From bd9944453bd58eecff9a7509fe6c618c541197a1 Mon Sep 17 00:00:00 2001 From: Niklas Dusenlund Date: Fri, 9 May 2025 12:12:48 +0200 Subject: [PATCH] ble: fewer version parts --- bitbox-da14531-firmware.o | Bin 25040 -> 25036 bytes src/bootloader/bootloader.c | 2 +- src/factorysetup.c | 4 ++-- src/firmware.c | 6 ------ src/memory/memory_spi.c | 2 ++ src/memory/memory_spi.h | 7 ++----- .../bitbox02-rust/src/hww/api/bluetooth.rs | 2 +- src/rust/bitbox02/src/spi_mem.rs | 8 ++------ 8 files changed, 10 insertions(+), 21 deletions(-) diff --git a/bitbox-da14531-firmware.o b/bitbox-da14531-firmware.o index d7479a1833d23c7305c9f6304e3a51d8b70e5183..b013cfeec7dd34108c0646369561ec0ab938abed 100644 GIT binary patch delta 4158 zcmai14^)#^mVYn*K7xin#u!3~`M!KY5)lCr|J0%ZB!Usde~W-XsC75gIuq+mD;<^W zaoIy#ZN=M8rPSJ%b=7sJgHpD-o~(4Vvvs?+U^`pg-PSlBWII#VV7L1c_(Jx6!0epU zbN1}Zx%s{O-hKDG@80+BdvEX>{pV}+7*AE5f>E18C2kK=duOq=?Ic#nOmSkJF2l|x z5|>#Zai_Dw+$i#&7fPJm*FJ;AOQ-pFkUx*qk8~C329g2goid^P|3&iWUgnZy=)CKj zJG|%eejGZ8cnPlDNSc3L&mU{UVG~qdJUS7_D2Da4{wLtBa0>W49dQ!;#y4IT|aauD(jHNkwP( z{bJT`N@s&fSDJief{JM_)%o-WA~dor*sU|s{m`zn(o21(b)_mQz&EK|=o~1Tvxa^N z2j>*fAY8!z9vGfurSE}SpP3q%cwbcdFRm&LC_IM)^$cK@zL?g)LA_aga)OBB&PZ_k zA&Hxd9(=G};!^tK?8|scFr`0*)U!iyMQ_nM(GaD-p1I(j-b@=Hrq85>AkG!&0w|li zPC;Vu^4x0r*Kl{PF|&W1@UwcuL7m4*zCMyzo+#F{W8*5nI}jd86rDsw2p5LEo`o%L*mG{~!LIzb~6 zTF=P%A10@|4+lcc}C;=(Qih2 zT1obU!9iXv$~t9@FGI4?Ko9q28mB_gnKnXeq19xiPePX|llH<@lStRVeN(peh@|RG z35L;M*8aI9ouH9GLDNk@B+cv~^2K;P%$aUX>@7CMK5GvEjH`R1u{=#y7Kk z*pqIg{|W8swHWlf=|7{RP;V~OE2WfN)$J79N|J~AqzMMPCEf=_LHjQkGgcDf^@kgRL!4?yY0xFl1Skyl_(Gd6#sj@#N$a&FoV!&wohs zV3swLijZ$DRnRCrYt5qT;H1@Kcs!=Y;AIen-B$S+$tModz=9C7meDt$l&_~x!zunt z%ENQQFwKGnTdwxAi88OsU&kK6Yc`Mm^#86mjTpzk)UglXJKIscyj_mYkvN9yN=GtC z9Xk#n+Gz`1!T-15z6iR19T)d2{X2c7-a7UW4lme6L-5UlEn=BU;%;ML*C9&rHAI?- z$HV=Dhk`75h|D zpAbkuJ&@eQ{$X<9B5}|`HK_>wwj+N(IpJlmL`WAs(a16;dpao56e!;4zUaV+MPOBy zkfRvS3cb~G#zGeBhcxFjKj%A=_ExdfaZPuEt-FzA-}<*z62%+JE|sW7O_!r$N4sB%Uil2JW!dQi_k`c;fM8KPgT1s7YENxguoR z!LCBkVK*(Gj0A5Vkhs4%C~^Ed9C4K-6GxlG&4!pGmli{g^Dsu}f^!uO^^H2$(bU;q zi3<=?