Skip to content
/ Bootloader Public

Serial bootloader for LPC2300. Checks boot images for valid ECDSA signatures.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lkamp/Bootloader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

bl-updater

bl-updater

 
 

trezor-crypto

trezor-crypto

 
 

LPC2387.ld

LPC2387.ld

 
 

LPC23xx.h

LPC23xx.h

 
 

README.md

README.md

 
 

Startup.S

Startup.S

 
 

display-data.c

display-data.c

 
 

display.c

display.c

 
 

display.h

display.h

 
 

main.c

main.c

 
 

makefile

makefile

 
 

swi_handler.S

swi_handler.S

 
 

target.c

target.c

 
 

target.h

target.h

 
 

type.h

type.h

 
 

Repository files navigation

Bootloader for LPC2300 microcontrollers

A basic bootloader for LPC2300 devices, written in C. Usercode is received via UART0, checked for a valid ECDSA (Bitcoin) signature, and only booted if the signature is valid for a hard coded public key.

Huge thank you goes to the developers of trezor-crypto. They developed the library used to verify the signatures.

How to interface with the bootloader

The bootloader expects data on the serial interface (UART0). The baud rate is fixed to 115200 baud (see main.c). Data is sent in chunks of 4096 bytes. After a chunk has been processed and written to flash, the bootloader sends 0x11 via the serial port. The application sending the data to the bootloader must not send more than 4096 bytes (plus 16 bytes FIFO) without waiting for the acknowledgement from the device.

Data format

The data that is sent to the bootloader must comply with the following format: ..* First four bytes are the size of the following data, including the ECDSA signature. Byte order is big endian. ..* Next 64 bytes are the ECDSA signature. ..* The following data is read by the bootloader until the previously sent number of bytes is received.

Data is sent using simple hex encoding. So the byte 0x4a is sent as "4a". Upper and lower case characters are supported. The first four bytes sent are the amount of unencoded bytes, not the number of characters sent.

Example:

Your program has 236 bytes. The signature is added at the start, making the program 300 bytes long. You then add 0x0000012c at the beginning of the file. Your file is now 304 bytes in size. The file is now hex encoded, resulting in a text file like this:

0000012c31828a1a9f...

This includes the size of the program (0x12c) and the first five bytes of the signature (31828a1a9f).

Behaviour of the bootloader after reset

The bootloader is accepting data if pin 2.1 is logic high on reset. If so, data is expected in the format described above. If pin 2.1 is logic low, the bootloader tries to start the program in flash. To do so, the signature is checked against the hard coded public key. If the signature is correct, the main code is executed. If the signature does not match, an LED is toggled infinitely.

The display driver

This bootloader comes with a simple display driver. The display communicates via a parallel bus on port 1. On reset, the Bitcoin logo is displayed.

About

Serial bootloader for LPC2300. Checks boot images for valid ECDSA signatures.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages