diff --git a/hw/application_fpga/tools/b2s/README.md b/hw/application_fpga/tools/b2s/README.md new file mode 100644 index 0000000..2a039e0 --- /dev/null +++ b/hw/application_fpga/tools/b2s/README.md @@ -0,0 +1,29 @@ +# b2s + +The firmware included a BLAKE2s digest of the expected device app in +the first app slot. The firmware refuses to start the app if the +computed digest differs from the constant. + +To simplify computing the digest, use this tool with the `-c` flag for +including the digest in a C program: + +## Building + +`go build` + +## Running + +``` +./b2s -m b2s -c +// BLAKE2s digest of b2s +uint8_t digest[32] = { +0x17, 0x36, 0xe9, 0x4e, 0xeb, 0x1b, 0xa2, 0x30, 0x89, 0xa9, 0xaa, 0xe, 0xf2, 0x6f, 0x35, 0xb2, 0xa9, 0x89, 0xac, 0x64, 0x63, 0xde, 0x38, 0x60, 0x47, 0x40, 0x91, 0x4e, 0xd7, 0x72, 0xa0, 0x58, +}; +``` + +To print the digest in a more user friendly way, leave out the `-c`: + +``` +./b2s -m b2s +1736e94eeb1ba23089a9aa0ef26f35b2a989ac6463de38604740914ed772a058 b2s +``` diff --git a/hw/application_fpga/tools/b2s/b2s.go b/hw/application_fpga/tools/b2s/b2s.go new file mode 100644 index 0000000..7b73672 --- /dev/null +++ b/hw/application_fpga/tools/b2s/b2s.go @@ -0,0 +1,59 @@ +// SPDX-FileCopyrightText: 2025 Tillitis AB +// SPDX-License-Identifier: BSD-2-Clause + +package main + +import ( + "flag" + "fmt" + "os" + + "golang.org/x/crypto/blake2s" +) + +func usage() { + fmt.Printf("Usage: %s -m filename [-c]\n", os.Args[0]) +} + +func printCDigest(digest [blake2s.Size]byte, fileName string) { + fmt.Printf("// BLAKE2s digest of %v\n", fileName) + fmt.Printf("const uint8_t digest[32] = {\n") + + for _, n := range digest { + fmt.Printf("0x%x, ", n) + } + + fmt.Printf("\n}; \n") +} + +func main() { + var messageFile string + var forC bool + + flag.StringVar(&messageFile, "m", "", "Specify file containing message.") + flag.BoolVar(&forC, "c", false, "Print digest for inclusion in C program.") + + flag.Usage = usage + flag.Parse() + + if messageFile == "" { + usage() + os.Exit(0) + } + + message, err := os.ReadFile(messageFile) + if err != nil { + fmt.Printf("%v\n", err) + os.Exit(1) + } + + digest := blake2s.Sum256(message) + + if forC { + printCDigest(digest, messageFile) + } else { + fmt.Printf("%x %s\n", digest, messageFile) + } + + os.Exit(0) +} diff --git a/hw/application_fpga/tools/b2s/go.mod b/hw/application_fpga/tools/b2s/go.mod new file mode 100644 index 0000000..5c98d9b --- /dev/null +++ b/hw/application_fpga/tools/b2s/go.mod @@ -0,0 +1,9 @@ +module b2s + +go 1.23.0 + +toolchain go1.23.7 + +require golang.org/x/crypto v0.36.0 + +require golang.org/x/sys v0.31.0 // indirect diff --git a/hw/application_fpga/tools/b2s/go.sum b/hw/application_fpga/tools/b2s/go.sum new file mode 100644 index 0000000..927b255 --- /dev/null +++ b/hw/application_fpga/tools/b2s/go.sum @@ -0,0 +1,4 @@ +golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= +golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=