&65Pz+qmp6L0R^5x;s)N*oonj_vRhAk-gGza$IFg5L1b+{LG)$GF@EbuVtBF zTqKy~P%Bl0D3D}req1iIi3O*>1hy>dOg$14UtCCN0VUlRGsH z*>gaR8_V{h`mvILD(}w7fLqpa2O4s^Qx&lv%~uyva{i*qwj4*Mf_AZmTEM=zh~9@? zi|zDxa1>kq63#EK#6%oj{5dA#zMFYX)bgQP;yyx(AysH3?jI4ONE1jmpkm2QOvT26 zgU%D;{K&?7%@y}sk6QavuCA4S$MM>NI`O%hv@ zC*4o8mX>G-6Fu|2b?iW7Ju60Q2BVy3zMseOuMetl^s6HgTnMDEVQDbI@K%(^9iAJ_ z@?@<~_mTxGe5=`ekXy8hHo@+q9C`%0iq@&GV=xcEaFM9x8!?cVC2lFCuKqJ!Mjh@* z>{IczOa<+$TTQRUiJ;@Rvup7tmLy5+U2xlrpjL|0*cj}R~b^AEyv`-dwCymBn=Tk z=B==&%1Qn3dX-rCyBMY@o9=ADQpc7?b$>&I$NAOlZzELb-BZdwAHOoC;j<|3B@We) z>YP0OYj{{?&>5mnxwH9|J2cpm1F0KL28ci9roswR&dd?TIoWb0tL9UF=yMWkvS&<9YhmI z{*b$oymFtO3F@o!^_wD@e7(5rHQgnFUT&8)}Opg+5rkGL2qi7Q7KgT$ zw9H?kn$n&Ox=qH+%kh1|bYX+-&$mv0a|iO=5A66DDmGc$?#G|3bYW!q{5)S}UM<6g zjNhNdCxoz#)UYR_`+`qjkvJc2r51OB|0%b6>N_7zpkMcU1zL(;^~*N(;^nKwow$G6 zQhs7zFw(ChMzT5)H!Es-29G<%pne5)C~u!_En;h>!jOAm`32%iBgcp@M{w;J(1^d0 zMH?m!XoO-xW=Iyylk!Lj`vg)q8|~JpDpZ7y%p?1n_rkW?b%n(l_(nkP0xxk!#0o?cq7JnfP|IoL1;h$GRcwfri0{Ktt<@w}N?c(z zN^L^@gwUhYsQ58x>+0Lyte3b~k#1uiQ4&f%G~p?N7EB=CLyDlitu~2!EqnTvfGpXT zK3&h8H;tAVl>6jTKUd=J;%sipGcrue7|@>4*?-jWQ?xsOo|HB9^jL|L%Qs8h1;k;z zId#sT7TkuD8b$XApsg=x3*r!pQ=_O}KHDo1m59YTD2>?j>DW}ij6du@nJRHZ3W=-6 zEZ&0VK91OnhjbFsDLm)@9r+YQbPyTE`nO1OxJGdbXD>KnUqJI1@S`aBd&PPBd!%mR(b}oE75<73>7 z3W;kvImR`;ImUgpLE?V@%oumsHpcB%jd7<@F8i;-+}N!!*AxsxO_N|6!*5q2namRR z-L*09r`N|g1i3oy-N-4?@iC{!T?O=#P(7KJacGGI7(pJTF z+d*qP((|c>T4!`@R~`GqA;Yw;WyjXFBcG|C4W03$`)RE(YMD+uTjJQc2|UQ22X>}^ z%p{-hJNLYM?z!ilbMHC#eSCpNF3^Jl)wPSM`g|($k0JK8m)Un8!v?wc%fYs0K6cKP zd3S-#zmYY>N0Gl;DDz6+zI(KC-UR;!^6wzdA}$~hR#v=DkVHKvTw-3!lm8GAnLa?Of< z;*!1@{4DI&+9_QUuI8IKY7C#6w1rY5m<<)~{UcPGQOcc8TTjGBmN87{@fA}l$Sd?v z?(DDoNX8!s>7bn(*biZk!A{=~A2U>N)DE{(R-=NVsf+0qXqj3-&%s;xJO%?(?etBc zrp%OGBfpf?p|0YJR+V>etDm*Q0#g}%09s5|X~PJSq>ZtjwYy|~8v6QAxJ+Yrf?Z7* zdyL&i;%CpmyC$37iN>izezpj%o2=9iaZ@HO0Q)qNI-qRYQq`CY`=_led3|_`M?<)f zr*$sj@_aUK$QO5^lJGDQCY>4TF?ikN^8-m$Ns^zvIIPGG4JJu$qOJ0?=OER*F@Mc4 zl{kWLLKPvWLzTx3>Ei-w*f<>O33a<_wrnBU1$~@DFRm)c!cq6bX>)T?)-aJ&A}4Iw z=x6igh`>1vqE;f*&&J~4EnZ!qEItMGocAcpH5drF4wcgj>F?p`={DLAozq47OE`zm z<8Xa?YED=D%faIRgM_fzVCdWm5C;e`{c0!