From d63761d0161194eb98615cdfc7f3686211198887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Tue, 24 Aug 2021 22:19:12 +0200 Subject: [PATCH 1/5] Add sha 256 library and adapt license sections in documentation --- GPLv2.md | 361 +++++++++++++++++ LICENSE.md | 367 +----------------- .../code/safety/safety-controller.rst | 3 - doc/source/license.rst | 28 ++ .../ram-code/3rd-party/sha256/LICENSE.md | 46 +++ .../ram-code/3rd-party/sha256/README.md | 134 +++++++ .../ram-code/3rd-party/sha256/sha-256.c | 226 +++++++++++ .../ram-code/3rd-party/sha256/sha-256.h | 103 +++++ 8 files changed, 906 insertions(+), 362 deletions(-) create mode 100644 GPLv2.md create mode 100644 stm-firmware/updater/ram-code/3rd-party/sha256/LICENSE.md create mode 100644 stm-firmware/updater/ram-code/3rd-party/sha256/README.md create mode 100644 stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.c create mode 100644 stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.h diff --git a/GPLv2.md b/GPLv2.md new file mode 100644 index 0000000..28fbeca --- /dev/null +++ b/GPLv2.md @@ -0,0 +1,361 @@ +### GNU GENERAL PUBLIC LICENSE + +Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +### Preamble + +The licenses for most software are designed to take away your freedom +to share and change it. By contrast, the GNU General Public License is +intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + +When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + +To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if +you distribute copies of the software, or if you modify it. + +For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + +We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + +Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, +we want its recipients to know that what they have is not the +original, so that any problems introduced by others will not reflect +on the original authors' reputations. + +Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at +all. + +The precise terms and conditions for copying, distribution and +modification follow. + +### TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + +**0.** This License applies to any program or other work which +contains a notice placed by the copyright holder saying it may be +distributed under the terms of this General Public License. The +"Program", below, refers to any such program or work, and a "work +based on the Program" means either the Program or any derivative work +under copyright law: that is to say, a work containing the Program or +a portion of it, either verbatim or with modifications and/or +translated into another language. (Hereinafter, translation is +included without limitation in the term "modification".) Each licensee +is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the Program +(independent of having been made by running the Program). Whether that +is true depends on what the Program does. + +**1.** You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a +fee. + +**2.** You may modify your copy or copies of the Program or any +portion of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + +**a)** You must cause the modified files to carry prominent notices +stating that you changed the files and the date of any change. + + +**b)** You must cause any work that you distribute or publish, that in +whole or in part contains or is derived from the Program or any part +thereof, to be licensed as a whole at no charge to all third parties +under the terms of this License. + + +**c)** If the modified program normally reads commands interactively +when run, you must cause it, when started running for such interactive +use in the most ordinary way, to print or display an announcement +including an appropriate copyright notice and a notice that there is +no warranty (or else, saying that you provide a warranty) and that +users may redistribute the program under these conditions, and telling +the user how to view a copy of this License. (Exception: if the +Program itself is interactive but does not normally print such an +announcement, your work based on the Program is not required to print +an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + +**3.** You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + +**a)** Accompany it with the complete corresponding machine-readable +source code, which must be distributed under the terms of Sections 1 +and 2 above on a medium customarily used for software interchange; or, + + +**b)** Accompany it with a written offer, valid for at least three +years, to give any third party, for a charge no more than your cost of +physically performing source distribution, a complete machine-readable +copy of the corresponding source code, to be distributed under the +terms of Sections 1 and 2 above on a medium customarily used for +software interchange; or, + + +**c)** Accompany it with the information you received as to the offer +to distribute corresponding source code. (This alternative is allowed +only for noncommercial distribution and only if you received the +program in object code or executable form with such an offer, in +accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + +**4.** You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt otherwise +to copy, modify, sublicense or distribute the Program is void, and +will automatically terminate your rights under this License. However, +parties who have received copies, or rights, from you under this +License will not have their licenses terminated so long as such +parties remain in full compliance. + +**5.** You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + +**6.** Each time you redistribute the Program (or any work based on +the Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + +**7.** If, as a consequence of a court judgment or allegation of +patent infringement or for any other reason (not limited to patent +issues), conditions are imposed on you (whether by court order, +agreement or otherwise) that contradict the conditions of this +License, they do not excuse you from the conditions of this License. +If you cannot distribute so as to satisfy simultaneously your +obligations under this License and any other pertinent obligations, +then as a consequence you may not distribute the Program at all. For +example, if a patent license would not permit royalty-free +redistribution of the Program by all those who receive copies directly +or indirectly through you, then the only way you could satisfy both it +and this License would be to refrain entirely from distribution of the +Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + +**8.