forked from trezor/trezor-firmware
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfw_signatures.c
202 lines (175 loc) · 7.4 KB
/
fw_signatures.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
/*
* This file is part of the Trezor project, https://trezor.io/
*
* Copyright (C) 2014 Pavol Rusnak <[email protected]>
*
* This library is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
#include <string.h>
#include "ecdsa.h"
#include "fw_signatures.h"
#include "memory.h"
#include "memzero.h"
#include "secp256k1.h"
#include "sha2.h"
const uint32_t FIRMWARE_MAGIC_OLD = 0x525a5254; // TRZR
const uint32_t FIRMWARE_MAGIC_NEW = 0x465a5254; // TRZF
#define PUBKEYS 5
static const uint8_t * const pubkey[PUBKEYS] = {
(const uint8_t *)"\x02\xd5\x71\xb7\xf1\x48\xc5\xe4\x23\x2c\x38\x14\xf7\x77\xd8\xfa\xea\xf1\xa8\x42\x16\xc7\x8d\x56\x9b\x71\x04\x1f\xfc\x76\x8a\x5b\x2d",
(const uint8_t *)"\x03\x63\x27\x9c\x0c\x08\x66\xe5\x0c\x05\xc7\x99\xd3\x2b\xd6\xba\xb0\x18\x8b\x6d\xe0\x65\x36\xd1\x10\x9d\x2e\xd9\xce\x76\xcb\x33\x5c",
(const uint8_t *)"\x02\x43\xae\xdb\xb6\xf7\xe7\x1c\x56\x3f\x8e\xd2\xef\x64\xec\x99\x81\x48\x25\x19\xe7\xef\x4f\x4a\xa9\x8b\x27\x85\x4e\x8c\x49\x12\x6d",
(const uint8_t *)"\x02\x87\x7c\x39\xfd\x7c\x62\x23\x7e\x03\x82\x35\xe9\xc0\x75\xda\xb2\x61\x63\x0f\x78\xee\xb8\xed\xb9\x24\x87\x15\x9f\xff\xed\xfd\xf6",
(const uint8_t *)"\x03\x73\x84\xc5\x1a\xe8\x1a\xdd\x0a\x52\x3a\xdb\xb1\x86\xc9\x1b\x90\x6f\xfb\x64\xc2\xc7\x65\x80\x2b\xf2\x6d\xbd\x13\xbd\xf1\x2c\x31"
};
#define SIGNATURES 3
#define FLASH_META_START 0x08008000
#define FLASH_META_CODELEN (FLASH_META_START + 0x0004)
#define FLASH_META_SIGINDEX1 (FLASH_META_START + 0x0008)
#define FLASH_META_SIGINDEX2 (FLASH_META_START + 0x0009)
#define FLASH_META_SIGINDEX3 (FLASH_META_START + 0x000A)
#define FLASH_OLD_APP_START 0x08010000
#define FLASH_META_SIG1 (FLASH_META_START + 0x0040)
#define FLASH_META_SIG2 (FLASH_META_START + 0x0080)
#define FLASH_META_SIG3 (FLASH_META_START + 0x00C0)
bool firmware_present_old(void) {
if (memcmp(FLASH_PTR(FLASH_META_START), &FIRMWARE_MAGIC_OLD,
4)) { // magic does not match
return false;
}
if (*((const uint32_t *)FLASH_PTR(FLASH_META_CODELEN)) <
8192) { // firmware reports smaller size than 8192
return false;
}
if (*((const uint32_t *)FLASH_PTR(FLASH_META_CODELEN)) >
FLASH_APP_LEN) { // firmware reports bigger size than flash size
return false;
}
return true;
}
int signatures_old_ok(void) {
const uint32_t codelen = *((const uint32_t *)FLASH_META_CODELEN);
const uint8_t sigindex1 = *((const uint8_t *)FLASH_META_SIGINDEX1);
const uint8_t sigindex2 = *((const uint8_t *)FLASH_META_SIGINDEX2);
const uint8_t sigindex3 = *((const uint8_t *)FLASH_META_SIGINDEX3);
if (codelen > FLASH_APP_LEN) {
return false;
}
uint8_t hash[32] = {0};
sha256_Raw(FLASH_PTR(FLASH_OLD_APP_START), codelen, hash);
if (sigindex1 < 1 || sigindex1 > PUBKEYS) return SIG_FAIL; // invalid index
if (sigindex2 < 1 || sigindex2 > PUBKEYS) return SIG_FAIL; // invalid index
if (sigindex3 < 1 || sigindex3 > PUBKEYS) return SIG_FAIL; // invalid index
if (sigindex1 == sigindex2) return SIG_FAIL; // duplicate use
if (sigindex1 == sigindex3) return SIG_FAIL; // duplicate use
if (sigindex2 == sigindex3) return SIG_FAIL; // duplicate use
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[sigindex1 - 1],