=5xBO@dF;o~B0HYEutJ)({1!L6s6lK3Hz{3Wq8t7nNl#O_()li9#_=B zJaE}ooa`Foygws{X9(oThGzCLq|W??<^pfeq$1?lD^!UXJZ{gTmC$MTn(rIcV0hDs z%IT=NkK_{UOB$W9!PI7NX3W@4fbtfn3QRBODsqNX28a;6tex2o{w_q^Ku75GEAxC#K zvHyT%r`i5$oQQeolQ&0*5bM!ObBP8=ZoemU04kiK?dGU@CKnO#NF5F?%$u_HhqCM^4Oit@PdkQ5Ig{7nVs?@F@G$4lNh!oob>d%qY*IoS@-Yca zvqh^CQZ+}23ZZBV;kKAeZ0LeKsGZ%OvVTyVN&hdu^n zIVO!V>N@yx4$mQ@kIvK-QgXVBb1XpFu$q_1=ke|NH)b@OZ3AfE7vBfMaKFW5D5yup7T8L)N zE7wPoyfXt0?5Wr?wm7_a-c_CXHB7JTSx!95o3$)0Kr$8v7qK@XyQG+|hlfgX=s|e7 zWU1y7hN~3@N+f+oBZlg%%r6APqK6DZ1C~VuC-|5O_AF|#K!S({VJ-V0(ZnXpGP^Wv z6i0<7_J3j1Vy~K-psCzVBe1Vrqyacx-bDT3Nfj-W{u!QKazf*qjl~=CD^n?h>Pjy< z>gCE!mQP19q4Yif#R0E1=+}}f&wX)hhwfxG+G+CawZ&w;nizBybm6x2j&jnMN5mHI z%+9jju1fYeggqsc3r9Vx>3Hl9LUq*u#xA@1N!kX-t0j!cZ>n$558=eJW||Co@2}}Q z(Cf8j9vv=SP&%))@VA3Hhe#IU9(!e2w?H>fSNP$e_THNpVbb!j`B#acNA+V}r>2A0 zw1=&2=VvsqS@65%)wCCEHKP5P%=Z_Npog^GM?_M`=!gc_bEhZT{nD8dOla$C-mr{e zN+OZ0fkP|ik)!j3fY#wAs*?>^6|F1g*k6icBIj<{zzV7UkE58D9EOvvwgxsgZumJ7?-v%apU0?pW@`oO8$LI#;c{FE5Es|Sol?es zhMb~Lia3K>EFPKpTAbMwf7p{P6s^;uL^c>|E#~&b!yYOwBvs53Q=L-Q<6%djxYnM- z#c*`rQ~gRmcXBC{6U22pA_nK?Pe|=dd_EZT&=zI3N${iEY`O=+wIXeYE44WfycC<- z(b`6|t;rwoy~#z}f}V=DuB~pOJ6X;?89lR!Vrvmw79+x$O>UBoI!oKi*!;02tb0s& z3R8K6hc9F!;{w-0aYQQk~}Z&q5|201TS zwz<)f(}#~zfgW$z}o^`wn+6Z17dew~Sa1eJC6-2;gSYf3S$LVjMbCeO!4 z(Mz;%lA!Cycch*L;@f&2IVbZ$JYJhUy3oTO&A81MM$n5p0wS$IABGeg-p1?LW>3r^t?QCLePhcilTcmLE|s5e1JnJE=_~#mEv57RE@L} z>insj{>J6V{IL|7zoL@)HJG5cqH(22&tR3Eg7_(30s4_QB1LzQD7J?XN^qiR@X7aN z{wU%-L=15k`|d+o4xPlc518;4H{dr>8+_|uK;MF#bzZjzhZ<3p4q?RqeB|dLRLCn+ zeD}+MW9v*Mj_>uTh>8r=|6}Q?_p~Z1O7E#KLi8VK_{%@hK)$EpI~&F|SiWxqPk8cI z)Sy9;?XY$I|JV-VQd2xa`mJajAg8m%g<7e8!l-2Dz#_k6?^7k>RBbtAfW z4e@(-4)I@B$-M6;QGVm{DF1*HH-qsGFCzU#${oIJ>K(oXp(s6#W8OlX{b-24@=}z) zTrKlWN1}YwYf*k+xy*m{c$7cui1J&wD1Qp&vR}uq?oWpJrk){K-6W=ei*wf@Y*v~7 z%Y`Wa#D7P5^~ES3#al@GKq*9;TyEvdSb-8G<%_pfOUSin@G6)@l#@sL(Z%_=Uo;>F soGEvk6uXpAQnDK9UGN14>0KymmZ%FhH9Kh#UTAh|ZUqRDpuO4j{|&~(<^TWy diff --git a/src/bootloader/bootloader.c b/src/bootloader/bootloader.c index ea888dbf9..d3b8c4ccf 100644 --- a/src/bootloader/bootloader.c +++ b/src/bootloader/bootloader.c @@ -956,7 +956,7 @@ static bool _devdevice_enter(secbool_u32 firmware_verified) bool res = memory_spi_get_active_ble_firmware_version(&version); if (res) { char buf[50]; - snprintf(buf, sizeof(buf), "ble fw: %d.