** If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + +**9.** The Free Software Foundation may publish revised and/or new +versions of the General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Program does not specify a +version number of this License, you may choose any version ever +published by the Free Software Foundation. + +**10.** If you wish to incorporate parts of the Program into other +free programs whose distribution conditions are different, write to +the author to ask for permission. For software which is copyrighted by +the Free Software Foundation, write to the Free Software Foundation; +we sometimes make exceptions for this. Our decision will be guided by +the two goals of preserving the free status of all derivatives of our +free software and of promoting the sharing and reuse of software +generally. + +**NO WARRANTY** + +**11.** BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + +**12.** IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + +### END OF TERMS AND CONDITIONS + +### How to Apply These Terms to Your New Programs + +If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these +terms. + +To do so, attach the following notices to the program. It is safest to +attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + one line to give the program's name and an idea of what it does. + Copyright (C) yyyy name of author + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +Also add information on how to contact you by electronic and paper +mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details + type `show w'. This is free software, and you are welcome + to redistribute it under certain conditions; type `show c' + for details. + +The hypothetical commands \`show w' and \`show c' should show the +appropriate parts of the General Public License. Of course, the +commands you use may be called something other than \`show w' and +\`show c'; they could even be mouse-clicks or menu items--whatever +suits your program. + +You should also get your employer (if you work as a programmer) or +your school, if any, to sign a "copyright disclaimer" for the program, +if necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright + interest in the program `Gnomovision' + (which makes passes at compilers) written + by James Hacker. + + signature of Ty Coon, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, +you may consider it more useful to permit linking proprietary +applications with the library. If this is what you want to do, use the +[GNU Lesser General Public +License](https://www.gnu.org/licenses/lgpl.html) instead of this +License. diff --git a/LICENSE.md b/LICENSE.md index 28fbeca..6f3fe33 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,361 +1,10 @@ -### GNU GENERAL PUBLIC LICENSE +# License of the Relow Oven Control Firmware -Version 2, June 1991 +This software is licsensed according to the GPLv2. See GPLv2.md for details. +However, this software includes various third party libraries for which different licenses apply: - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - -### Preamble - -The licenses for most software are designed to take away your freedom -to share and change it. By contrast, the GNU General Public License is -intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - -When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - -To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if -you distribute copies of the software, or if you modify it. - -For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - -We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - -Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, -we want its recipients to know that what they have is not the -original, so that any problems introduced by others will not reflect -on the original authors' reputations. - -Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at -all. - -The precise terms and conditions for copying, distribution and -modification follow. - -### TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - -**0.** This License applies to any program or other work which -contains a notice placed by the copyright holder saying it may be -distributed under the terms of this General Public License. The -"Program", below, refers to any such program or work, and a "work -based on the Program" means either the Program or any derivative work -under copyright law: that is to say, a work containing the Program or -a portion of it, either verbatim or with modifications and/or -translated into another language. (Hereinafter, translation is -included without limitation in the term "modification".) Each licensee -is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the Program -(independent of having been made by running the Program). Whether that -is true depends on what the Program does. - -**1.** You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a -fee. - -**2.** You may modify your copy or copies of the Program or any -portion of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - -**a)** You must cause the modified files to carry prominent notices -stating that you changed the files and the date of any change. - - -**b)** You must cause any work that you distribute or publish, that in -whole or in part contains or is derived from the Program or any part -thereof, to be licensed as a whole at no charge to all third parties -under the terms of this License. - - -**c)** If the modified program normally reads commands interactively -when run, you must cause it, when started running for such interactive -use in the most ordinary way, to print or display an announcement -including an appropriate copyright notice and a notice that there is -no warranty (or else, saying that you provide a warranty) and that -users may redistribute the program under these conditions, and telling -the user how to view a copy of this License. (Exception: if the -Program itself is interactive but does not normally print such an -announcement, your work based on the Program is not required to print -an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote -it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - -**3.