panda/board/bootstub.c

#define BOOTSTUB

#ifdef STM32F4
  #define PANDA
  #include "stm32f4xx.h"
  #include "stm32f4xx_hal_gpio_ex.h"
#else
  #include "stm32f2xx.h"
  #include "stm32f2xx_hal_gpio_ex.h"
#endif

#include "early.h"
#include "libc.h"
#include "spi.h"

#include "crypto/rsa.h"
#include "crypto/sha.h"

#include "obj/cert.h"

#include "spi_flasher.h"

void __initialize_hardware_early() {
  early();
}

void fail() {
#ifdef PANDA
  spi_flasher();
#else
  enter_bootloader_mode = ENTER_BOOTLOADER_MAGIC;
  NVIC_SystemReset();
#endif
}

int main() {
  clock_init();

  // validate length
  int len = _app_start[0];
  if (len < 8) fail();

  // compute SHA hash
  char digest[SHA_DIGEST_SIZE];
  SHA_hash(&_app_start[1], len-4, digest);

  // verify RSA signature
  if (RSA_verify(&release_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
    goto good;
  }

  // allow debug cert if unlocked
  if ( ((FLASH->OPTCR>>8)&0xFF) == 0xAA ) {
    if (RSA_verify(&debug_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
      goto good;
    }
  }

// here is a failure
  fail();
good:
  // jump to flash
  ((void(*)()) _app_start[1])();
  return 0;
}
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#define BOOTSTUB`

initial commit 2017-04-06 19:11:36 -06:00			`#ifdef STM32F4`
			`#define PANDA`
			`#include "stm32f4xx.h"`
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#include "stm32f4xx_hal_gpio_ex.h"`
initial commit 2017-04-06 19:11:36 -06:00			`#else`
			`#include "stm32f2xx.h"`
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#include "stm32f2xx_hal_gpio_ex.h"`
initial commit 2017-04-06 19:11:36 -06:00			`#endif`

			`#include "early.h"`
refactor libc, add crypto libraries to bootstub 2017-04-17 14:57:34 -06:00			`#include "libc.h"`
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#include "spi.h"`
initial commit 2017-04-06 19:11:36 -06:00
signing is coming along 2017-04-25 19:03:58 -06:00			`#include "crypto/rsa.h"`
			`#include "crypto/sha.h"`

			`#include "obj/cert.h"`

make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#include "spi_flasher.h"`
add bootloader lock support 2017-04-27 21:32:16 -06:00
initial commit 2017-04-06 19:11:36 -06:00			`void __initialize_hardware_early() {`
			`early();`
			`}`

signing is coming along 2017-04-25 19:03:58 -06:00			`void fail() {`
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#ifdef PANDA`
			`spi_flasher();`
			`#else`
signing is coming along 2017-04-25 19:03:58 -06:00			`enter_bootloader_mode = ENTER_BOOTLOADER_MAGIC;`
			`NVIC_SystemReset();`
make flashing over SPI work 2017-04-28 20:32:09 -06:00			`#endif`
signing is coming along 2017-04-25 19:03:58 -06:00			`}`

initial commit 2017-04-06 19:11:36 -06:00			`int main() {`
add mock stuff for signing 2017-04-17 14:57:34 -06:00			`clock_init();`

signing is coming along 2017-04-25 19:03:58 -06:00			`// validate length`
			`int len = _app_start[0];`
signature checking works on ST 2017-04-26 11:41:57 -06:00			`if (len < 8) fail();`
signing is coming along 2017-04-25 19:03:58 -06:00
			`// compute SHA hash`
			`char digest[SHA_DIGEST_SIZE];`
signature checking works on ST 2017-04-26 11:41:57 -06:00			`SHA_hash(&_app_start[1], len-4, digest);`
signing is coming along 2017-04-25 19:03:58 -06:00
			`// verify RSA signature`
add release cert support 2017-04-28 16:06:01 -06:00			`if (RSA_verify(&release_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {`
			`goto good;`
signature checking works on ST 2017-04-26 11:41:57 -06:00			`}`
add mock stuff for signing 2017-04-17 14:57:34 -06:00
support serial number fetching 2017-04-28 17:56:40 -06:00			`// allow debug cert if unlocked`
			`if ( ((FLASH->OPTCR>>8)&0xFF) == 0xAA ) {`
			`if (RSA_verify(&debug_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {`
			`goto good;`
			`}`
add release cert support 2017-04-28 16:06:01 -06:00			`}`

			`// here is a failure`
			`fail();`
			`good:`
add mock stuff for signing 2017-04-17 14:57:34 -06:00			`// jump to flash`
			`((void(*)()) _app_start[1])();`
initial commit 2017-04-06 19:11:36 -06:00			`return 0;`
			`}`