%d.%d", version.major, version.minor, version.patch); + snprintf(buf, sizeof(buf), "ble: %d (%s)", version.version, util_dbg_hex(version.hash, 4)); UG_PutString(0, SCREEN_HEIGHT - 18, buf, false); } #endif diff --git a/src/factorysetup.c b/src/factorysetup.c index 778ff75e1..8f61f1ef3 100644 --- a/src/factorysetup.c +++ b/src/factorysetup.c @@ -47,8 +47,8 @@ // We commit to the BLE firmware hash here to avoid accidentally installing an unexpected firmware. static const uint8_t _allowed_ble_fw_hash[32] = - "\x6d\x9e\x19\xe4\x94\x31\x0b\x73\x0b\xfe\x22\x8a\x4d\xdc\x50\x3b\xee\xd1\x5f\xa1\x28\xd2\xea" - "\x35\x44\x6f\xb8\xad\x35\x02\xac\x7a"; + "\x18\xca\x5a\xcb\x3a\x60\x2f\x89\xb2\x65\x25\xdb\xff\x1c\x4f\x07\x60\x3d\x76\x70\xd2\xf5\x4e" + "\x7a\x76\xfb\x1f\x9c\x4b\x29\x66\x4f"; // 65 bytes uncompressed secp256k1 root attestation pubkey. #define ROOT_PUBKEY_SIZE 65 diff --git a/src/firmware.c b/src/firmware.c index 4320d05ea..a16ba717f 100644 --- a/src/firmware.c +++ b/src/firmware.c @@ -43,12 +43,6 @@ int main(void) if (memory_get_platform() == MEMORY_PLATFORM_BITBOX02_PLUS) { da14531_protocol_init(); } - - struct da14531_firmware_version version; - if (memory_spi_get_active_ble_firmware_version(&version)) { - util_log("%d.%d.%d", version.major, version.minor, version.patch); - util_log("hex %s", util_dbg_hex(version.hash, 20)); - } usb_processing_init(); firmware_main_loop(); return 0; diff --git a/src/memory/memory_spi.c b/src/memory/memory_spi.c index ae0a274b1..85ce6be8b 100644 --- a/src/memory/memory_spi.c +++ b/src/memory/memory_spi.c @@ -76,6 +76,8 @@ USE_RESULT bool memory_spi_get_active_ble_firmware_version(struct da14531_firmwa memcpy((uint8_t*)version, firmware, sizeof(struct da14531_firmware_version)); free(firmware); + ASSERT(version->version == 1); + if (version->version == 1) { return true; } diff --git a/src/memory/memory_spi.h