** You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - -**a)** Accompany it with the complete corresponding machine-readable -source code, which must be distributed under the terms of Sections 1 -and 2 above on a medium customarily used for software interchange; or, - - -**b)** Accompany it with a written offer, valid for at least three -years, to give any third party, for a charge no more than your cost of -physically performing source distribution, a complete machine-readable -copy of the corresponding source code, to be distributed under the -terms of Sections 1 and 2 above on a medium customarily used for -software interchange; or, - - -**c)** Accompany it with the information you received as to the offer -to distribute corresponding source code. (This alternative is allowed -only for noncommercial distribution and only if you received the -program in object code or executable form with such an offer, in -accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - -**4.** You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt otherwise -to copy, modify, sublicense or distribute the Program is void, and -will automatically terminate your rights under this License. However, -parties who have received copies, or rights, from you under this -License will not have their licenses terminated so long as such -parties remain in full compliance. - -**5.** You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - -**6.** Each time you redistribute the Program (or any work based on -the Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - -**7.** If, as a consequence of a court judgment or allegation of -patent infringement or for any other reason (not limited to patent -issues), conditions are imposed on you (whether by court order, -agreement or otherwise) that contradict the conditions of this -License, they do not excuse you from the conditions of this License. -If you cannot distribute so as to satisfy simultaneously your -obligations under this License and any other pertinent obligations, -then as a consequence you may not distribute the Program at all. For -example, if a patent license would not permit royalty-free -redistribution of the Program by all those who receive copies directly -or indirectly through you, then the only way you could satisfy both it -and this License would be to refrain entirely from distribution of the -Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - -**8.** If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - -**9.** The Free Software Foundation may publish revised and/or new -versions of the General Public License from time to time. Such new -versions will be similar in spirit to the present version, but may -differ in detail to address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and -"any later version", you have the option of following the terms and -conditions either of that version or of any later version published by -the Free Software Foundation. If the Program does not specify a -version number of this License, you may choose any version ever -published by the Free Software Foundation. - -**10.** If you wish to incorporate parts of the Program into other -free programs whose distribution conditions are different, write to -the author to ask for permission. For software which is copyrighted by -the Free Software Foundation, write to the Free Software Foundation; -we sometimes make exceptions for this. Our decision will be guided by -the two goals of preserving the free status of all derivatives of our -free software and of promoting the sharing and reuse of software -generally. - -**NO WARRANTY** - -**11.** BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO -WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. -EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR -OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY -KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE -PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME -THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - -**12.** IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY -AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU -FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR -CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE -PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING -RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A -FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF -SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH -DAMAGES. - -### END OF TERMS AND CONDITIONS - -### How to Apply These Terms to Your New Programs - -If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these -terms. - -To do so, attach the following notices to the program. It is safest to -attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - one line to give the program's name and an idea of what it does. - Copyright (C) yyyy name of author - - This program is free software; you can redistribute it and/or - modify it under the terms of the GNU General Public License - as published by the Free Software Foundation; either version 2 - of the License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -Also add information on how to contact you by electronic and paper -mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details - type `show w'. This is free software, and you are welcome - to redistribute it under certain conditions; type `show c' - for details. - -The hypothetical commands \`show w' and \`show c' should show the -appropriate parts of the General Public License. Of course, the -commands you use may be called something other than \`show w' and -\`show c'; they could even be mouse-clicks or menu items--whatever -suits your program. - -You should also get your employer (if you work as a programmer) or -your school, if any, to sign a "copyright disclaimer" for the program, -if necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright - interest in the program `Gnomovision' - (which makes passes at compilers) written - by James Hacker. - - signature of Ty Coon, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, -you may consider it more useful to permit linking proprietary -applications with the library. If this is what you want to do, use the -[GNU Lesser General Public -License](https://www.gnu.org/licenses/lgpl.html) instead of this -License. +- Shellmatta Shell implementation by Stefan Strobel: Licensed under ``Mozilla Public License Version 2.0`` +- CMSIS by ARM Limited , licensed under ``Apache License Version 2.0, January 2004`` +- STM Header Files etc. by ST Microelectronics icensed under a custom license. See the sphinx documentation (section License) for details. +- FatFs: Custom License (See source files of FatFS) +- SHA256 Library licensed under the ``Unilicense`` diff --git a/doc/source/firmware/code/safety/safety-controller.rst b/doc/source/firmware/code/safety/safety-controller.rst index b529db3..df48fae 100644 --- a/doc/source/firmware/code/safety/safety-controller.rst +++ b/doc/source/firmware/code/safety/safety-controller.rst @@ -9,6 +9,3 @@ Safety Controller safety-adc -.. doxygengroup:: safety-controller - :project: Reflow Controller Firmware - diff --git a/doc/source/license.rst b/doc/source/license.rst index 1cd4df0..22b692a 100644 --- a/doc/source/license.rst +++ b/doc/source/license.rst @@ -9,8 +9,36 @@ The firmware includes following third-party software libraries: - ``shellmatta`` by ``Stefan Strobel`` , licensed under ``Mozilla Public License Version 2.0`` - ``CMSIS`` by ``ARM Limited`` , licensed under ``Apache License Version 2.0, January 2004`` - ``STM Header files and startup code`` by ``ST Microelectronics``, licensed under a `custom license `_ +- ``SHA-256 Library`` by ``Alain Mosnier`` , licensed under ``Zero Clause BSD License`` or the ``Unlicense`` +- ``FatFS`` Library by ``ChaN`` licensed under a `custom license `_ +FatFS License +------------- + +FatFs has being developped as a personal project of the author, ChaN. It is free from the code anyone else wrote at current release. Following code block shows a copy of the FatFs license document that heading the source files.:: + + /*----------------------------------------------------------------------------/ + / FatFs - Generic FAT Filesystem Module Rx.xx / + /-----------------------------------------------------------------------------/ + / + / Copyright (C) 20xx, ChaN, all right reserved. + / + / FatFs module is an open source software. Redistribution and use of FatFs in + / source and binary forms, with or without modification, are permitted provided + / that the following condition is met: + / + / 1. Redistributions of source code must retain the above copyright notice, + / this condition and the following disclaimer. + / + / This software is provided by the copyright holder and contributors "AS IS" + / and any warranties related to this software are DISCLAIMED. + / The copyright owner or contributors be NOT LIABLE for any damages caused + / by use of this software. + /----------------------------------------------------------------------------*/ + +Therefore FatFs license is one of the BSD-style licenses, but there is a significant feature. FatFs is mainly intended for embedded systems. In order to extend the usability for commercial products, the redistributions of FatFs in binary form, such as embedded code, binary library and any forms without source code, do not need to include about FatFs in the documentations. This is equivalent to the 1-clause BSD license. Of course FatFs is compatible with the most of open source software licenses include GNU GPL. When you redistribute the FatFs source code with changes or create a fork, the license can also be changed to GNU GPL, BSD-style license or any open source software license that not conflict with FatFs license. + ST License for Used Header Files -------------------------------- diff --git a/stm-firmware/updater/ram-code/3rd-party/sha256/LICENSE.md b/stm-firmware/updater/ram-code/3rd-party/sha256/LICENSE.md new file mode 100644 index 0000000..cfa0d4e --- /dev/null +++ b/stm-firmware/updater/ram-code/3rd-party/sha256/LICENSE.md @@ -0,0 +1,46 @@ +# Licensing Information + +Except as otherwise noted (below and/or in individual files), this project is +licensed under the [Unlicense](#the-unlicense) +(https://opensource.org/licenses/unlicense) or the [Zero Clause BSD +license](#zero-clause-bsd-license) (https://opensource.org/licenses/0bsd), at +your option. + +## The Unlicense + +This is free and unencumbered software released into the public domain. + +Anyone is free to copy, modify, publish, use, compile, sell, or distribute this +software, either in source code form or as a compiled binary, for any purpose, +commercial or non-commercial, and by any means. + +In jurisdictions that recognize copyright laws, the author or authors of this +software dedicate any and all copyright interest in the software to the public +domain. We make this dedication for the benefit of the public at large and to +the detriment of our heirs and successors. We intend this dedication to be an +overt act of relinquishment in perpetuity of all present and future rights to +this software under copyright law. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN +ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +For more information, please refer to + +## Zero Clause BSD License + +© 2021 Alain Mosnier + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH +REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND +FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, +INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR +OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +PERFORMANCE OF THIS SOFTWARE. diff --git a/stm-firmware/updater/ram-code/3rd-party/sha256/README.md b/stm-firmware/updater/ram-code/3rd-party/sha256/README.md new file mode 100644 index 0000000..3314c8f --- /dev/null +++ b/stm-firmware/updater/ram-code/3rd-party/sha256/README.md @@ -0,0 +1,134 @@ +# sha-2 [![Build Status](https://travis-ci.com/amosnier/sha-2.svg?branch=master)](https://travis-ci.com/amosnier/sha-2) + +## Disclaimer +The SHA256 implementation used in thsi project is taken from https://github.com/amosnier/sha-2. Check the appropriate license file. + +## Contents + +SHA-2 algorithm implementations. + +At the moment, only SHA-256 is implemented. + +## NEW: streaming API + +In response to [an enhancement +request](https://github.com/amosnier/sha-2/issues/9), a new streaming +API has been created. + +The following code is a silly but complete example: + +```C +struct Sha_256 sha_256; +uint8_t hash[32]; +sha_256_init(&sha_256, hash); +sha_256_write(&sha_256, "ab", strlen("ab")); +sha_256_write(&sha_256, "c", strlen("c")); +sha_256_close(&sha_256); +``` + +That is the equivalent of the (of course still supported) legacy way: + +```C +uint8_t hash[32]; +calc_sha_256(hash, "abc", strlen("abc")); +``` + +See [header file](https://github.com/amosnier/sha-2/blob/master/sha-256.h) +for more information. + +Since the streaming API is a generalization of the non-streaming one, +the latter has been ported to the former, without measurable performance +impact. However, [a legacy +branch](https://github.com/amosnier/sha-2/tree/legacy) has been created +in order to make the legacy implementation easily available. If you can +measure a significant difference between the two, please post an issue. + +## Design criteria + +- Easy to test, include in any project, compile and link. + +- ANSI C with as little specific C99 as possible (e.g. extended + integer types are used, but not bool). + +- Portable. Makes no assumptions on the target system's endianess or + word size. + +- The SHA-256 implementation is a straightforward implementation of + the algorithm specified on + [Wikipedia](https://en.wikipedia.org/wiki/SHA-2). + +## Notes + +The Makefile is as minimal as possible. No effort was put into making +it general. Its purpose is mainly to ease testing for the developer's +host machine. The actual implementation is however extremely easy to +include in any project, may it use GNU make or any other build tool. + +## Code review + +This code has been reviewed at [Stack Exchange CODE +REVIEW](https://codereview.stackexchange.com/questions/182812/self-contained-sha-256-implementation-in-c), +and the implementation has been improved accordingly. + +## Testing + +Testing is continuously performed on Travis CI (see above). + +Apart from that, the implementation has been successfully tested on an x86-64 machine +under Linux as well as on a 16-bit DSP. On the x86-64 machine, all the +available NIST test vectors where successfully tested ([SHA-256 +examples](https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA256.pdf) +and [SHA-2 Additional +examples](https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA2_Additional.pdf), +plus a few others). + +In particular: + +``` +Input Message: "abc" +Message Digest is BA7816BF 8F01CFEA 414140DE 5DAE2223 B00361A3 96177A9C B410FF61 F20015AD +``` + +``` +Input Message: "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +Message Digest is 248D6A61 D20638B8 E5C02693 0C3E6039 A33CE459 64FF2167 F6ECEDD4 19DB06C1 +``` + +``` +SHA-256 Test Data +#1) 1 byte 0xbd +68325720 aabd7c82 f30f554b 313d0570 c95accbb 7dc4b5aa e11204c0 8ffe732b +#2) 4 bytes 0xc98c8e55 +7abc22c0 ae5af26c e93dbb94 433a0e0b 2e119d01 4f8e7f65 bd56c61c cccd9504 +#3) 55 bytes of zeros +02779466 cdec1638 11d07881 5c633f21 90141308 1449002f 24aa3e80 f0b88ef7 +#4) 56 bytes of zeros +d4817aa5 497628e7 c77e6b60 6107042b bba31308 88c5f47a 375e6179 be789fbb +#5) 57 bytes of zeros +65a16cb7 861335d5 ace3c607 18b5052e 44660726 da4cd13b b745381b 235a1785 +#6) 64 bytes of zeros +f5a5fd42 d16a2030 2798ef6e d309979b 43003d23 20d9f0e8 ea9831a9 2759fb4b +#7) 1000 bytes of zeros +541b3e9d aa09b20b f85fa273 e5cbd3e8 0185aa4e c298e765 db87742b 70138a53 +#8) 1000 bytes of 0x41 ‘A’ +c2e68682 3489ced2 017f6059 b8b23931 8b6364f6 dcd835d0 a519105a 1eadd6e4 +#9) 1005 bytes of 0x55 ‘U’ +f4d62dde c0f3dd90 ea1380fa 16a5ff8d c4c54b21 740650f2 4afc4120 903552b0 +#10) 1000000 bytes of zeros +d29751f2 649b32ff 572b5e0a 9f541ea6 60a50f94 ff0beedf b0b692b9 24cc8025 +#11) 0x20000000 (536870912) bytes of 0x5a ‘Z’ +15a1868c 12cc5395 1e182344 277447cd 0979536b adcc512a d24c67e9 b2d4f3dd +#12) 0x41000000 (1090519040) bytes of zeros +461c19a9 3bd4344f 9215f5ec 64357090 342bc66b 15a14831 7d276e31 cbc20b53 +#13) 0x6000003e (1610612798) bytes of 0x42 ‘B’ +c23ce8a7 895f4b21 ec0daf37 920ac0a2 62a22004 5a03eb2d fed48ef9 b05aabea +``` + +## License + +This repository is made available under a permissive license. See +[LICENSE FILE](LICENSE.md). + +## Reference implementation + +I had missed that when I made this implementation but [RFC 6234, chapter 8](https://tools.ietf.org/html/rfc6234#section-8) actually includes a reference implementation in C that is (at least in ambition) broader in scope than this one. I have however neither compiled nor tested it. diff --git a/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.c b/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.c new file mode 100644 index 0000000..cabe8f0 --- /dev/null +++ b/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.c @@ -0,0 +1,226 @@ +#include "sha-256.h" + +#define TOTAL_LEN_LEN 8 + +/* + * ABOUT bool: this file does not use bool in order to be as pre-C99 compatible as possible. + */ + +/* + * Comments from pseudo-code at https://en.wikipedia.org/wiki/SHA-2 are reproduced here. + * When useful for clarification, portions of the pseudo-code are reproduced here too. + */ + +/* + * @brief Rotate a 32-bit value by a number of bits to the right. + * @param value The value to be rotated. + * @param count The number of bits to rotate by. + * @return The rotated value. + */ +static inline uint32_t right_rot(uint32_t value, unsigned int count) +{ + /* + * Defined behaviour in standard C for all count where 0 < count < 32, which is what we need here. + */ + return value >> count | value << (32 - count); +} + +/* + * @brief Update a hash value under calculation with a new chunk of data. + * @param h Pointer to the first hash item, of a total of eight. + * @param p Pointer to the chunk data, which has a standard length. + * + * @note This is the SHA-256 work horse. + */ +static inline void consume_chunk(uint32_t *h, const uint8_t *p) +{ + unsigned i, j; + uint32_t ah[8]; + + /* Initialize working variables to current hash value: */ + for (i = 0; i < 8; i++) + ah[i] = h[i]; + + /* + * The w-array is really w[64], but since we only need 16 of them at a time, we save stack by + * calculating 16 at a time. + * + * This optimization was not there initially and the rest of the comments about w[64] are kept in their + * initial state. + */ + + /* + * create a 64-entry message schedule array w[0..63] of 32-bit words (The initial values in w[0..63] + * don't matter, so many implementations zero them here) copy chunk into first 16 words w[0..15] of the + * message schedule array + */ + uint32_t w[16]; + + /* Compression function main loop: */ + for (i = 0; i < 4; i++) { + for (j = 0; j < 16; j++) { + if (i == 0) { + w[j] = + (uint32_t)p[0] << 24 | (uint32_t)p[1] << 16 | (uint32_t)p[2] << 8 | (uint32_t)p[3]; + p += 4; + } else { + /* Extend the first 16 words into the remaining 48 words w[16..63] of the + * message schedule array: */ + const uint32_t s0 = right_rot(w[(j + 1) & 0xf], 7) ^ right_rot(w[(j + 1) & 0xf], 18) ^ + (w[(j + 1) & 0xf] >> 3); + const uint32_t s1 = right_rot(w[(j + 14) & 0xf], 17) ^ + right_rot(w[(j + 14) & 0xf], 19) ^ (w[(j + 14) & 0xf] >> 10); + w[j] = w[j] + s0 + w[(j + 9) & 0xf] + s1; + } + const uint32_t s1 = right_rot(ah[4], 6) ^ right_rot(ah[4], 11) ^ right_rot(ah[4], 25); + const uint32_t ch = (ah[4] & ah[5]) ^ (~ah[4] & ah[6]); + + /* + * Initialize array of round constants: + * (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311): + */ + static const uint32_t k[] = { + 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, + 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, + 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, + 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, + 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, + 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, + 