diff --git a/hw/application_fpga/Makefile b/hw/application_fpga/Makefile
index 5f54c38..6e9558e 100644
--- a/hw/application_fpga/Makefile
+++ b/hw/application_fpga/Makefile
@@ -63,7 +63,8 @@ CFLAGS = \
-flto \
-g \
-I $(LIBDIR)/include \
- -I $(LIBDIR)
+ -I $(LIBDIR) \
+ -I $(LIBDIR)/blake2s
AS = clang
@@ -124,7 +125,6 @@ FIRMWARE_OBJS = \
$(P)/fw/tk1/main.o \
$(P)/fw/tk1/start.o \
$(P)/fw/tk1/proto.o \
- $(P)/fw/tk1/blake2s/blake2s.o \
$(P)/fw/tk1/syscall_enable.o \
$(P)/fw/tk1/syscall_handler.o \
$(P)/fw/tk1/spi.o \
@@ -184,7 +184,7 @@ secret:
LDFLAGS = \
-T $(P)/fw/tk1/firmware.lds \
-Wl,--cref,-M \
- -L $(LIBDIR) -lcommon
+ -L $(LIBDIR) -lcommon -lblake2s
# Common libraries the firmware and testfw depend on. See
# https://github.com/tillitis/tkey-libs/
diff --git a/hw/application_fpga/fw/tk1/blake2s/LICENSE b/hw/application_fpga/fw/tk1/blake2s/LICENSE
deleted file mode 100644
index 670154e..0000000
--- a/hw/application_fpga/fw/tk1/blake2s/LICENSE
+++ /dev/null
@@ -1,116 +0,0 @@
-CC0 1.0 Universal
-
-Statement of Purpose
-
-The laws of most jurisdictions throughout the world automatically confer
-exclusive Copyright and Related Rights (defined below) upon the creator and
-subsequent owner(s) (each and all, an "owner") of an original work of
-authorship and/or a database (each, a "Work").
-
-Certain owners wish to permanently relinquish those rights to a Work for the
-purpose of contributing to a commons of creative, cultural and scientific
-works ("Commons") that the public can reliably and without fear of later
-claims of infringement build upon, modify, incorporate in other works, reuse
-and redistribute as freely as possible in any form whatsoever and for any
-purposes, including without limitation commercial purposes. These owners may
-contribute to the Commons to promote the ideal of a free culture and the
-further production of creative, cultural and scientific works, or to gain
-reputation or greater distribution for their Work in part through the use and
-efforts of others.
-
-For these and/or other purposes and motivations, and without any expectation
-of additional consideration or compensation, the person associating CC0 with a
-Work (the "Affirmer"), to the extent that he or she is an owner of Copyright
-and Related Rights in the Work, voluntarily elects to apply CC0 to the Work
-and publicly distribute the Work under its terms, with knowledge of his or her
-Copyright and Related Rights in the Work and the meaning and intended legal
-effect of CC0 on those rights.
-
-1. Copyright and Related Rights. A Work made available under CC0 may be
-protected by copyright and related or neighboring rights ("Copyright and
-Related Rights"). Copyright and Related Rights include, but are not limited
-to, the following:
-
- i. the right to reproduce, adapt, distribute, perform, display, communicate,
- and translate a Work;
-
- ii. moral rights retained by the original author(s) and/or performer(s);
-
- iii. publicity and privacy rights pertaining to a person's image or likeness
- depicted in a Work;
-
- iv. rights protecting against unfair competition in regards to a Work,
- subject to the limitations in paragraph 4(a), below;
-
- v. rights protecting the extraction, dissemination, use and reuse of data in
- a Work;
-
- vi. database rights (such as those arising under Directive 96/9/EC of the
- European Parliament and of the Council of 11 March 1996 on the legal
- protection of databases, and under any national implementation thereof,
- including any amended or successor version of such directive); and
-
- vii. other similar, equivalent or corresponding rights throughout the world
- based on applicable law or treaty, and any national implementations thereof.
