU%}fOzS>^uYa(Wr6}^hq3qrNd4Bx`8T%gwUl559PRJ7&9;GOXZje`(B(b;fp^-)-k7nmaPy*RSLAwjOb= z<8h=7?RjGvmgev86UneVeW~a|F^CcE`|Le$3}Qt4uFYqLy))Y~TJq1mvkw+xD^1Qlf3 uMCwFbh}DGp!g3ZP@f)+H38tsznDKKN%Nl zWt43Wyz=f~+x(3?mb?%T%(}YLFtlcC2J7M1VlO_gV7}&lzaq0-r^`jVc0-<6&hLX~ z_UyTrZ?~&#$;-aa|Bp%rD4Ab-FC6L@?C9pIqu}DN;O8Hr5E|^N7~=2gR>4rgz|G9S z@OF}8-V*~Jmd^^ZfB)^tW;}Sp$w180Ew|reTgoNx4_Oyu*ZlkOdE#Uk5Ki*C`>oEa zR_pb1@p;P)<2Ty%Rc2aAr{Ko&!%JTUKlc8qcI|d= z#*HNNMTsufdDrjp^T$rRxzX%N-tJFJ0(m|c9WyxNEqTzuTzS`A{iG@W_YVdMZhWtI zyQaddXZM=z)p<9zU0#3pvv$?i*WdfXqGI2B$^K;fc<***Z*%Vdc@b?JV^4OM@2ioV zc7K1p;@^LEhnIS7ULZa{{`x+FkG5@3Juh&d?R{sk=H$YMUlVtP_;ShW?|T!K6nna4 z&v)r-aWSV?XA9?VslWay>vzfeSn2n*ZC~q;?McpmZzsfp~GdA07D}sndE3w1k$a4-&u%{bcy9WRkY{Of?{yA$gv}Pr zy{tYbaYn7Hn*R36;=CL8`*)wcWc$y~O#e3fe*K)dWrF)+?es5u?$5lv_GR4msQ1_P zIyx-NH!uG^x4+QdFX&FH+pgvx68G$~m#5#HYkY0XjdkI-j2{Ia?x|ZNmy@CM`H$Z8 zs-AYg^V@zG|6kEKv+en