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, + 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, + 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, + 0xc67178f2}; + + const uint32_t temp1 = ah[7] + s1 + ch + k[i << 4 | j] + w[j]; + const uint32_t s0 = right_rot(ah[0], 2) ^ right_rot(ah[0], 13) ^ right_rot(ah[0], 22); + const uint32_t maj = (ah[0] & ah[1]) ^ (ah[0] & ah[2]) ^ (ah[1] & ah[2]); + const uint32_t temp2 = s0 + maj; + + ah[7] = ah[6]; + ah[6] = ah[5]; + ah[5] = ah[4]; + ah[4] = ah[3] + temp1; + ah[3] = ah[2]; + ah[2] = ah[1]; + ah[1] = ah[0]; + ah[0] = temp1 + temp2; + } + } + + /* Add the compressed chunk to the current hash value: */ + for (i = 0; i < 8; i++) + h[i] += ah[i]; +} + +/* + * Public functions. See header file for documentation. + */ + +void sha_256_init(struct Sha_256 *sha_256, uint8_t hash[SIZE_OF_SHA_256_HASH]) +{ + sha_256->hash = hash; + sha_256->chunk_pos = sha_256->chunk; + sha_256->space_left = SIZE_OF_SHA_256_CHUNK; + sha_256->total_len = 0; + /* + * Initialize hash values (first 32 bits of the fractional parts of the square roots of the first 8 primes + * 2..19): + */ + sha_256->h[0] = 0x6a09e667; + sha_256->h[1] = 0xbb67ae85; + sha_256->h[2] = 0x3c6ef372; + sha_256->h[3] = 0xa54ff53a; + sha_256->h[4] = 0x510e527f; + sha_256->h[5] = 0x9b05688c; + sha_256->h[6] = 0x1f83d9ab; + sha_256->h[7] = 0x5be0cd19; +} + +void sha_256_write(struct Sha_256 *sha_256, const void *data, size_t len) +{ + sha_256->total_len += len; + + const uint8_t *p = data; + + while (len > 0) { + /* + * If the input chunks have sizes that are multiples of the calculation chunk size, no copies are + * necessary. We operate directly on the input data instead. + */ + if (sha_256->space_left == SIZE_OF_SHA_256_CHUNK && len >= SIZE_OF_SHA_256_CHUNK) { + consume_chunk(sha_256->h, p); + len -= SIZE_OF_SHA_256_CHUNK; + p += SIZE_OF_SHA_256_CHUNK; + continue; + } + /* General case, no particular optimization. */ + const size_t consumed_len = len < sha_256->space_left ? len : sha_256->space_left; + memcpy(sha_256->chunk_pos, p, consumed_len); + sha_256->space_left -= consumed_len; + len -= consumed_len; + p += consumed_len; + if (sha_256->space_left == 0) { + consume_chunk(sha_256->h, sha_256->chunk); + sha_256->chunk_pos = sha_256->chunk; + sha_256->space_left = SIZE_OF_SHA_256_CHUNK; + } else { + sha_256->chunk_pos += consumed_len; + } + } +} + +uint8_t *sha_256_close(struct Sha_256 *sha_256) +{ + uint8_t *pos = sha_256->chunk_pos; + size_t space_left = sha_256->space_left; + uint32_t *const h = sha_256->h; + + /* + * The current chunk cannot be full. Otherwise, it would already have be consumed. I.e. there is space left for + * at least one byte. The next step in the calculation is to add a single one-bit to the data. + */ + *pos++ = 0x80; + --space_left; + + /* + * Now, the last step is to add the total data length at the end of the last chunk, and zero padding before + * that. But we do not necessarily have enough space left. If not, we pad the current chunk with zeroes, and add + * an extra chunk at the end. + */ + if (space_left < TOTAL_LEN_LEN) { + memset(pos, 0x00, space_left); + consume_chunk(h, sha_256->chunk); + pos = sha_256->chunk; + space_left = SIZE_OF_SHA_256_CHUNK; + } + const size_t left = space_left - TOTAL_LEN_LEN; + memset(pos, 0x00, left); + pos += left; + size_t len = sha_256->total_len; + pos[7] = (uint8_t)(len << 3); + len >>= 5; + int i; + for (i = 6; i >= 0; --i) { + pos[i] = (uint8_t)len; + len >>= 8; + } + consume_chunk(h, sha_256->chunk); + /* Produce the final hash value (big-endian): */ + int j; + uint8_t *const hash = sha_256->hash; + for (i = 0, j = 0; i < 8; i++) { + hash[j++] = (uint8_t)(h[i] >> 24); + hash[j++] = (uint8_t)(h[i] >> 16); + hash[j++] = (uint8_t)(h[i] >> 8); + hash[j++] = (uint8_t)h[i]; + } + return sha_256->hash; +} + +void calc_sha_256(uint8_t hash[SIZE_OF_SHA_256_HASH], const void *input, size_t len) +{ + struct Sha_256 sha_256; + sha_256_init(&sha_256, hash); + sha_256_write(&sha_256, input, len); + (void)sha_256_close(&sha_256); +} diff --git a/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.h b/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.h new file mode 100644 index 0000000..6ba59bf --- /dev/null +++ b/stm-firmware/updater/ram-code/3rd-party/sha256/sha-256.h @@ -0,0 +1,103 @@ +#ifndef SHA_256_H +#define SHA_256_H + +#include +#include + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * @brief Size of the SHA-256 sum. This times eight is 256 bits. + */ +#define SIZE_OF_SHA_256_HASH 32 + +/* + * @brief Size of the chunks used for the calculations. + * + * @note This should mostly be ignored by the user, although when using the streaming API, it has an impact for + * performance. Add chunks whose size is a multiple of this, and you will avoid a lot of superfluous copying in RAM! + */ +#define SIZE_OF_SHA_256_CHUNK 64 + +/* + * @brief The opaque SHA-256 type, that should be instantiated when using the streaming API. + * + * @note Although the details are exposed here, in order to make instantiation easy, you should refrain from directly + * accessing the fields, as they may change in the future. + */ +struct Sha_256 { + uint8_t *hash; + uint8_t chunk[SIZE_OF_SHA_256_CHUNK]; + uint8_t *chunk_pos; + size_t space_left; + size_t total_len; + uint32_t h[8]; +}; + +/* + * @brief The simple SHA-256 calculation function. + * @param hash Hash array, where the result is delivered. + * @param input Pointer to the data the hash shall be calculated on. + * @param len Length of the input data, in byte. + * + * @note If all of the data you are calculating the hash value on is available in a contiguous buffer in memory, this is + * the function you should use. + * + * @note If either of the passed pointers is NULL, the results are unpredictable. + */ +void calc_sha_256(uint8_t hash[SIZE_OF_SHA_256_HASH], const void *input, size_t len); + +/* + * @brief Initialize a SHA-256 streaming calculation. + * @param sha_256 A pointer to a SHA-256 structure. + * @param hash Hash array, where the result will be delivered. + * + * @note If all of the data you are calculating the hash value on is not available in a contiguous buffer in memory, this is + * where you should start. Instantiate a SHA-256 structure, for instance by simply declaring it locally, make your hash + * buffer available, and invoke this function. Once a SHA-256 hash has been calculated (see further below) a SHA-256 + * structure can be initialized again for the next calculation. + * + * @note If either of the passed pointers is NULL, the results