mbtronics
diff --git a/‎ports/stm32/Makefile
Lines changed: 22 additions & 2 deletions b/‎ports/stm32/Makefile
Lines changed: 22 additions & 2 deletions
diff --git a/‎ports/stm32/mboot/Makefile
Lines changed: 16 additions & 0 deletions b/‎ports/stm32/mboot/Makefile
Lines changed: 16 additions & 0 deletions
diff --git a/‎ports/stm32/mboot/Particle.h
Lines changed: 10 additions & 0 deletions b/‎ports/stm32/mboot/Particle.h
Lines changed: 10 additions & 0 deletions
diff --git a/‎ports/stm32/mboot/README.md
Lines changed: 28 additions & 0 deletions b/‎ports/stm32/mboot/README.md
Lines changed: 28 additions & 0 deletions
diff --git a/‎ports/stm32/mboot/dfu.h
Lines changed: 9 additions & 1 deletion b/‎ports/stm32/mboot/dfu.h
Lines changed: 9 additions & 1 deletion
diff --git a/‎ports/stm32/mboot/fsload.c
Lines changed: 39 additions & 6 deletions b/‎ports/stm32/mboot/fsload.c
Lines changed: 39 additions & 6 deletions
diff --git a/‎ports/stm32/mboot/fwupdate.py
Lines changed: 4 additions & 3 deletions b/‎ports/stm32/mboot/fwupdate.py
Lines changed: 4 additions & 3 deletions
diff --git a/‎ports/stm32/mboot/gzstream.c
Lines changed: 13 additions & 3 deletions b/‎ports/stm32/mboot/gzstream.c
Lines changed: 13 additions & 3 deletions
diff --git a/‎ports/stm32/mboot/gzstream.h
Lines changed: 2 additions & 1 deletion b/‎ports/stm32/mboot/gzstream.h
Lines changed: 2 additions & 1 deletion
@@ -30,7 +30,7 @@ FROZEN_MANIFEST ?= boards/manifest.py
 # include py core make definitions
 include $(TOP)/py/py.mk
 
-GIT_SUBMODULES = lib/lwip lib/mbedtls lib/mynewt-nimble lib/stm32lib
+GIT_SUBMODULES = lib/libhydrogen lib/lwip lib/mbedtls lib/mynewt-nimble lib/stm32lib
 
 MCU_SERIES_UPPER = $(shell echo $(MCU_SERIES) | tr '[:lower:]' '[:upper:]')
 CMSIS_MCU_LOWER = $(shell echo $(CMSIS_MCU) | tr '[:upper:]' '[:lower:]')
@@ -41,6 +41,7 @@ HAL_DIR=lib/stm32lib/STM32$(MCU_SERIES_UPPER)xx_HAL_Driver
 USBDEV_DIR=usbdev
 #USBHOST_D
8000
IR=usbhost
 DFU=$(TOP)/tools/dfu.py
+MBOOT_PACK_DFU = mboot/mboot_pack_dfu.py
 # may need to prefix dfu-util with sudo
 USE_PYDFU ?= 1
 PYDFU ?= $(TOP)/tools/pydfu.py
@@ -546,7 +547,13 @@ $(PY_BUILD)/formatfloat.o: COPT += -Os
 $(PY_BUILD)/parsenum.o: COPT += -Os
 $(PY_BUILD)/mpprint.o: COPT += -Os
 
-all: $(TOP)/lib/stm32lib/README.md $(BUILD)/firmware.dfu $(BUILD)/firmware.hex
+all: $(TOP)/lib/stm32lib/README.md all_main $(BUILD)/firmware.hex
+
+ifeq ($(MBOOT_ENABLE_PACKING),1)
+all_main: $(BUILD)/firmware.pack.dfu
+else
+all_main: $(BUILD)/firmware.dfu
+endif
 
 # For convenience, automatically fetch required submodules if they don't exist
 $(TOP)/lib/stm32lib/README.md:
@@ -607,15 +614,25 @@ define GENERATE_DFU
 	$(1)
 endef
 
+define GENERATE_PACK_DFU
+	$(ECHO) "GEN $(1)"
+	$(Q)$(PYTHON) $(MBOOT_PACK_DFU) --keys $(MBOOT_PACK_KEYS_FILE) pack-dfu --gzip $(MBOOT_PACK_CHUNKSIZE) $(2) $(1)
+endef
+
 define GENERATE_HEX
 	$(ECHO) "GEN $(1)"
 	$(Q)$(OBJCOPY) -O ihex $(2) $(1)
 endef
 