-
-2. Waiver. To the greatest extent permitted by, but not in contravention of,
-applicable law, Affirmer hereby overtly, fully, permanently, irrevocably and
-unconditionally waives, abandons, and surrenders all of Affirmer's Copyright
-and Related Rights and associated claims and causes of action, whether now
-known or unknown (including existing as well as future claims and causes of
-action), in the Work (i) in all territories worldwide, (ii) for the maximum
-duration provided by applicable law or treaty (including future time
-extensions), (iii) in any current or future medium and for any number of
-copies, and (iv) for any purpose whatsoever, including without limitation
-commercial, advertising or promotional purposes (the "Waiver"). Affirmer makes
-the Waiver for the benefit of each member of the public at large and to the
-detriment of Affirmer's heirs and successors, fully intending that such Waiver
-shall not be subject to revocation, rescission, cancellation, termination, or
-any other legal or equitable action to disrupt the quiet enjoyment of the Work
-by the public as contemplated by Affirmer's express Statement of Purpose.
-
-3. Public License Fallback. Should any part of the Waiver for any reason be
-judged legally invalid or ineffective under applicable law, then the Waiver
-shall be preserved to the maximum extent permitted taking into account
-Affirmer's express Statement of Purpose. In addition, to the extent the Waiver
-is so judged Affirmer hereby grants to each affected person a royalty-free,
-non transferable, non sublicensable, non exclusive, irrevocable and
-unconditional license to exercise Affirmer's Copyright and Related Rights in
-the Work (i) in all territories worldwide, (ii) for the maximum duration
-provided by applicable law or treaty (including future time extensions), (iii)
-in any current or future medium and for any number of copies, and (iv) for any
-purpose whatsoever, including without limitation commercial, advertising or
-promotional purposes (the "License"). The License shall be deemed effective as
-of the date CC0 was applied by Affirmer to the Work. Should any part of the
-License for any reason be judged legally invalid or ineffective under
-applicable law, such partial invalidity or ineffectiveness shall not
-invalidate the remainder of the License, and in such case Affirmer hereby
-affirms that he or she will not (i) exercise any of his or her remaining
-Copyright and Related Rights in the Work or (ii) assert any associated claims
-and causes of action with respect to the Work, in either case contrary to
-Affirmer's express Statement of Purpose.
-
-4. Limitations and Disclaimers.
-
- a. No trademark or patent rights held by Affirmer are waived, abandoned,
- surrendered, licensed or otherwise affected by this document.
-
- b. Affirmer offers the Work as-is and makes no representations or warranties
- of any kind concerning the Work, express, implied, statutory or otherwise,
- including without limitation warranties of title, merchantability, fitness
- for a particular purpose, non infringement, or the absence of latent or
- other defects, accuracy, or the present or absence of errors, whether or not
- discoverable, all to the greatest extent permissible under applicable law.
-
- c. Affirmer disclaims responsibility for clearing rights of other persons
- that may apply to the Work or any use thereof, including without limitation
- any person's Copyright and Related Rights in the Work. Further, Affirmer
- disclaims responsibility for obtaining any necessary consents, permissions
- or other rights required for any use of the Work.
-
- d. Affirmer understands and acknowledges that Creative Commons is not a
- party to this document and has no duty or obligation with respect to this
- CC0 or use of the Work.
