add release cert support

board/bootstub.c

@@ -55,10 +55,18 @@ int main() {
   SHA_hash(&_app_start[1], len-4, digest);
 
   // verify RSA signature
-  if (!RSA_verify(&rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
-    fail();
+  if (RSA_verify(&release_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
+    goto good;
   }
 
+  // allow debug cert for now
+  if (RSA_verify(&debug_rsa_key, ((void*)&_app_start[0]) + len, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
+    goto good;
+  }
+
+// here is a failure
+  fail();
+good:
   // jump to flash
   ((void(*)()) _app_start[1])();
   return 0;

board/build.mk

@@ -38,7 +38,7 @@ obj/gitversion.h:
 endif
 
 obj/cert.h: ../crypto/getcertheader.py
-	../crypto/getcertheader.py $(CERT).pub > $@
+	../crypto/getcertheader.py ../certs/debug.pub ../certs/release.pub > $@
 
 obj/bootstub.$(PROJ_NAME).o: bootstub.c early.h obj/cert.h
 	$(CC) $(CFLAGS) -o $@ -c $<

board/tools/bl_unlock.py

@@ -1,4 +1,5 @@
 #!/usr/bin/env python
+import sys
 import usb1
 import struct
 from hexdump import hexdump
@@ -31,9 +32,11 @@ elif stat[4] == "\x09":
   dostat()
 hexdump(dev.controlRead(0x21, DFU_GETSTATUS, 0, 0, 6))
 
-# Read Unprotect
-#dev.controlWrite(0x21, DFU_DNLOAD, 0, 0, "\x92")
-#hexdump(dev.controlRead(0x21, DFU_GETSTATUS, 0, 0, 6))
+if len(sys.argv) > 1 and sys.argv[1] == "--unprotect":
+  # Read Unprotect
+  dev.controlWrite(0x21, DFU_DNLOAD, 0, 0, "\x92")
+  dostat()
+  exit(0)
 
 # Set Address Pointer
 dev.controlWrite(0x21, DFU_DNLOAD, 0, 0, "\x21" + struct.pack("I", 0x1fffc000))
@@ -45,6 +48,7 @@ dostat()
 
 # Dump
 val = dev.controlRead(0xA1, DFU_UPLOAD, 2, 0, 0x10)
+print "OLD:",
 hexdump(val)
 
 # Abort
@@ -55,10 +59,17 @@ dostat()
 dev.controlWrite(0x21, DFU_DNLOAD, 0, 0, "\x21" + struct.pack("I", 0x1fffc000))
 dostat()
 
-#val = val[0:8] + "\xfe\x7f\x01\x80"*2
-val = val[0:8] + "\xff\x7f\x00\x80"*2
+if len(sys.argv) > 1 and sys.argv[1] == "--lock":
+  val = "\xef\xaa\x10\x55"*2 + "\xfe\x7f\x01\x80"*2
+else:
+  val = "\xef\xaa\x10\x55"*2 + "\xff\x7f\x00\x80"*2
+print "NEW:",
+hexdump(val)
 
 # Program
 dev.controlWrite(0x21, DFU_DNLOAD, 2, 0, val)
-dostat()
+
+# triggers reboot
+dat = dev.controlRead(0x21, DFU_GETSTATUS, 0, 0, 6)
+hexdump(dat)
 

boardesp/Makefile

@@ -22,7 +22,7 @@ proxy: proxy.o tcp_ota.o
 proxy.o: proxy.c
 
 cert.h:
-	../crypto/getcertheader.py $(CERT).pub > cert.h
+	../crypto/getcertheader.py ../certs/debugesp.pub ../certs/releaseesp.pub > cert.h
 
 tcp_ota.o: tcp_ota.c cert.h
 

boardesp/tcp_ota.c

@@ -322,7 +322,7 @@ LOCAL void ICACHE_FLASH_ATTR ota_rx_cb(void *arg, char *data, uint16_t len) {
                         os_sprintf(buf, "%d: %02x %02x %02x %02x", ota_firmware_size-RSANUMBYTES, digest[0], digest[1], digest[2], digest[3]);
                         espconn_send(conn, buf, strlen(buf));*/
 
-                        if (!RSA_verify(&rsa_key, rsa, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
+                        if (!RSA_verify(&debugesp_rsa_key, rsa, RSANUMBYTES, digest, SHA_DIGEST_SIZE)) {
                           espconn_send(conn, "Signature check FAILED. OTA fail.......\r\n", 41);
                         } else {
                           // We've flashed all of the firmware now, reboot into the new firmware.

crypto/getcertheader.py

@@ -29,15 +29,18 @@ def to_c_uint32(x):
     x /= (2**32)
   return "{"+'U,'.join(map(str, nums))+"U}"
 
-rsa = RSA.importKey(open(sys.argv[1]).read())
-rr = pow(2**1024, 2, rsa.n)
-n0inv = 2**32 - modinv(rsa.n, 2**32)
+for fn in sys.argv[1:]:
+  rsa = RSA.importKey(open(fn).read())
+  rr = pow(2**1024, 2, rsa.n)
+  n0inv = 2**32 - modinv(rsa.n, 2**32)
 
-print 'RSAPublicKey rsa_key = {.len = 0x20,'
-print '  .n0inv = %dU,' % n0inv
-print '  .n = %s,' % to_c_uint32(rsa.n)
-print '  .rr = %s,' % to_c_uint32(rr)
-print '  .exponent = %d,' % rsa.e
-print '};'
+  cname = fn.split("/")[-1].split(".")[0] + "_rsa_key"
+
+  print 'RSAPublicKey '+cname+' = {.len = 0x20,'
+  print '  .n0inv = %dU,' % n0inv
+  print '  .n = %s,' % to_c_uint32(rsa.n)
+  print '  .rr = %s,' % to_c_uint32(rr)
+  print '  .exponent = %d,' % rsa.e
+  print '};'