 .PHONY: deploy deploy-stlink deploy-openocd
 
+ifeq ($(MBOOT_ENABLE_PACKING),1)
+deploy: $(BUILD)/firmware.pack.dfu
+	$(call RUN_DFU,$^)
+else
 deploy: $(BUILD)/firmware.dfu
 	$(call RUN_DFU,$^)
+endif
 
 # A board should specify TEXT0_ADDR if to use a different location than the
 # default for the firmware memory location.  A board can also optionally define
@@ -662,6 +679,9 @@ $(BUILD)/firmware.dfu: $(BUILD)/firmware0.bin $(BUILD)/firmware1.bin
 	$(call GENERATE_DFU,$@,$(word 1,$^),$(TEXT0_ADDR),$(word 2,$^),$(TEXT1_ADDR))
 endif
 
+$(BUILD)/firmware.pack.dfu: $(BUILD)/firmware.dfu $(BOARD_DIR)/mboot_keys.h
+	$(call GENERATE_PACK_DFU,$@,$<)
+
 $(BUILD)/firmware.hex: $(BUILD)/firmware.elf
 	$(call GENERATE_HEX,$@,$^)
 
 
@@ -12,6 +12,12 @@ BOARD_DIR ?= $(abspath ../boards/$(BOARD))
 # that can be built with or without mboot.
 USE_MBOOT ?= 1
 
+# Set MBOOT_ENABLE_PACKING to 1 to enable DFU packing with encryption and signing.
+# Ensure the MBOOT_PACK_xxx values match stm32/Makefile, to build matching application firmware.
+MBOOT_ENABLE_PACKING ?= 0
+MBOOT_PACK_CHUNKSIZE ?= 16384
+MBOOT_PACK_KEYS_FILE ?= $(BOARD_DIR)/mboot_keys.h
+
 # Sanity check that the board configuration directory exists
 ifeq ($(wildcard $(BOARD_DIR)/.),)
 $(error Invalid BOARD specified: $(BOARD_DIR))
@@ -110,6 +116,7 @@ SRC_C = \
 	elem.c \
 	fsload.c \
 	gzstream.c \
+	pack.c \
 	vfs_fat.c \
 	vfs_lfs.c \
 	drivers/bus/softspi.c \
@@ -129,6 +136,15 @@ SRC_O = \
 	$(SYSTEM_FILE) \
 	ports/stm32/resethandler.o \
 
+ifeq ($(MBOOT_ENABLE_PACKING), 1)
+
+SRC_C += lib/libhydrogen/hydrogen.c
+
+CFLAGS += -DMBOOT_ENABLE_PACKING=1 -DPARTICLE -DPLATFORM_ID=3
+CFLAGS += -DMBOOT_PACK_CHUNKSIZE=$(MBOOT_PACK_CHUNKSIZE)
+CFLAGS += -DMBOOT_PACK_KEYS_FILE=\"$(MBOOT_PACK_KEYS_FILE)\"
+endif
+
 $(BUILD)/$(HAL_DIR)/Src/stm32$(MCU_SERIES)xx_ll_usb.o: CFLAGS += -Wno-attributes
 SRC_HAL = $(addprefix $(HAL_DIR)/Src/stm32$(MCU_SERIES)xx_,\
 	hal_cortex.c \
 
@@ -0,0 +1,10 @@
+// Header for libhydrogen use only.  Act like a Particle board for the random
+// implementation.  This code is not actually called when just decrypting and
+// verifying a signature, but a correct implementation is provided anyway.
+
+#include "py/mphal.h"
+#include "rng.h"
+
+static inline uint32_t HAL_RNG_GetRandomNumber(void) {
+    return rng_get();
+}
@@ -155,6 +155,34 @@ firmware.dfu.gz stored on the default FAT filesystem:
 The 0x80000000 value is the address understood by Mboot as the location of
 the external SPI flash, configured via `MBOOT_SPIFLASH_ADDR`.
 