-
-For more information, please see
-
diff --git a/hw/application_fpga/fw/tk1/blake2s/README.md b/hw/application_fpga/fw/tk1/blake2s/README.md
deleted file mode 100644
index 9d255ff..0000000
--- a/hw/application_fpga/fw/tk1/blake2s/README.md
+++ /dev/null
@@ -1,11 +0,0 @@
-# blake2s
-
-A Blake2s implementation taken from Joachim Strömbergson's
-
-https://github.com/secworks/blake2s
-
-Specifically from
-
-https://github.com/secworks/blake2s/tree/master/src/model
-
-Minor local changes for build purposes.
diff --git a/hw/application_fpga/fw/tk1/blake2s/blake2s.c b/hw/application_fpga/fw/tk1/blake2s/blake2s.c
deleted file mode 100644
index d78d46a..0000000
--- a/hw/application_fpga/fw/tk1/blake2s/blake2s.c
+++ /dev/null
@@ -1,351 +0,0 @@
-//======================================================================
-//
-// blake2s.c
-// ---------
-//
-// A simple blake2s Reference Implementation.
-//======================================================================
-
-#include
-
-#include "blake2s.h"
-
-// Dummy printf() for verbose mode
-static void printf(const char *format, ...)
-{
-}
-
-#define VERBOSE 0
-#define SHOW_V 0
-#define SHOW_M_WORDS 0
-
-
-// Cyclic right rotation.
-#ifndef ROTR32
-#define ROTR32(x, y) (((x) >> (y)) ^ ((x) << (32 - (y))))
-#endif
-
-
-// Little-endian byte access.
-#define B2S_GET32(p) \
- (((uint32_t) ((uint8_t *) (p))[0]) ^ \
- (((uint32_t) ((uint8_t *) (p))[1]) << 8) ^ \
- (((uint32_t) ((uint8_t *) (p))[2]) << 16) ^ \
- (((uint32_t) ((uint8_t *) (p))[3]) << 24))
-
-
-// Initialization Vector.
-static const uint32_t blake2s_iv[8] = {
- 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
- 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
-};
-
-
-//------------------------------------------------------------------
-//------------------------------------------------------------------
-void print_v(uint32_t *v) {
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", v[0], v[1], v[2], v[3]);
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", v[4], v[5], v[6], v[7]);
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", v[8], v[9], v[10], v[11]);
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x\n", v[12], v[13], v[14], v[15]);
- printf("\n");
-}
-
-
-//------------------------------------------------------------------
-// print_ctx()
-// Print the contents of the context data structure.
-//------------------------------------------------------------------
-void print_ctx(blake2s_ctx *ctx) {
- printf("Chained state (h):\n");
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x, ",
- ctx->h[0], ctx->h[1], ctx->h[2], ctx->h[3]);
- printf("0x%08x, 0x%08x, 0x%08x, 0x%08x",
- ctx->h[4], ctx->h[5], ctx->h[6], ctx->h[7]);
- printf("\n");
-
- printf("Byte counter (t):\n");
- printf("0x%08x, 0x%08x", ctx->t[0], ctx->t[1]);
- printf("\n");
-
- printf("\n");
-}
-
-
-//------------------------------------------------------------------
-// B2S_G macro redefined as a G function.
-// Allows us to output intermediate values for debugging.
-//------------------------------------------------------------------
-void G(uint32_t *v, uint32_t a, uint32_t b, uint32_t c, uint32_t d, uint32_t x, uint32_t y) {
- if (VERBOSE) {
- printf("G started.\n");
- }
-
- if (SHOW_V) {
- printf("v before processing:\n");
- print_v(&v[0]);
- }
-
- if (SHOW_M_WORDS) {
- printf("x: 0x%08x, y: 0x%08x\n", x, y);
- }
-
- v[a] = v[a] + v[b] + x;
- v[d] = ROTR32(v[d] ^ v[a], 16);
- v[c] = v[c] + v[d];
- v[b] = ROTR32(v[b] ^ v[c], 12);
- v[a] = v[a] + v[b] + y;
- v[d] = ROTR32(v[d] ^ v[a], 8);
- v[c] = v[c] + v[d];
- v[b] = ROTR32(v[b] ^ v[c], 7);
-
- if (SHOW_V) {
- printf("v after processing:\n");
- print_v(&v[0]);
- }
-
- if (VERBOSE) {
- printf("G completed.\n\n");
- }
-}
-
-
-//------------------------------------------------------------------
-// Compression function. "last" flag indicates last block.
