passport-firmware/ports/stm32/boards/Passport/common/hash.c

// SPDX-FileCopyrightText: 2020 Foundation Devices, Inc.  <hello@foundationdevices.com>
// SPDX-License-Identifier: GPL-3.0-or-later
//
// SPDX-FileCopyrightText: 2018 Coinkite, Inc.  <coldcardwallet.com>
// SPDX-License-Identifier: GPL-3.0-only
//
#include <stdint.h>
#include <string.h>

#ifndef PASSPORT_COSIGN_TOOL
#include "stm32h7xx_hal.h"
#endif /* PASSPORT_COSIGN_TOOL */

#include "utils.h"
#include "fwheader.h"
#include "sha256.h"
#include "secrets.h"

#define UID_LEN     (96/8) /* 96 bits (Section 61.1 in STMH753 RM) */

void hash_fw(
    fw_info_t *hdr,
    uint8_t *fw,
    size_t fwlen,
    uint8_t *hash,
    uint8_t hashlen
)
{
    SHA256_CTX  ctx;

    sha256_init(&ctx);

    /* Checksum the header */
    sha256_update(&ctx, (uint8_t *)hdr, sizeof(fw_info_t));

    /* Checksum the firmware */
    sha256_update(&ctx, fw, fwlen);
    sha256_final(&ctx, hash);

    /* double SHA256 */
    sha256_init(&ctx);
    sha256_update(&ctx, hash, hashlen);
    sha256_final(&ctx, hash);
}

#ifndef PASSPORT_COSIGN_TOOL
void hash_board(
    uint8_t *fw_hash,
    uint8_t fw_hash_len,
    uint8_t *hash,
    uint8_t hashlen
)
{
    SHA256_CTX  ctx;
    FLASH_TypeDef *flash = (FLASH_TypeDef *)FLASH_R_BASE;
    uint32_t options = (uint32_t)(flash->OPTSR_CUR & FLASH_OPTSR_RDP_Msk);

    sha256_init(&ctx);
    /* Add in firmware signature */
    sha256_update(&ctx, fw_hash, fw_hash_len);
    /* Add SE serial number */
    sha256_update(&ctx, rom_secrets->se_serial_number, sizeof(rom_secrets->se_serial_number));
    /* Add option bytes */
    sha256_update(&ctx, (uint8_t *)&options, sizeof(uint32_t));
    /* Add unique device ID */
    sha256_update(&ctx, (uint8_t *)UID_BASE, UID_LEN);
    sha256_final(&ctx, hash);

    /* double SHA256 */
    sha256_init(&ctx);
    sha256_update(&ctx, hash, hashlen);
    sha256_final(&ctx, hash);
}
#endif /* PASSPORT_COSIGN_TOOL */
Initial commit 4 years ago			`// SPDX-FileCopyrightText: 2020 Foundation Devices, Inc. <hello@foundationdevices.com>`
			`// SPDX-License-Identifier: GPL-3.0-or-later`
			`//`
			`// SPDX-FileCopyrightText: 2018 Coinkite, Inc. <coldcardwallet.com>`
			`// SPDX-License-Identifier: GPL-3.0-only`
			`//`
			`#include <stdint.h>`
			`#include <string.h>`

			`#ifndef PASSPORT_COSIGN_TOOL`
			`#include "stm32h7xx_hal.h"`
			`#endif /* PASSPORT_COSIGN_TOOL */`

			`#include "utils.h"`
			`#include "fwheader.h"`
			`#include "sha256.h"`
			`#include "secrets.h"`

			`#define UID_LEN (96/8) /* 96 bits (Section 61.1 in STMH753 RM) */`

			`void hash_fw(`
			`fw_info_t *hdr,`
			`uint8_t *fw,`
			`size_t fwlen,`
			`uint8_t *hash,`
			`uint8_t hashlen`
			`)`
			`{`
			`SHA256_CTX ctx;`

			`sha256_init(&ctx);`

			`/* Checksum the header */`
			`sha256_update(&ctx, (uint8_t *)hdr, sizeof(fw_info_t));`

			`/* Checksum the firmware */`
			`sha256_update(&ctx, fw, fwlen);`
			`sha256_final(&ctx, hash);`

			`/* double SHA256 */`
			`sha256_init(&ctx);`
			`sha256_update(&ctx, hash, hashlen);`
			`sha256_final(&ctx, hash);`
			`}`

			`#ifndef PASSPORT_COSIGN_TOOL`
			`void hash_board(`
			`uint8_t *fw_hash,`
			`uint8_t fw_hash_len,`
			`uint8_t *hash,`
			`uint8_t hashlen`
			`)`
			`{`
			`SHA256_CTX ctx;`
			`FLASH_TypeDef flash = (FLASH_TypeDef )FLASH_R_BASE;`
			`uint32_t options = (uint32_t)(flash->OPTSR_CUR & FLASH_OPTSR_RDP_Msk);`

			`sha256_init(&ctx);`
			`/* Add in firmware signature */`
			`sha256_update(&ctx, fw_hash, fw_hash_len);`
			`/* Add SE serial number */`
			`sha256_update(&ctx, rom_secrets->se_serial_number, sizeof(rom_secrets->se_serial_number));`
			`/* Add option bytes */`
			`sha256_update(&ctx, (uint8_t *)&options, sizeof(uint32_t));`
			`/* Add unique device ID */`
			`sha256_update(&ctx, (uint8_t *)UID_BASE, UID_LEN);`
			`sha256_final(&ctx, hash);`

			`/* double SHA256 */`
			`sha256_init(&ctx);`
			`sha256_update(&ctx, hash, hashlen);`
			`sha256_final(&ctx, hash);`
			`}`
			`#endif /* PASSPORT_COSIGN_TOOL */`