+Signed and encrypted DFU support
+--------------------------------
+
+Mboot optionally supports signing and encrypting the binary firmware in the DFU file.
+In general this is refered to as a packed DFU file.  This requires additional settings
+in the board config and requires the `pyhy` Python module to be installed for `python3`
+to be used when building packed firmware, eg:
+
+    $ pip3 install pyhy
+
+In addition to the changes made to mpconfigboard.mk earlier, for encrypted
+support you also need to add:
+
+    MBOOT_ENABLE_PACKING = 1
+
+You will also need to generate signing and encryption keys which will be built into
+mboot and used for all subsequent installations of firmware.  This can be done via:
+
+    $ python3 ports/stm32/mboot/mboot_pack_dfu.py generate-keys
+
+This command generates a `mboot_keys.h` file which should be stored in the board
+definition folder (next to mpconfigboard.mk).
+
+Once you build the firmware, the `firmware.pack.dfu` file will contain the encrypted
+and signed firmware, and can be deployed via USB DFU, or by copying it to the device's
+internal filesystem (if `MBOOT_FSLOAD` is enabled). `firmware.dfu` is still unencrypted
+and can be directly flashed with jtag etc.
+
 Example: Mboot on PYBv1.x
 -------------------------
 
 
@@ -39,6 +39,14 @@
 #define MBOOT_ERROR_STR_INVALID_ADDRESS_IDX 0x11
 #define MBOOT_ERROR_STR_INVALID_ADDRESS "Address out of range"
 
+#if MBOOT_ENABLE_PACKING
+#define MBOOT_ERROR_STR_INVALID_SIG_IDX 0x12
+#define MBOOT_ERROR_STR_INVALID_SIG "Invalid signature in file"
+
+#define MBOOT_ERROR_STR_INVALID_READ_IDX 0x13
+#define MBOOT_ERROR_STR_INVALID_READ "Read support disabled on encrypted bootloader"
+#endif
+
 // DFU class requests
 enum {
     DFU_DETACH = 0,
@@ -104,6 +112,6 @@ typedef struct _dfu_state_t {
     uint8_t buf[DFU_XFER_SIZE] __attribute__((aligned(4)));
 } dfu_context_t;
 
-static dfu_context_t dfu_context SECTION_NOZERO_BSS;
+extern dfu_context_t dfu_context;
 
 #endif // MICROPY_INCLUDED_STM32_MBOOT_DFU_H
@@ -28,6 +28,7 @@
 
 #include "py/mphal.h"
 #include "mboot.h"
+#include "pack.h"
 #include "vfs.h"
 
 #if MBOOT_FSLOAD
@@ -36,13 +37,43 @@
 #error Must enable at least one VFS component
 #endif
 
+#if MBOOT_ENABLE_PACKING
+// Packed DFU files are gzip'd internally, not on the outside, so reads of the file
+// just read the file directly.
+
+static void *input_stream_data;
+static stream_read_t input_stream_read_meth;
+
+static inline int input_stream_init(void *stream_data, stream_read_t stream_read) {
+    input_stream_data = stream_data;
+    input_stream_read_meth = stream_read;
+    return 0;
+}
+
+static inline int input_stream_read(size_t len, uint8_t *buf) {
+    return input_stream_read_meth(input_stream_data, buf, len);
+}
+
+#else
+// Standard (non-packed) DFU files must be gzip'd externally / on the outside, so
+// reads of the file go through gz_stream.
+
+static inline int input_stream_init(void *stream_data, stream_read_t stream_read) {
+    return gz_stream_init_from_stream(stream_data, stream_read);
+}
+
+static inline int input_stream_read(size_t len, uint8_t *buf) {
+    return gz_stream_read(len, buf);
+}
+#endif
+
 static int fsload_program_file(bool write_to_flash) {
     // Parse DFU
     uint8_t buf[512];
     size_t file_offset;
 
     // Read file header, <5sBIB
-    int res = gz_stream_read(11, buf);
+    int res = input_stream_read(11, buf);
     if (res != 11) {
         return -1;
     }
@@ -62,7 +93,7 @@ static int fsload_program_file(bool write_to_flash) {
     uint32_t total_size = get_le32(buf + 6);
 
     // Read target header, <6sBi255sII
-    res = gz_stream_read(274, buf);
+    res = input_stream_read(274, buf);
     if (res != 274) {
         return -1;
     }
@@ -82,7 +113,7 @@ static int fsload_program_file(bool write_to_flash) {
     // Parse each element
     for (size_t elem = 0; elem < num_elems; ++elem) {
         // Read element header, <II
-        res = gz_stream_read(8, buf);
+        res = input_stream_read(8, buf);
         if (res != 8) {
             return -1;
         }
@@ -92,6 +123,7 @@ static int fsload_program_file(bool write_to_flash) {
         uint32_t elem_addr = get_le32(buf);
         uint32_t elem_size = get_le32(buf + 4);
 
