- Creates a seed for the key stream cipher
- Stores this seed with the rest of the code for the bootloader, as well as in the secret_build_output.txt file.
- The bootloader generates a main.bin file which has contents of flash memory
-
Reads in infile, outfile, version number, and release message
python fw_protect --infile --outfile --version --message
- infile (Specifies file to protect)
- outfile (Specifies file to write to)
- message (Uses as release message)
- version (Specifies firmware version number)
- Combines release message and firmware while adding a nullbyte as a terminator
- Generates key from stream cipher
- Creates METADATA(version, size, and HMACS)
- Creates an HMAC of the firmware and one of the Version and Size using two different keys and adds to METADATA
- Breaks the firmware into frames with the first 16 bytes being IV, next 2 being size, at most 1kb of cipher text, and the tag as the last 16
- Writes METADATA and framed firmware with release message to outdata
-
Sends the data from the infile to the bootloader
python fw_update --port --firmware [--debug]
- port (Port to write to)
- firmware (Chooses file to install)
- [debug] (Turns on debug mode)
- Handshake (update tool sends U, bootloader sends a U back)
- Update tool sends over the metadata package (in frames if necessary)
- Waits for "OK" byte before sending next frame
- Send a black frame to indicate it is done sending frames
NOTE: If debug is turned on extra data is printed to screen
- Loads or boots firmware
- Rejects older versions or invalid firmware
- Generates key with stream cipher
- Prints to UART2
- Waits for byte to specify mode: "U" for update; "B" for boot
- 0x20 to UART0 resets device
- Reads METADATA from update tool
- Creates key with stream cipher
- Verifies METADATA HMAC
- If correct, writes METADATA to address 0xFC00
- Reads each frame of firmware
- Uses provided IV to decrypt data
- Flashes to storage in pages starting at address 0x1000
- Verifies firmware HMAC
- If wrong, erases firmware
- Sends "OK" to indicate end of update
- Prints release message
- Boots firmware
- Navigate to /firmware/firmware and run
make - Navigate to /tools and run
python bl_build.pyto compile the bootloader - Run
python bl_emulate.pyto run the bootloader - Open a UART with
miniterm /embsec/UARTXwhere X is the UART number
- Navigate to /tools and run the fw_protect.py tool to protect the firmware
- Run the fw_update.py tool to attempt to update the booloader
NOTE: bl_emulate must be running before attempting to update the bootloader
*****,,**, *****************,***,*,***/**..,*********/,**,,,*,,,,*,,*,,*,.******
*,,*,***,, ***************,*****#/(&(((/*..*********,*****,*,*,******,**,.******
,*,*,*,*,, /************,**,,/%%#%#%%&&%%(%%****(/********,,,*****,,****,,******
,,*,,,,,,*******,,**..,,,,*%%&&%&&%&@&&&&&&@&&@@&&@%/*,,**************/*.,******
**,,,,*,,*********,*.,//#((&&&&@&&&&&@&%&%&&&@&&@%@&%%**,******,,,,,,,,,*,,,*,**
**,,,,************** .***(&&@@@@@@&&@#&@&@&@&&&&&&@@@@@%/%*************,********
,*,,,,,*******,***** ,*/%&%&%&&@@%&%@%#(((###&&&&@@&@&&&%((*********************
**,,.,,.. ...... (%&%%&&&&(***,,,,..,,,,**/#%&&&&&%/*******,,,,,,,*******
********* ,************/(&&%/*,,.. .............,,,*/#%@&%*****/**///*** .**,,,.
*/******* *****/*/*****(&%(/,,.... ........,...,,**/#&%#/*****//**//// ,******
********. *************%&%(*,.... ............,,,**/%&/***/*/**/*//// */*****
......,,,,***&&%/*,..... ...............,,,*/%%/*****///*///// //*****
**,,,,*,********,*** **%&*,#&%&%&&&&%(/*,,,*/#%&&&&%%#/(&((///*/**,,,,,. ..
******,************* **#&%/**/((/((#((/@&&%%/((((///**(#%%&////***********//////
***,,*,*,*********** */*/(,,,*****/((//&,,,&/((/***/(/*/&#//////**/******///////
,,**,*****///*****// /.**.&...,,,,,,,*&,.,,/(*,/**,,,,,*#****//********/*///////
********(./*/*****/***,#,... ,/((#/,*...,**//%&((//(%#*/. .
///////*/ /*////////*/..,,.....,*/,,,,,..,,****//,,.,,,**/*/////////////.*//////
///////// /////(////////,,,,,,/**,,,,,***********(/,,***////////(///((//,*//(///
***///*/*.///*//////////*,*,,**,,,.,,,,,,,,*,,,,,******/*******/////////.*////(/
///(/(/(((/(((((//*.*////*,,,.*,,/@. . . ..@#,,,,**. ......,,,,*****.,/*////
////*////////////(/.//(((((,,,,,..,,,**//**////,,,,,*/////////////**/////*///***
/////////////////(*./(((((/*/*,,,,,..,,,***,,,,,*,**////////////***///*///////*/
/////////////////(,.(/((((**,*/*,,.,,.,,,,,,,,*,*/.*/////////////*///*//////////
.... .. .....,,,@*,,,**/*,,.,,.,,,,,***/(.,//(/(//////////////////////*
////////,,/**//////(***,#,*,,,,*************//**/%//////*///////////////.////(/(
////////,,//////,//,,*****,,,,,,,,,,,***********/(/////*////////////////.///////
////////,,//***(**/*,,****/,,,,,,,,,..,,,,,****/(/*///////(/////////////.///////
//(///*/*/**////*,,*/*,,*,,***,,,,,,,,..,******(/*//(*////((/*//(/*/////.///////
/**//****/*,/(//**,,****,******/*//*,,*****/////**/(/*//////(/(//((/*///(,......