-//------------------------------------------------------------------
-static void blake2s_compress(blake2s_ctx *ctx, int last)
-{
- const uint8_t sigma[10][16] = {
- {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
- {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
- {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
- {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
- {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
- {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
- {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
- {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
- {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
- {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0}
- };
-
- int i;
- uint32_t v[16], m[16];
-
- if (VERBOSE) {
- printf("blake2s_compress started.\n");
- }
-
- // init work variables
- for (i = 0; i < 8; i++) {
- v[i] = ctx->h[i];
- v[i + 8] = blake2s_iv[i];
- }
-
- // low 32 bits of offset
- // high 32 bits
- if (VERBOSE) {
- printf("t[0]: 0x%08x, t[1]: 0x%08x\n", ctx->t[0], ctx->t[1]);
- }
- v[12] ^= ctx->t[0];
- v[13] ^= ctx->t[1];
-
- // last block flag set ?
- if (last) {
- v[14] = ~v[14];
- }
-
- // get little-endian words
- for (i = 0; i < 16; i++) {
- m[i] = B2S_GET32(&ctx->b[4 * i]);
- }
-
- if (VERBOSE) {
- printf("v before G processing:\n");
- print_v(&v[0]);
- }
-
- // Ten rounds of the G function applied on rows, diagonal.
- for (i = 0; i < 10; i++) {
- if (VERBOSE) {
- printf("Round %02d:\n", (i + 1));
- printf("Row processing started.\n");
- }
-
- G(&v[0], 0, 4, 8, 12, m[sigma[i][ 0]], m[sigma[i][ 1]]);
- G(&v[0], 1, 5, 9, 13, m[sigma[i][ 2]], m[sigma[i][ 3]]);
- G(&v[0], 2, 6, 10, 14, m[sigma[i][ 4]], m[sigma[i][ 5]]);
- G(&v[0], 3, 7, 11, 15, m[sigma[i][ 6]], m[sigma[i][ 7]]);
-
- if (VERBOSE) {
- printf("Row processing completed.\n");
- printf("Diagonal processing started.\n");
- }
-
- G(&v[0], 0, 5, 10, 15, m[sigma[i][ 8]], m[sigma[i][ 9]]);
- G(&v[0], 1, 6, 11, 12, m[sigma[i][10]], m[sigma[i][11]]);
- G(&v[0], 2, 7, 8, 13, m[sigma[i][12]], m[sigma[i][13]]);
- G(&v[0], 3, 4, 9, 14, m[sigma[i][14]], m[sigma[i][15]]);
-
- if (VERBOSE) {
- printf("Diagonal processing completed.\n");
- printf("\n");
- }
- }
-
- if (VERBOSE) {
- printf("v after G processing:\n");
- print_v(&v[0]);
- }
-
- // Update the hash state.
- for (i = 0; i < 8; ++i) {
- ctx->h[i] ^= v[i] ^ v[i + 8];
- }
-
- if (VERBOSE) {
- printf("blake2s_compress completed.\n");
- }
-}
-
-
-//------------------------------------------------------------------
-// Initialize the hashing context "ctx" with optional key "key".
-// 1 <= outlen <= 32 gives the digest size in bytes.
-// Secret key (also <= 32 bytes) is optional (keylen = 0).
-//------------------------------------------------------------------
-int blake2s_init(blake2s_ctx *ctx, size_t outlen,
- const void *key, size_t keylen) // (keylen=0: no key)
-{
- size_t i;
-
- if (VERBOSE) {
- printf("blake2s_init started.\n");
- printf("Context before blake2s_init processing:\n");
- print_ctx(ctx);
- }
-
- if (outlen == 0 || outlen > 32 || keylen > 32)
- return -1; // illegal parameters
-
- for (i = 0; i < 8; i++) // state, "param block"
- ctx->h[i] = blake2s_iv[i];
- ctx->h[0] ^= 0x01010000 ^ (keylen << 8) ^ outlen;
-
- ctx->t[0] = 0; // input count low word
- ctx->t[1] = 0; // input count high word
- ctx->c = 0; // pointer within buffer
- ctx->outlen = outlen;
-
- for (i = keylen; i < 64; i++) // zero input block
- ctx->b[i] = 0;
- if (keylen > 0) {
- blake2s_update(ctx, key, keylen);
- ctx->c = 64; // at the end
- }
-
- if (VERBOSE) {
- printf("Context after blake2s_init processing:\n");
- print_ctx(ctx);
- printf("blake2s_init completed.\n");
- }
-
- return 0;
-}
-
-
-//------------------------------------------------------------------
-// Add "inlen" bytes from "in" into the hash.
-//------------------------------------------------------------------
-void blake2s_update(blake2s_ctx *ctx,
- const void *in, size_t inlen) // data bytes
-{
- size_t i;
-
- if (VERBOSE) {
- printf("blake2s_update started.\n");
- printf("Context before blake2s_update processing:\n");
- print_ctx(ctx);
- }
-
- for (i = 0; i < inlen; i++) {
- if (ctx->c == 64) { // buffer full ?
- ctx->t[0] += ctx->c; // add counters
- if (ctx->t[0] < ctx->c) // carry overflow ?
- ctx->t[1]++; // high word
- blake2s_compress(ctx, 0); // compress (not last)
- ctx->c = 0; // counter to zero
- }
- ctx->b[ctx->c++] = ((const uint8_t *) in)[i];
- }
-
- if (VERBOSE) {
- printf("Context after blake2s_update processing:\n");
- print_ctx(ctx);
- printf("blake2s_update completed.\n");
- }
-}
-
-
-//------------------------------------------------------------------
-// Generate the message digest (size given in init).
-// Result placed in "out".
-//------------------------------------------------------------------
-void blake2s_final(blake2s_ctx *ctx, void *out)
-{
- size_t i;
-
- if (VERBOSE) {
- printf("blake2s_final started.\n");
- printf("Context before blake2s_final processing:\n");
- print_ctx(ctx);
- }
-
- ctx->t[0] += ctx->c; // mark last block offset
-
- // carry overflow
- // high word
- if (ctx->t[0] < ctx->c) {
- ctx->t[1]++;
- }
-
- // fill up with zeros
- // final block flag = 1
- while (ctx->c < 64) {
- ctx->b[ctx->c++] = 0;
- }
- blake2s_compress(ctx, 1);
-
- // little endian convert and store
- for (i = 0; i < ctx->outlen; i++) {
- ((uint8_t *) out)[i] =
- (ctx->h[i >> 2] >> (8 * (i & 3))) & 0xFF;
- }
-
- if (VERBOSE) {
- printf("Context after blake2s_final processing:\n");
- print_ctx(ctx);
- printf("blake2s_final completed.\n");
- }
-}
-
-
-//------------------------------------------------------------------
-// Convenience function for all-in-one computation.
-//------------------------------------------------------------------
-int blake2s(void *out, size_t outlen,
- const void *key, size_t keylen,
- const void *in, size_t inlen,
- blake2s_ctx *ctx)
-{
- if (blake2s_init(ctx, outlen, key, keylen))
- return -1;
-
- blake2s_update(ctx, in, inlen);
-
- blake2s_final(ctx, out);
-
- return 0;
-}
-
-//======================================================================
-//======================================================================
diff --git a/hw/application_fpga/fw/tk1/blake2s/blake2s.h b/hw/application_fpga/fw/tk1/blake2s/blake2s.h
deleted file mode 100644
index d8ed8ea..0000000
--- a/hw/application_fpga/fw/tk1/blake2s/blake2s.h
+++ /dev/null
@@ -1,40 +0,0 @@
-// blake2s.h
-// BLAKE2s Hashing Context and API Prototypes
-
-#ifndef BLAKE2S_H
-#define BLAKE2S_H
-
-#include
-#include
-
-// state context
-typedef struct {
- uint8_t b[64]; // input buffer
- uint32_t h[8]; // chained state
- uint32_t t[2]; // total number of bytes
- size_t c; // pointer for b[]
- size_t outlen; // digest size
-} blake2s_ctx;
-
-// Initialize the hashing context "ctx" with optional key "key".