are unpredictable. + */ +void sha_256_init(struct Sha_256 *sha_256, uint8_t hash[SIZE_OF_SHA_256_HASH]); + +/* + * @brief Stream more input data for an on-going SHA-256 calculation. + * @param sha_256 A pointer to a previously initialized SHA-256 structure. + * @param data Pointer to the data to be added to the calculation. + * @param len Length of the data to add, in byte. + * + * @note This function may be invoked an arbitrary number of times between initialization and closing, but the maximum + * data length is limited by the SHA-256 algorithm: the total number of bits (i.e. the total number of bytes times + * eight) must be representable by a 64-bit unsigned integer. While that is not a practical limitation, the results are + * unpredictable if that limit is exceeded. + * + * @note This function may be invoked on empty data (zero length), although that obviously will not add any data. + * + * @note If either of the passed pointers is NULL, the results are unpredictable. + */ +void sha_256_write(struct Sha_256 *sha_256, const void *data, size_t len); + +/* + * @brief Conclude a SHA-256 streaming calculation, making the hash value available. + * @param sha_256 A pointer to a previously initialized SHA-256 structure. + * @return Pointer to the hash array, where the result is delivered. + * + * @note After this function has been invoked, the result is available in the hash buffer that initially was provided. A + * pointer to the hash value is returned for convenience, but you should feel free to ignore it: it is simply a pointer + * to the first byte of your initially provided hash array. + * + * @note If the passed pointer is NULL, the results are unpredictable. + * + * @note Invoking this function for a calculation with no data (the writing function has never been invoked, or it only + * has been invoked with empty data) is legal. It will calculate the SHA-256 value of the empty string. + */ +uint8_t *sha_256_close(struct Sha_256 *sha_256); + +#ifdef __cplusplus +} +#endif + +#endif From a7394ef170475fe0ef16b6689b46ad445aeed079 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Fri, 24 Sep 2021 22:43:47 +0200 Subject: [PATCH 2/5] Feature #41: Add SHA calculation to updater. Has yet to be checked against file. Code not tested --- stm-firmware/updater/ram-code/CMakeLists.txt | 5 +- stm-firmware/updater/ram-code/itoa.c | 34 ++++++++++++ stm-firmware/updater/ram-code/itoa.h | 3 + stm-firmware/updater/ram-code/main.c | 58 ++++++++++++++++++++ 4 files changed, 98 insertions(+), 2 deletions(-) diff --git a/stm-firmware/updater/ram-code/CMakeLists.txt b/stm-firmware/updater/ram-code/CMakeLists.txt index 65fd1ab..ddd12a2 100644 --- a/stm-firmware/updater/ram-code/CMakeLists.txt +++ b/stm-firmware/updater/ram-code/CMakeLists.txt @@ -21,13 +21,14 @@ set(LINKER_SCRIPT ${CMAKE_CURRENT_SOURCE_DIR}/ram-link.ld) set(ELFFILE "${PROJECT_NAME}.elf") aux_source_directory("." SRCS) aux_source_directory("fatfs" FATFS_SRCS) +aux_source_directory("3rd-party/sha256" SHA256_SRCS) aux_source_directory("fatfs/shimatta_sdio_driver" SDIO_SRCS) set(STM_PERIPH_SRCS "../../stm-periph/backup-ram.c" "../../stm-periph/rcc-manager.c" "../../stm-periph/crc-unit.c") set(SAFETY_MEMORY_SRCS "../../safety/safety-memory.c") -add_executable(${ELFFILE} ${SRCS} ${FATFS_SRCS} ${SDIO_SRCS} ${STM_PERIPH_SRCS} ${SAFETY_MEMORY_SRCS}) +add_executable(${ELFFILE} ${SRCS} ${FATFS_SRCS} ${SDIO_SRCS} ${STM_PERIPH_SRCS} ${SAFETY_MEMORY_SRCS} ${SHA256_SRCS}) -target_include_directories(${ELFFILE} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include ../../include) +target_include_directories(${ELFFILE} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include ../../include ${CMAKE_CURRENT_SOURCE_DIR}/3rd-party) target_compile_options(${ELFFILE} PRIVATE -Wall -Wextra -Wold-style-declaration -Wuninitialized -Wmaybe-uninitialized -Wunused-parameter) target_compile_options(${ELFFILE} PRIVATE -mlittle-endian -mthumb -mcpu=cortex-m4 -mthumb-interwork -mfloat-abi=hard -mfpu=fpv4-sp-d16 -nostartfiles -Wimplicit-fallthrough=3 -Wsign-compare -Os -g3) target_compile_definitions(${ELFFILE} PRIVATE -DGIT_VER=${GIT_DESCRIBE} -DHSE_VALUE=8000000UL -DSTM32F407xx -DSTM32F4XX -DARM_MATH_CM4 -DSAFETY_MEMORY_STRIPOUT_DUMP) diff --git a/stm-firmware/updater/ram-code/itoa.c b/stm-firmware/updater/ram-code/itoa.c index d74fed1..e645dd9 100644 --- a/stm-firmware/updater/ram-code/itoa.c +++ b/stm-firmware/updater/ram-code/itoa.c @@ -51,3 +51,37 @@ uint32_t heapless_itoa(int32_t value, char *buffer, uint32_t base) return bufferIdx; } +static char num_to_hex_digit(uint8_t num, bool capitalized) +{ + char ret = 'U'; + + switch (num) { + case 0 ... 9: + ret = '0' + num; + break; + case 0xA ... 0xF: + if (capitalized) + ret = 'A' + num - 0xA; + else + ret = 'a' + num - 0xA; + break; + default: + break; + } + + return ret; +} + +uint32_t bytes_to_hex_string(uint8_t *input, uint32_t count, char *output_buffer, bool capitalized) +{ + uint32_t idx; + uint8_t b; + + for (idx = 0; idx < count; idx++) { + b = input[idx]; + output_buffer[idx] = num_to_hex_digit(b >> 4, capitalized); + output_buffer[idx+1] = num_to_hex_digit(b & 0xF, capitalized); + } + + return 0; +} diff --git a/stm-firmware/updater/ram-code/itoa.h b/stm-firmware/updater/ram-code/itoa.h index 5397908..3b4c0a8 100644 --- a/stm-firmware/updater/ram-code/itoa.h +++ b/stm-firmware/updater/ram-code/itoa.h @@ -2,7 +2,10 @@ #define _ITOA_H_ #include +#include uint32_t heapless_itoa(int32_t value, char *buffer, uint32_t base); +uint32_t bytes_to_hex_string(uint8_t *input, uint32_t count, char *output_buffer, bool capitalized); + #endif /* _ITOA_H_ */ diff --git a/stm-firmware/updater/ram-code/main.c b/stm-firmware/updater/ram-code/main.c index f237b80..12cabd8 100644 --- a/stm-firmware/updater/ram-code/main.c +++ b/stm-firmware/updater/ram-code/main.c @@ -16,6 +16,7 @@ #include #include "uart.h" #include "itoa.h" +#include static volatile unsigned int wait_tick; @@ -197,6 +198,49 @@ exit_parser_close: return retval; } +static int compute_sha256_of_file(const char *fname, uint8_t *sha256_out) +{ + FIL _file; + int ret = 0; + FIL *file = &_file; + FRESULT fres; + static char workbuff[1024]; + UINT act_read; + struct Sha_256 sha; + + if (!fname || !sha256_out) + return -1000; + + fres = f_open(file, fname, FA_READ); + if (fres != FR_OK) { + ret = -1; + goto ret_noact; + } + + sha_256_init(&sha, sha256_out); + do { + fres = f_read(file, workbuff, sizeof(workbuff), &act_read); + if (act_read > 0) { + sha_256_write(&sha, workbuff, (size_t)act_read); + } else { + if (f_eof(file)) { + break; + } else if (f_error(file)) { + ret = -2; + goto ret_close_file; + } + } + } while (1); + + (void)sha_256_close(&sha); + ret = 0; + +ret_close_file: + (void)f_close(file); +ret_noact: + return ret; +} + int ram_code_main(void) { FRESULT fres; @@ -207,6 +251,7 @@ int ram_code_main(void) uint32_t count; uint32_t update_size; int retries = 3; + uint8_t sha_hash[SIZE_OF_SHA_256_HASH]; SysTick_Config(168000UL); @@ -237,6 +282,19 @@ int ram_code_main(void) if (res) ram_code_exit(false); + uart_send_string("Calculating SHA256 checksum\r\n"); + if (compute_sha256_of_file(filename, sha_hash)) { + uart_send_string("Calculation failed!"); + ram_code_exit(false); + } + + uart_send_string("SHA256: "); + bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, tmp_buff, false); + tmp_buff[SIZE_OF_SHA_256_HASH] = 0; + uart_send_string(tmp_buff); + uart_send_string("\r\n"); + + uart_send_string("Checking hex file "); uart_send_string(filename); uart_send_string("\r\n"); From c6fcd3154f80458e0b3a6720d05a3ba50df94b1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Sun, 3 Oct 2021 18:51:14 +0200 Subject: [PATCH 3/5] Remove unneeded variable --- stm-firmware/main.c | 1 - 1 file changed, 1 deletion(-) diff --git a/stm-firmware/main.c b/stm-firmware/main.c index 95fccd3..c4b9e8e 100644 --- a/stm-firmware/main.c +++ b/stm-firmware/main.c @@ -235,7 +235,6 @@ int main(void) shellmatta_handle_t shell_handle; int menu_wait_request; uint64_t quarter_sec_timestamp = 0ULL; - static uint64_t IN_SECTION(.ccm.bss) main_loop_iter_count; /* Setup all the peripherals and external componets like LCD, EEPROM etc. and the safety controller */ setup_system(); From ae60c3091937cfeb6eaa519c1d3b736d2f4e6f83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Sun, 3 Oct 2021 19:27:41 +0200 Subject: [PATCH 4/5] Implement SHA256 update file checking --- stm-firmware/CMakeLists.txt | 10 ++++- stm-firmware/updater/ram-code/itoa.c | 4 +- stm-firmware/updater/ram-code/main.c | 55 ++++++++++++++++++++++++++-- 3 files changed, 62 insertions(+), 7 deletions(-) diff --git a/stm-firmware/CMakeLists.txt b/stm-firmware/CMakeLists.txt index 31573fe..13dc1e2 100644 --- a/stm-firmware/CMakeLists.txt +++ b/stm-firmware/CMakeLists.txt @@ -136,8 +136,14 @@ add_custom_command( ) set(HEX_PATH "${CMAKE_CURRENT_BINARY_DIR}/${HEXFILE}") -add_custom_target(update-image ALL DEPENDS ${HEX_PATH}) +add_custom_target(update-image ALL DEPENDS ${HEX_PATH} "${HEX_PATH}.sha") add_custom_command( DEPENDS ${ELFFILE} OUTPUT ${HEX_PATH} - COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH}) + COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH} + ) +add_custom_command( + DEPENDS ${HEX_PATH} + OUTPUT "${HEX_PATH}.sha" + COMMAND sha256sum "${HEX_PATH}" | cut -d " " -f 1 > "${HEX_PATH}.sha" + ) diff --git a/stm-firmware/updater/ram-code/itoa.c b/stm-firmware/updater/ram-code/itoa.c index e645dd9..f952492 100644 --- a/stm-firmware/updater/ram-code/itoa.c +++ b/stm-firmware/updater/ram-code/itoa.c @@ -79,8 +79,8 @@ uint32_t bytes_to_hex_string(uint8_t *input, uint32_t count, char *output_buffer for (idx = 0; idx < count; idx++) { b = input[idx]; - output_buffer[idx] = num_to_hex_digit(b >> 4, capitalized); - output_buffer[idx+1] = num_to_hex_digit(b & 0xF, capitalized); + output_buffer[2*idx] = num_to_hex_digit(b >> 4, capitalized); + output_buffer[2*idx+1] = num_to_hex_digit(b & 0xF, capitalized); } return 0; diff --git a/stm-firmware/updater/ram-code/main.c b/stm-firmware/updater/ram-code/main.c index 12cabd8..a243b05 100644 --- a/stm-firmware/updater/ram-code/main.c +++ b/stm-firmware/updater/ram-code/main.c @@ -241,19 +241,47 @@ ret_noact: return ret; } +static int read_file_content(const char *fname, char *dest, size_t count) +{ + FIL f; + FRESULT fres; + UINT act_read; + int ret = 0; + + fres = f_open(&f, fname, FA_READ); + if (fres != FR_OK) { + return -1; + } + + fres = f_read(&f, dest, (UINT)count, &act_read); + if (fres != FR_OK) { + ret = -2; + goto exit_close_file; + } + + ret = (int)act_read; + +exit_close_file: + (void)f_close(&f); + return ret; +} + int ram_code_main(void) { FRESULT fres; int res; enum safety_memory_state safety_mem_state; static char filename[256]; + static char hash_file_name[256]; static char tmp_buff[256]; + static char sha_string[SIZE_OF_SHA_256_HASH*2+2]; uint32_t count; uint32_t update_size; int retries = 3; uint8_t sha_hash[SIZE_OF_SHA_256_HASH]; + SysTick_Config(168000UL); external_watchdog_disable(); __enable_irq(); @@ -289,12 +317,33 @@ int ram_code_main(void) } uart_send_string("SHA256: "); - bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, tmp_buff, false); - tmp_buff[SIZE_OF_SHA_256_HASH] = 0; - uart_send_string(tmp_buff); + bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, sha_string, false); + sha_string[SIZE_OF_SHA_256_HASH*2] = 0; + uart_send_string(sha_string); uart_send_string("\r\n"); + + strncpy(hash_file_name, filename, sizeof(hash_file_name)); + strcat(hash_file_name, ".sha"); + res = read_file_content(hash_file_name, tmp_buff, sizeof(tmp_buff)-1); + if (res < 0) { + uart_send_string("Error reading expected hash. Is the file present?\r\n"); + ram_code_exit(false); + } else if (res >= SIZE_OF_SHA_256_HASH*2) { + tmp_buff[res] = 0; + uart_send_string("Expected sha: "); + uart_send_string(tmp_buff); + uart_send_string("\r\n"); + if (strncmp(sha_string, tmp_buff, SIZE_OF_SHA_256_HASH*2) != 0) { + uart_send_string("SHA sums don't match!\r\n"); + ram_code_exit(false); + } + } else { + uart_send_string("Expected hash has wrong length!\r\n"); + ram_code_exit(false); + } + uart_send_string("Checking hex file "); uart_send_string(filename); uart_send_string("\r\n"); From 20b460cd5a01a7d07ffbadef8d4a5c17a26b7b37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mario=20H=C3=BCttel?= Date: Sun, 3 Oct 2021 19:38:01 +0200 Subject: [PATCH 5/5] Fix #41: Updater SHA256 check implemented and tested --- stm-firmware/updater/ram-code/main.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/stm-firmware/updater/ram-code/main.c b/stm-firmware/updater/ram-code/main.c index a243b05..1da9dd3 100644 --- a/stm-firmware/updater/ram-code/main.c +++ b/stm-firmware/updater/ram-code/main.c @@ -333,6 +333,13 @@ int ram_code_main(void) } else if (res >= SIZE_OF_SHA_256_HASH*2) { tmp_buff[res] = 0; uart_send_string("Expected sha: "); + + /* Strip out the newline form the file for printing */ + if (tmp_buff[res-1] == '\n' || tmp_buff[res-1] == '\r') + tmp_buff[res-1] = 0; + if (tmp_buff[res-2] == '\n' || tmp_buff[res-2] == '\r') + tmp_buff[res-2] = 0; + uart_send_string(tmp_buff); uart_send_string("\r\n"); if (strncmp(sha_string, tmp_buff, SIZE_OF_SHA_256_HASH*2) != 0) {