Skip to content

Encrypted improvements #619

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 21 commits into from
May 29, 2025
Merged

Encrypted improvements #619

Changes from 1 commit
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
6a6c18f
Use key share for AES file
will-v-pi Jan 14, 2025
e43e08b
Improve checking for malicious flash data
will-v-pi Jan 14, 2025
55fee2f
Incorporate latest changes to aes.S
will-v-pi Jan 15, 2025
a7291e1
Encorporated latest encryption code with 4-way shares
will-v-pi Jan 20, 2025
b3a23e4
Apply encrypted-example 6de8084b6eda
will-v-pi Jan 20, 2025
2b64157
Add hello_encrypted example
will-v-pi Jan 29, 2025
805e007
Use new `enable_interrupts` function
will-v-pi Feb 24, 2025
d4ed998
Remove update-key.cmake
will-v-pi Feb 24, 2025
e8266aa
Add hello_encrypted to readme
will-v-pi Feb 24, 2025
bba9a5e
Update enc_bootloader with latest aes.S (picotool 333d571c)
will-v-pi Feb 24, 2025
bcce195
Add IV salts
will-v-pi Feb 26, 2025
05557f5
Update with latest aes.S
will-v-pi Feb 26, 2025
ad9842a
Update readmes
will-v-pi Feb 26, 2025
d933765
Add secret file to print out
will-v-pi Feb 26, 2025
522208e
Add notes about unique AES keys, and not losing keys/salts
will-v-pi Feb 26, 2025
c3bc79a
Update readmes
will-v-pi Feb 26, 2025
bde13d6
Fix enc_bootloader example OTP output
will-v-pi Mar 20, 2025
d0379cb
Remove OTP key locking functionality from encrypted examples
will-v-pi Mar 31, 2025
4235e8f
Improve TBYB sequence
will-v-pi Apr 3, 2025
25d5b43
Review fixups
will-v-pi Apr 24, 2025
06295b4
Add MbedTLS self-decrypting example
will-v-pi May 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 23 additions & 4 deletions encrypted/hello_encrypted/hello_encrypted.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,29 @@ int main() {
stdio_init_all();

#if PICO_CRT0_IMAGE_TYPE_TBYB
// If TBYB image, then buy it
uint8_t* buffer = malloc(4096);
rom_explicit_buy(buffer, 4096);
free(buffer);
boot_info_t boot_info = {};
int ret = rom_get_boot_info(&boot_info);
if (ret) {
// BOOT_TBYB_AND_UPDATE_FLAG_BUY_PENDING will always be set, but check anyway
if (boot_info.tbyb_and_update_info & BOOT_TBYB_AND_UPDATE_FLAG_BUY_PENDING) {
// Need to check flash_update_base is set to see if this is a TBYB update
uint32_t flash_update_base = boot_info.reboot_params[0];
if (flash_update_base) {
printf("Perform self-check... ");
if (1 == 1) {
printf("passed\n");
} else {
printf("failed - looping forever\n");
while (true) sleep_ms(1000);
}
}
uint32_t buf_size = flash_update_base ? 4096 : 0;
uint8_t* buffer = flash_update_base ? malloc(buf_size) : NULL;
int ret = rom_explicit_buy(buffer, buf_size);
assert(ret == 0);
if (buffer) free(buffer);
}
}
#endif
extern char secret_data[];

Expand Down