-// 1 <= outlen <= 32 gives the digest size in bytes.
-// Secret key (also <= 32 bytes) is optional (keylen = 0).
-int blake2s_init(blake2s_ctx *ctx, size_t outlen,
- const void *key, size_t keylen); // secret key
-
-// Add "inlen" bytes from "in" into the hash.
-void blake2s_update(blake2s_ctx *ctx, // context
- const void *in, size_t inlen); // data to be hashed
-
-// Generate the message digest (size given in init).
-// Result placed in "out".
-void blake2s_final(blake2s_ctx *ctx, void *out);
-
-// All-in-one convenience function.
-int blake2s(void *out, size_t outlen, // return buffer for digest
- const void *key, size_t keylen, // optional secret key
- const void *in, size_t inlen, // data to be hashed
- blake2s_ctx *ctx);
-
-#endif
-
diff --git a/hw/application_fpga/fw/tk1/main.c b/hw/application_fpga/fw/tk1/main.c
index ac7a658..302a0cc 100644
--- a/hw/application_fpga/fw/tk1/main.c
+++ b/hw/application_fpga/fw/tk1/main.c
@@ -11,8 +11,8 @@
#include
#include
#include
+#include
-#include "blake2s/blake2s.h"
#include "partition_table.h"
#include "preload_app.h"
#include "proto.h"
@@ -435,10 +435,8 @@ static void scramble_ram(void)
/* Computes the blake2s digest of the app loaded into RAM */
static int compute_app_digest(uint8_t *digest)
{
- blake2s_ctx b2s_ctx = {0};
-
return blake2s(digest, 32, NULL, 0, (const void *)TK1_RAM_BASE,
- *app_size, &b2s_ctx);
+ *app_size);
}
static enum state start_where(struct context *ctx)
diff --git a/hw/application_fpga/fw/tk1/mgmt_app.c b/hw/application_fpga/fw/tk1/mgmt_app.c
index b444d8a..ee0db1e 100644
--- a/hw/application_fpga/fw/tk1/mgmt_app.c
+++ b/hw/application_fpga/fw/tk1/mgmt_app.c
@@ -4,6 +4,7 @@
#include
#include
#include
+#include
#include "mgmt_app.h"
diff --git a/hw/application_fpga/fw/tk1/partition_table.c b/hw/application_fpga/fw/tk1/partition_table.c
index c18436b..1ddec77 100644
--- a/hw/application_fpga/fw/tk1/partition_table.c
+++ b/hw/application_fpga/fw/tk1/partition_table.c
@@ -17,7 +17,6 @@ enum part_status part_get_status(void) {
}
void part_digest(struct partition_table *part_table, uint8_t *out_digest, size_t out_len) {
- blake2s_ctx b2s_ctx = {0};
int blake2err = 0;
uint8_t key[16] = {
@@ -25,7 +24,7 @@ void part_digest(struct partition_table *part_table, uint8_t *out_digest, size_t
0, 0, 0, 0, 0, 0, 0, 0,
};
blake2err = blake2s(out_digest, out_len,
- key, sizeof(key), part_table, sizeof(struct partition_table), &b2s_ctx);
+ key, sizeof(key), part_table, sizeof(struct partition_table));
assert(blake2err == 0);
}