kopia lustrzana https://github.com/conorpp/u2f-zero
add support for using EFMUB1 bootloader and disabling it. no programmer needed
rodzic
4f0a6eb1e8
commit
8931b3205b
|
@ -38,11 +38,15 @@
|
||||||
#define U2F_MASTER_KEY_SLOT 1
|
#define U2F_MASTER_KEY_SLOT 1
|
||||||
#define U2F_TEMP_KEY_SLOT 2
|
#define U2F_TEMP_KEY_SLOT 2
|
||||||
|
|
||||||
|
// Uncomment these to fit firmware with a bootloader.
|
||||||
#define U2F_SUPPORT_WINK
|
#define U2F_SUPPORT_WINK
|
||||||
#define U2F_SUPPORT_HID_LOCK
|
#define U2F_SUPPORT_HID_LOCK
|
||||||
#define U2F_SUPPORT_RNG_CUSTOM
|
#define U2F_SUPPORT_RNG_CUSTOM
|
||||||
#define U2F_SUPPORT_SEED_CUSTOM
|
#define U2F_SUPPORT_SEED_CUSTOM
|
||||||
|
|
||||||
|
// Uncomment this to make configuration firmware
|
||||||
//#define ATECC_SETUP_DEVICE
|
//#define ATECC_SETUP_DEVICE
|
||||||
|
|
||||||
//#define U2F_PRINT
|
//#define U2F_PRINT
|
||||||
//#define U2F_BLINK_ERRORS
|
//#define U2F_BLINK_ERRORS
|
||||||
|
|
||||||
|
@ -116,6 +120,8 @@ struct APP_DATA
|
||||||
#define U2F_CONFIG_LOAD_TRANS_KEY 0x85
|
#define U2F_CONFIG_LOAD_TRANS_KEY 0x85
|
||||||
#define U2F_CONFIG_LOAD_WRITE_KEY 0x86
|
#define U2F_CONFIG_LOAD_WRITE_KEY 0x86
|
||||||
#define U2F_CONFIG_LOAD_ATTEST_KEY 0x87
|
#define U2F_CONFIG_LOAD_ATTEST_KEY 0x87
|
||||||
|
#define U2F_CONFIG_BOOTLOADER 0x88
|
||||||
|
#define U2F_CONFIG_BOOTLOADER_DESTROY 0x89
|
||||||
|
|
||||||
struct config_msg
|
struct config_msg
|
||||||
{
|
{
|
||||||
|
|
|
@ -39,8 +39,6 @@ uint8_t custom_command(struct u2f_hid_msg * msg)
|
||||||
struct atecc_response res;
|
struct atecc_response res;
|
||||||
uint8_t ec;
|
uint8_t ec;
|
||||||
|
|
||||||
if (msg->cid != U2FHID_BROADCAST) return 0;
|
|
||||||
|
|
||||||
switch(msg->pkt.init.cmd)
|
switch(msg->pkt.init.cmd)
|
||||||
{
|
{
|
||||||
#ifdef U2F_SUPPORT_RNG_CUSTOM
|
#ifdef U2F_SUPPORT_RNG_CUSTOM
|
||||||
|
@ -80,6 +78,29 @@ uint8_t custom_command(struct u2f_hid_msg * msg)
|
||||||
|
|
||||||
break;
|
break;
|
||||||
#endif
|
#endif
|
||||||
|
case U2F_CONFIG_BOOTLOADER:
|
||||||
|
|
||||||
|
atecc_send_recv(ATECC_CMD_READ,
|
||||||
|
ATECC_RW_DATA, ATECC_EEPROM_DATA_SLOT(8), NULL, 0,
|
||||||
|
appdata.tmp, sizeof(appdata.tmp), &res);
|
||||||
|
|
||||||
|
if (res.buf[0] == 0xff)
|
||||||
|
{
|
||||||
|
*((uint8_t SI_SEG_DATA *)0x00) = 0xA5;
|
||||||
|
RSTSRC = RSTSRC_SWRSF__SET | RSTSRC_PORSF__SET;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
break;
|
||||||
|
case U2F_CONFIG_BOOTLOADER_DESTROY:
|
||||||
|
|
||||||
|
memset(appdata.tmp,0,4);
|
||||||
|
|
||||||
|
atecc_send_recv(ATECC_CMD_WRITE,
|
||||||
|
ATECC_RW_DATA, ATECC_EEPROM_DATA_SLOT(8), appdata.tmp, 4,
|
||||||
|
appdata.tmp, sizeof(appdata.tmp), &res);
|
||||||
|
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -143,7 +143,7 @@ int16_t main(void) {
|
||||||
int8_t grad_inc = 0;
|
int8_t grad_inc = 0;
|
||||||
int8_t ii;
|
int8_t ii;
|
||||||
data uint8_t xdata * clear = 0;
|
data uint8_t xdata * clear = 0;
|
||||||
int8_t i;
|
data int8_t i;
|
||||||
|
|
||||||
enter_DefaultMode_from_RESET();
|
enter_DefaultMode_from_RESET();
|
||||||
rgb_hex(0);
|
rgb_hex(0);
|
||||||
|
|
|
@ -64,6 +64,8 @@ class commands:
|
||||||
U2F_CONFIG_LOAD_TRANS_KEY = 0x85
|
U2F_CONFIG_LOAD_TRANS_KEY = 0x85
|
||||||
U2F_CONFIG_LOAD_WRITE_KEY = 0x86
|
U2F_CONFIG_LOAD_WRITE_KEY = 0x86
|
||||||
U2F_CONFIG_LOAD_ATTEST_KEY = 0x87
|
U2F_CONFIG_LOAD_ATTEST_KEY = 0x87
|
||||||
|
U2F_CONFIG_BOOTLOADER = 0x88
|
||||||
|
U2F_CONFIG_BOOTLOADER_DESTROY = 0x89
|
||||||
|
|
||||||
U2F_CUSTOM_RNG = 0x21
|
U2F_CUSTOM_RNG = 0x21
|
||||||
U2F_CUSTOM_SEED = 0x22
|
U2F_CUSTOM_SEED = 0x22
|
||||||
|
@ -82,6 +84,8 @@ if len(sys.argv) not in [2,3,4,5,6]:
|
||||||
print(' wipe: wipe all registered keys on U2F Zero. Must also press button 5 times. Not reversible.')