+        #if !MBOOT_ENABLE_PACKING
         // Erase flash before writing
         if (write_to_flash) {
             uint32_t addr = elem_addr;
@@ -102,14 +134,15 @@ static int fsload_program_file(bool write_to_flash) {
                 }
             }
         }
+        #endif
 
         // Read element data and possibly write to flash
         for (uint32_t s = elem_size; s;) {
             uint32_t l = s;
             if (l > sizeof(buf)) {
                 l = sizeof(buf);
             }
-            res = gz_stream_read(l, buf);
+            res = input_stream_read(l, buf);
             if (res != l) {
                 return -1;
             }
@@ -135,7 +168,7 @@ static int fsload_program_file(bool write_to_flash) {
     }
 
     // Read trailing info
-    res = gz_stream_read(16, buf);
+    res = input_stream_read(16, buf);
     if (res != 16) {
         return -1;
     }
@@ -151,7 +184,7 @@ static int fsload_validate_and_program_file(void *stream, const stream_methods_t
         led_state_all(pass == 0 ? 2 : 4);
         int res = meth->open(stream, fname);
         if (res == 0) {
-            res = gz_stream_init(stream, meth->read);
+            res = input_stream_init(stream, meth->read);
             if (res == 0) {
                 res = fsload_program_file(pass == 0 ? false : true);
             }
 
@@ -157,14 +157,15 @@ def update_mboot(filename):
 
 
 def update_mpy(filename, fs_base, fs_len, fs_type=VFS_FAT):
-    # Check firmware is of .dfu.gz type
+    # Check firmware is of .dfu or .dfu.gz type
     try:
         with open(filename, "rb") as f:
             hdr = uzlib.DecompIO(f, 16 + 15).read(6)
     except Exception:
-        hdr = None
+        with open(filename, "rb") as f:
+            hdr = f.read(6)
     if hdr != b"DfuSe\x01":
-        print("Firmware must be a .dfu.gz file.")
+        print("Firmware must be a .dfu(.gz) file.")
         return
 
     ELEM_TYPE_END = 1
 
@@ -31,7 +31,7 @@
 #include "gzstream.h"
 #include "mboot.h"
 
-#if MBOOT_FSLOAD
+#if MBOOT_FSLOAD || MBOOT_ENABLE_PACKING
 
 #define DICT_SIZE (1 << 15)
 
@@ -61,7 +61,17 @@ static int gz_stream_read_src(TINF_DATA *tinf) {
     return gz_stream.buf[0];
 }
 
-int gz_stream_init(void *stream_data, stream_read_t stream_read) {
+int gz_stream_init_from_raw_data(const uint8_t *data, size_t len) {
+    memset(&gz_stream.tinf, 0, sizeof(gz_stream.tinf));
+    gz_stream.tinf.source = data;
+    gz_stream.tinf.source_limit = data + len;
+
+    uzlib_uncompress_init(&gz_stream.tinf, gz_stream.dict, DICT_SIZE);
+
+    return 0;
+}
+
+int gz_stream_init_from_stream(void *stream_data, stream_read_t stream_read) {
     gz_stream.stream_data = stream_data;
     gz_stream.stream_read = stream_read;
 
@@ -97,4 +107,4 @@ int gz_stream_read(size_t len, uint8_t *buf) {
     return gz_stream.tinf.dest - buf;
 }
 
-#endif // MBOOT_FSLOAD
+#endif // MBOOT_FSLOAD || MBOOT_ENABLE_PACKING
@@ -39,7 +39,8 @@ typedef struct _stream_methods_t {
     stream_read_t read;
 } stream_methods_t;
 
-int gz_stream_init(void *stream_data, stream_read_t stream_read);
+int gz_stream_init_from_raw_data(const uint8_t *data, size_t len);
+int gz_stream_init_from_stream(void *stream_data, stream_read_t stream_read);
 int gz_stream_read(size_t len, uint8_t *buf);
 
 #endif // MICROPY_INCLUDED_STM32_MBOOT_GZSTREAM_H