kopia lustrzana https://github.com/solokeys/solo1
store all info in same page, dont use authenticator state
rodzic
d33749fc16
commit
9ac2aa90c3
|
@ -53,7 +53,6 @@ typedef struct
|
|||
uint16_t key_lens[MAX_KEYS];
|
||||
uint8_t key_space[KEY_SPACE_BYTES];
|
||||
uint8_t data_version;
|
||||
uint8_t flags;
|
||||
} AuthenticatorState_0x01;
|
||||
|
||||
typedef AuthenticatorState_0x01 AuthenticatorState;
|
||||
|
|
|
@ -192,8 +192,8 @@ void device_init_button(void)
|
|||
}
|
||||
|
||||
int solo_is_locked(){
|
||||
uint8_t flags = ((AuthenticatorState *) STATE1_PAGE_ADDR)->flags;
|
||||
return (flags & SOLO_FLAG_LOCKED) != 0;
|
||||
uint64_t device_settings = ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings;
|
||||
return (device_settings & SOLO_FLAG_LOCKED) != 0;
|
||||
}
|
||||
|
||||
/** device_migrate
|
||||
|
@ -211,18 +211,20 @@ static void device_migrate(){
|
|||
extern uint8_t attestation_solo_cert_der[];
|
||||
extern uint8_t attestation_hacker_cert_der[];
|
||||
|
||||
AuthenticatorState state;
|
||||
authenticator_read_state(&state);
|
||||
if (state.flags == 0xFF)
|
||||
uint64_t device_settings = ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings;
|
||||
uint32_t configure_tag = (uint32_t)(device_settings >> 32);
|
||||
|
||||
if (configure_tag != ATTESTATION_CONFIGURED_TAG)
|
||||
{
|
||||
printf1(TAG_RED,"Migrating certificate and lock information to data segment.\r\n");
|
||||
// do migrate.
|
||||
state.flags = 0;
|
||||
|
||||
device_settings = ATTESTATION_CONFIGURED_TAG;
|
||||
device_settings <<= 32;
|
||||
|
||||
// Read current device lock level.
|
||||
uint32_t optr = FLASH->OPTR;
|
||||
if ((optr & 0xff) != 0xAA){
|
||||
state.flags |= SOLO_FLAG_LOCKED;
|
||||
device_settings |= SOLO_FLAG_LOCKED;
|
||||
}
|
||||
|
||||
uint8_t tmp_attestation_key[32];
|
||||
|
@ -273,9 +275,10 @@ static void device_migrate(){
|
|||
);
|
||||
}
|
||||
|
||||
// Save.
|
||||
authenticator_write_state(&state,0);
|
||||
authenticator_write_state(&state,1);
|
||||
// Save / done.
|
||||
flash_write_dword(
|
||||
(uint32_t) & ((flash_attestation_page *)ATTESTATION_PAGE_ADDR)->device_settings,
|
||||
(uint64_t)device_settings);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -67,13 +67,14 @@ typedef struct flash_memory_st flash_memory_st;
|
|||
#include <assert.h>
|
||||
static_assert(sizeof(flash_memory_st) == 256*1024, "Data structure doesn't match flash size");
|
||||
|
||||
#define ATTESTATION_FORMAT 0x5A01
|
||||
#define ATTESTATION_CONFIGURED_TAG 0xaa551e78
|
||||
|
||||
struct flash_attestation_page{
|
||||
uint8_t attestation_key[32];
|
||||
// DWORD padded.
|
||||
uint64_t device_settings;
|
||||
uint64_t attestation_cert_size;
|
||||
uint8_t attestation_cert[2048 - 32 - 8];
|
||||
uint8_t attestation_cert[2048 - 32 - 8 - 8];
|
||||
} __attribute__((packed));
|
||||
|
||||
typedef struct flash_attestation_page flash_attestation_page;
|
||||
|
|
Ładowanie…
Reference in New Issue