|
print(' wipe: wipe all registered keys on U2F Zero. Must also press button 5 times. Not reversible.')
|
||||||
print(' list: list all connected U2F Zero tokens.')
|
print(' list: list all connected U2F Zero tokens.')
|
||||||
print(' wink: blink the LED')
|
print(' wink: blink the LED')
|
||||||
|
print(' bootloader: put device in bootloader mode')
|
||||||
|
print(' bootloader-destroy: permanently disable the bootloader')
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
def open_u2f(SN=None):
|
def open_u2f(SN=None):
|
||||||
|
@ -198,10 +202,10 @@ def do_configure(h,pemkey,output):
|
||||||
|
|
||||||
time.sleep(0.250)
|
time.sleep(0.250)
|
||||||
|
|
||||||
h.write([0,commands.U2F_CONFIG_GENKEY])
|
#h.write([0,commands.U2F_CONFIG_GENKEY])
|
||||||
data = read_n_tries(h,5,64,1000)
|
#data = read_n_tries(h,5,64,1000)
|
||||||
data = array.array('B',data).tostring()
|
#data = array.array('B',data).tostring()
|
||||||
pubkey = binascii.hexlify(data)
|
#pubkey = binascii.hexlify(data)
|
||||||
|
|
||||||
wkey = [random.randint(0,255)&0xff for x in range(0,32)]
|
wkey = [random.randint(0,255)&0xff for x in range(0,32)]
|
||||||
rkey = [random.randint(0,255)&0xff for x in range(0,32)]
|
rkey = [random.randint(0,255)&0xff for x in range(0,32)]
|
||||||
|
@ -212,6 +216,7 @@ def do_configure(h,pemkey,output):
|
||||||
|
|
||||||
|
|
||||||
wkey = get_write_mask(''.join([chr(x) for x in wkey]))
|
wkey = get_write_mask(''.join([chr(x) for x in wkey]))
|
||||||
|
print('wkey',wkey)
|
||||||
rkey = get_write_mask(''.join([chr(x) for x in rkey]))
|
rkey = get_write_mask(''.join([chr(x) for x in rkey]))
|
||||||
|
|
||||||
|
|
||||||
|
@ -232,10 +237,26 @@ def do_configure(h,pemkey,output):
|
||||||
|
|
||||||
|
|
||||||
print('writing keys to ', output)
|
print('writing keys to ', output)
|
||||||
print(data)
|
open(output,'w+').write(wkey + '\n' + rkey)
|
||||||
open(output,'w+').write(pubkey +'\n' + wkey + '\n' + rkey)
|
|
||||||
|
print( 'Done. Putting device in bootloader mode.')
|
||||||
|
h.write([0,commands.U2F_CONFIG_BOOTLOADER])
|
||||||
|
data = read_n_tries(h,5,64,1000)
|
||||||
|
if data[1] != 1:
|
||||||
|
die('failed to put device in bootloader mode.')
|
||||||
|
|
||||||
|
def bootloader(h):
|
||||||
|
h.write([0,commands.U2F_CONFIG_BOOTLOADER])
|
||||||
|
h.write([0,0xff,0xff,0xff,0xff,commands.U2F_CONFIG_BOOTLOADER])
|
||||||
|
print('If this device has an enabled bootloader, the LED should be turned off.')
|
||||||
|
|
||||||
|
|
||||||
|
def bootloader_destroy(h):
|
||||||
|
h.write([0,commands.U2F_CONFIG_BOOTLOADER_DESTROY])
|
||||||
|
h.write([0,0xff,0xff,0xff,0xff,commands.U2F_CONFIG_BOOTLOADER_DESTROY])
|
||||||
|
print('Device bootloader mode removed. Please double check by running bootloader command.')
|
||||||
|
|
||||||
|
|
||||||
print( 'Done')
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -335,6 +356,12 @@ if __name__ == '__main__':
|
||||||
elif action == 'wink':
|
elif action == 'wink':
|
||||||
h = open_u2f(SN)
|
h = open_u2f(SN)
|
||||||
do_wink(h)
|
do_wink(h)
|
||||||
|
elif action == 'bootloader':
|
||||||
|
h = open_u2f(SN)
|
||||||
|
bootloader(h)
|
||||||
|
elif action == 'bootloader-destroy':
|
||||||
|
h = open_u2f(SN)
|
||||||
|
bootloader_destroy(h)
|
||||||
else:
|
else:
|
||||||
print( 'error: invalid action: ', action)
|
print( 'error: invalid action: ', action)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
Ładowanie…
Reference in New Issue