diff --git a/hw/application_fpga/fw/testloadapp/main.c b/hw/application_fpga/fw/testloadapp/main.c index 66a1786..ce97d28 100644 --- a/hw/application_fpga/fw/testloadapp/main.c +++ b/hw/application_fpga/fw/testloadapp/main.c @@ -20,18 +20,24 @@ int install_app(uint8_t secret_key[64]) uint8_t app_digest[32]; uint8_t app_signature[64]; size_t app_size = sizeof(blink); + int ret = 0; + + ret = syscall(TK1_SYSCALL_PRELOAD_DELETE, 0, 0, 0); + + if (ret != 0) { + puts(IO_CDC, "couldn't delete preloaded app. error: 0x"); + putinthex(IO_CDC, ret); + puts(IO_CDC, "\r\n"); - if (syscall(TK1_SYSCALL_PRELOAD_DELETE, 0, 0, 0) < 0) { - puts(IO_CDC, "couldn't delete preloaded app\r\n"); return -1; } - int err = syscall(TK1_SYSCALL_PRELOAD_STORE, 0, (uint32_t)blink, + ret = syscall(TK1_SYSCALL_PRELOAD_STORE, 0, (uint32_t)blink, sizeof(blink)); - if (err < 0) { - puts(IO_CDC, "couldn't store app, error: "); - putinthex(IO_CDC, err); + if (ret != 0) { + puts(IO_CDC, "couldn't store app, error: 0x"); + putinthex(IO_CDC, ret); puts(IO_CDC, "\r\n"); return -1; @@ -69,9 +75,14 @@ int install_app(uint8_t secret_key[64]) hexdump(IO_CDC, secret_key, 64); puts(IO_CDC, "\r\n"); - if (syscall(TK1_SYSCALL_PRELOAD_STORE_FIN, app_size, - (uint32_t)app_digest, (uint32_t)app_signature) < 0) { - puts(IO_CDC, "couldn't finalize storing app\r\n"); + ret = syscall(TK1_SYSCALL_PRELOAD_STORE_FIN, app_size, + (uint32_t)app_digest, (uint32_t)app_signature); + + if (ret != 0) { + puts(IO_CDC, "couldn't finalize storing app, error:"); + putinthex(IO_CDC, ret); + puts(IO_CDC, "\r\n"); + return -1; } @@ -82,13 +93,22 @@ int verify(uint8_t pubkey[32]) { uint8_t app_digest[32]; uint8_t app_signature[64]; + int ret = 0; // pubkey we already have // read signature // read digest - syscall(TK1_SYSCALL_PRELOAD_GET_DIGSIG, (uint32_t)app_digest, + ret = syscall(TK1_SYSCALL_PRELOAD_GET_DIGSIG, (uint32_t)app_digest, (uint32_t)app_signature, 0); + if (ret != 0) { + puts(IO_CDC, "couldn't get digsig, error:"); + putinthex(IO_CDC, ret); + puts(IO_CDC, "\r\n"); + + return -1; + } + puts(IO_CDC, "app_digest:\r\n"); hexdump(IO_CDC, app_digest, sizeof(app_digest)); puts(IO_CDC, "\r\n"); @@ -105,6 +125,8 @@ int verify(uint8_t pubkey[32]) if (crypto_ed25519_check(app_signature, pubkey, app_digest, sizeof(app_digest)) != 0) { + puts(IO_CDC, "signature check failed\r\n"); + return -1; } @@ -116,6 +138,7 @@ int verify(uint8_t pubkey[32]) memcpy_s(rst.app_digest, sizeof(rst.app_digest), app_digest, sizeof(app_digest)); memset(rst.next_app_data, 0, sizeof(rst.next_app_data)); + syscall(TK1_SYSCALL_RESET, (uint32_t)&rst, 0, 0); return -2; diff --git a/hw/application_fpga/fw/tk1/mgmt_app.c b/hw/application_fpga/fw/tk1/mgmt_app.c index 6b31ab3..40544c9 100644 --- a/hw/application_fpga/fw/tk1/mgmt_app.c +++ b/hw/application_fpga/fw/tk1/mgmt_app.c @@ -12,9 +12,9 @@ // // To update this, compute the BLAKE2s digest of the app.bin static const uint8_t allowed_app_digest[32] = { - 0x5d, 0xf0, 0x37, 0x3a, 0x2c, 0x5a, 0xa, 0x42, 0x95, 0xb5, 0x78, - 0x2e, 0x44, 0xa9, 0x4, 0x8e, 0xb3, 0x71, 0x11, 0x81, 0x48, 0x0, - 0x16, 0xf6, 0x67, 0x1e, 0x6b, 0x61, 0x73, 0xd4, 0x18, 0x49, + 0xb6, 0x86, 0x1b, 0x26, 0xef, 0x69, 0x77, 0x12, 0xed, 0x6c, 0xca, + 0xe8, 0x35, 0xb4, 0x5c, 0x01, 0x07, 0x71, 0xab, 0xce, 0x3f, 0x30, + 0x79, 0xda, 0xe6, 0xf9, 0xee, 0x4b, 0xe2, 0x06, 0x95, 0x33, }; static uint8_t current_app_digest[32]; diff --git a/hw/application_fpga/tools/default_partition.bin b/hw/application_fpga/tools/default_partition.bin index 45dbb18..271bf5c 100644 Binary files a/hw/application_fpga/tools/default_partition.bin and b/hw/application_fpga/tools/default_partition.bin differ