b/src/memory/memory_spi.h index f673ac5eb..9ef20c0c0 100644 --- a/src/memory/memory_spi.h +++ b/src/memory/memory_spi.h @@ -53,12 +53,9 @@ USE_RESULT bool memory_spi_get_active_ble_firmware( // This struct is always placed at 0x110 in the firmware struct da14531_firmware_version { - uint8_t version; // The version of the format of this struct. - uint16_t major; - uint16_t minor; - uint16_t patch; + uint8_t metadata_version; // The version of the format of this struct. + uint16_t version; // The version of the firmware uint8_t hash[20]; - uint8_t modified; } __attribute__((packed)); USE_RESULT bool memory_spi_get_active_ble_firmware_version( diff --git a/src/rust/bitbox02-rust/src/hww/api/bluetooth.rs b/src/rust/bitbox02-rust/src/hww/api/bluetooth.rs index fbbe73154..d03f347f7 100644 --- a/src/rust/bitbox02-rust/src/hww/api/bluetooth.rs +++ b/src/rust/bitbox02-rust/src/hww/api/bluetooth.rs @@ -27,7 +27,7 @@ use alloc::vec::Vec; use bitbox02::{memory, spi_mem}; -const ALLOWED_HASH: &[u8; 32] = b"\x6d\x9e\x19\xe4\x94\x31\x0b\x73\x0b\xfe\x22\x8a\x4d\xdc\x50\x3b\xee\xd1\x5f\xa1\x28\xd2\xea\x35\x44\x6f\xb8\xad\x35\x02\xac\x7a"; +const ALLOWED_HASH: &[u8; 32] = b"\x18\xca\x5a\xcb\x3a\x60\x2f\x89\xb2\x65\x25\xdb\xff\x1c\x4f\x07\x60\x3d\x76\x70\xd2\xf5\x4e\x7a\x76\xfb\x1f\x9c\x4b\x29\x66\x4f"; // We want to write FW to the memory chip in erase-size chunks, so that we don't repeatedly need to // read-erase-write the same sector. diff --git a/src/rust/bitbox02/src/spi_mem.rs b/src/rust/bitbox02/src/spi_mem.rs index d6c6a679d..e4ccdb3c8 100644 --- a/src/rust/bitbox02/src/spi_mem.rs +++ b/src/rust/bitbox02/src/spi_mem.rs @@ -35,12 +35,8 @@ pub fn get_active_ble_firmware_version() -> Result { true => { let ble_fw_version = ble_fw_version.assume_init(); // Copy to avoid taking references to unaligned struct fields. - let (major, minor, patch) = ( - ble_fw_version.major, - ble_fw_version.minor, - ble_fw_version.patch, - ); - Ok(format!("{}.{}.{}", major, minor, patch)) + let version = ble_fw_version.version; + Ok(format!("{}", version)) } false => Err(()), }