(const uint8_t *)FLASH_META_SIG1,
hash)) { // failure
return SIG_FAIL;
}
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[sigindex2 - 1],
(const uint8_t *)FLASH_META_SIG2,
hash)) { // failure
return SIG_FAIL;
}
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[sigindex3 - 1],
(const uint8_t *)FLASH_META_SIG3,
hash)) { // failure
return SIG_FAIL;
}
return SIG_OK;
}
void compute_firmware_fingerprint(const image_header *hdr, uint8_t hash[32]) {
image_header copy = {0};
memcpy(©, hdr, sizeof(image_header));
memzero(copy.sig1, sizeof(copy.sig1));
memzero(copy.sig2, sizeof(copy.sig2));
memzero(copy.sig3, sizeof(copy.sig3));
copy.sigindex1 = 0;
copy.sigindex2 = 0;
copy.sigindex3 = 0;
sha256_Raw((const uint8_t *)©, sizeof(image_header), hash);
}
bool firmware_present_new(void) {
const image_header *hdr =
(const image_header *)FLASH_PTR(FLASH_FWHEADER_START);
if (hdr->magic != FIRMWARE_MAGIC_NEW) return false;
// we need to ignore hdrlen for now
// because we keep reset_handler ptr there
// for compatibility with older bootloaders
// after this is no longer necessary, let's uncomment the line below:
// if (hdr->hdrlen != FLASH_FWHEADER_LEN) return false;
if (hdr->codelen > FLASH_APP_LEN) return false;
if (hdr->codelen < 4096) return false;
return true;
}
int signatures_new_ok(const image_header *hdr, uint8_t store_fingerprint[32]) {
uint8_t hash[32] = {0};
compute_firmware_fingerprint(hdr, hash);
if (store_fingerprint) {
memcpy(store_fingerprint, hash, 32);
}
if (hdr->sigindex1 < 1 || hdr->sigindex1 > PUBKEYS)
return SIG_FAIL; // invalid index
if (hdr->sigindex2 < 1 || hdr->sigindex2 > PUBKEYS)
return SIG_FAIL; // invalid index
if (hdr->sigindex3 < 1 || hdr->sigindex3 > PUBKEYS)
return SIG_FAIL; // invalid index
if (hdr->sigindex1 == hdr->sigindex2) return SIG_FAIL; // duplicate use
if (hdr->sigindex1 == hdr->sigindex3) return SIG_FAIL; // duplicate use
if (hdr->sigindex2 == hdr->sigindex3) return SIG_FAIL; // duplicate use
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[hdr->sigindex1 - 1],
hdr->sig1, hash)) { // failure
return SIG_FAIL;
}
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[hdr->sigindex2 - 1],
hdr->sig2, hash)) { // failure
return SIG_FAIL;
}
if (0 != ecdsa_verify_digest(&secp256k1, pubkey[hdr->sigindex3 - 1],
hdr->sig3, hash)) { // failure
return SIG_FAIL;
}
return SIG_OK;
}
int mem_is_empty(const uint8_t *src, uint32_t len) {
for (uint32_t i = 0; i < len; i++) {
if (src[i]) return 0;
}
return 1;
}
int check_firmware_hashes(const image_header *hdr) {
uint8_t hash[32] = {0};
// check hash of the first code chunk
sha256_Raw(FLASH_PTR(FLASH_APP_START), (64 - 1) * 1024, hash);
if (0 != memcmp(hash, hdr->hashes, 32)) return SIG_FAIL;
// check remaining used chunks
uint32_t total_len = FLASH_FWHEADER_LEN + hdr->codelen;
int used_chunks = total_len / FW_CHUNK_SIZE;
if (total_len % FW_CHUNK_SIZE > 0) {
used_chunks++;
}
for (int i = 1; i < used_chunks; i++) {
sha256_Raw(FLASH_PTR(FLASH_FWHEADER_START + (64 * i) * 1024), 64 * 1024,
hash);
if (0 != memcmp(hdr->hashes + 32 * i, hash, 32)) return SIG_FAIL;
}
// check unused chunks
for (int i = used_chunks; i < 16; i++) {
if (!mem_is_empty(hdr->hashes + 32 * i, 32)) return SIG_FAIL;
}
// all OK
return SIG_OK;
}