/////***/*//(//(//*,,,,*//**,,/****///**///////**/((**(///*///(/**/(/*/((//*////
((//***///*/(/(///*/**,*,*//**********///*/*//*/////*//*****//////////*(*/////*/
(##(#(((////*****/////(((///////////((((((((////(%%%%%%%%%%##(#((/*/(#%%%%#%%%%%
((###(((//*//***//////(((((/((((#(//(/**(##%%%%%##%%%%%%%#%%%((/////(%%&%%%%%&&%
###(((((((((//((//////(/(##(((/,,.,,,..,,,,,,,,/#%##%%####(((/****///(#%%%%&&%%%
////((#%%#((((((#%%%%(/(/(#,,.,......,,. .. ..,,,,,*%%#((#%%%#((/(#((##%%%%%%&%%
@@&&%/*,*//////**/****/*,,,..,,,,,,,,,,**,,,,,,,,,,**#%&&&&&&&&&&&%##%%%%%%&&&%%
@@%///*//////((///*,///,/%&&&&@@@@@@@@@&&%*,***,,,,,,**&@@@@@@@@@@@@@@@@@@@@@@@@
&@%&%%%%&%%#####(((((&&@@@@@@&&&&&&&&&@&@&@@@&%,,/***/&/(@@@@@@@@@@@@@@@@@@@@@@@
@@@@@&&&/*,,***,,*&&@@@@@&&&&&&&&&&&&&&@@&&&&&&&&&%*,,/*//@@&%%##########%%%%&@@
&@@&%/**////////&&@@@@@&&&&&&&%%%%%%&%%%%%%&&&&&&%%%%%%(&*##((/////(%%%%#(/((##&
@@@%%&&#(#%&&%%#%@@@@@%%%&&&&&&%%#########%%%%###(/*,,*(%#///(#&&#(##(((/////(((
#(*,,*//(%&&%#/****(&%(#(((####%####%%#(##%%%&%(/*,....*%%#((((#%#((####///(%%%%
/(((/(((///(##((///&&&*,*/(#@@&&&%#((/*/#%@&%%%//(/,...,(&%#((///(//(#(###%%#%%&
/(((#%####%&&&&%%(**,&#,*,,*/(%#(//*,,,,,,,****,,......,(#*.,,(((%%%##%&&&&@&&@@
(/*/(((/*//*,*****,.,#%,,..,,,,,,**,,,,....,,..........,(/,..**%%%%##((#%%@@@@@@
((((**/(//**//,,*,/(,,%,.....,,,*,****,,...,,,,........,///,.,/%%&&%#(//(//(##%&
,*,,***//#(/(((###(/,*(*,.,,,,*,*/#%#(/((/,,,*,,.......*,,.,..%%%##((((///(#(/(#
*****//((((###/((*,,,,/*,,,,,*,***/((##(/**,,*,*......,/,...*(%%%%#####(((###(((
//,.,***((###((/*/((/*,*/,,,*/((*/(((((((//////*,.....,/****(%#####(((((((###(#%
(%#%(//((((##(((((((*((#(,,,*/(%*,******,,,,*/((,,,,,*/////((((((///**/****/**/(
/%@@&%%&&&&&%%((###(*/,,*(**((/(*,**/(*(/**,*/((/**///((%###(/(((((###%&%#(//***
****(&@@@@@&&&%%%%%%%&%#####(/(#(//(((/(////*/((//(#((#(*******/////((#%###%%(//
/,,,,*/#&@@@@@@@@@@@&#(/*(&#%###((/////****(((((((%###/*/**//*/(#((/((###(####((
((#%%#((%@@@@@@@@&%#/*,,,,*#&&&%(%(/(#(#(#(((%%%#%&#(*,..###%&&&&&&%&%&@@@@@@#&&
,,,,**(%@@@@@@@@@%//////(##%(#%&&&#%&&&&#%&%&&&&%(/*,,..../***,,****,**,,*/#//*,
****,...,(@@@@@(,*//***///((/,**/#%&&&@@&&&%(/***,,,,,....#((#(#%(##*,,*****//**
//**,*,..,#&@#*////*////(#%#(,,,****///((/***,,,,,,......######%(%#(##&#((((((((
/****/,../##//(//////(%&%%%%#,,,,,,****/***,,,,,,,.....%###%%#%&(######%&((####(
/////**((((###(//#%%%#%&%%%%%%,,,,*,****//***,,,,,,*%%%%%%##%#%&#(######&#(#%#(#
////**#%#((#%%%%%%%%%%%&&%%&&&&&&%(******//***#%%%%%%%%###%%%#%&%(#####%&##%(#%#
&@@@@@####%%%%%#%&%##%%%%%%%%%%%%&&&&&&&&&%%&%%%%%#%%#####%%##%%&((#(##%&%##(#%%
(%%#(######%%###%%####%########%&%%#%%%#%##%%#%%%##########%##%%%#((###%%%###%%%
####(#######%##%%%#############################################%%#((##%%%%###%%%