Skip to content

jisen210/mcu

 
 

Repository files navigation

Digital Bitbox Firmware

Build Status Coverage Status Coverity Scan Build Status license

MCU code for the Digital Bitbox hardware wallet.

All communication to the hardware wallet enters and exits a single gateway char *commander(const char *command) that receives an encrypted command and returns an encrypted reply. The communication protocol is described in the API.

The code can be compiled and tested locally without the need for a device. See the tests_cmdline.c code for a simple example and the tests_api.c code to test the full API. The tests_api.c code will also test a live device if one is plugged into a USB slot. This requires installation of the hidapi library for USB communication, a micro SD card in the device, and a number of touch button presses to permit erase and sign commands. WARNING: data on the device and micro SD card will be lost when running tests_api.c.

ECDSA signatures are performed with either the bitcoin core secp256k1 library or using a simplified version of the smaller micro ECC library, depending on a setting in the CMakeLists.txt file. Each library is resistant to known side channel attacks.

Standardized functions:

Cryptographic: secp256k1, RFC6979, AES-256-CBC, SHA2, HMAC, PBKDF2, RIPEMD160
Encoding: Base-64, Base-58-check, JSON
Bitcoin: BIP32, BIP39, BIP44

Build Instructions

Building test code:

Dependencies:

  • HIDAPI (For live testing)
  • Doxygen (Optional, to generate source code documentation)
  • Graphviz (Optional, to generate graphs for the Doxygen documentation)

Build:

git clone https://github.com/digitalbitbox/mcu && cd mcu
mkdir build && cd build
cmake .. -DBUILD_TYPE=test # `-DBUILD_TYPE=firmware` and `-DBUILD_TYPE=bootloader` work if a GNU ARM toolchain is installed
make
make test

Deterministic build of firmware:

Build environment with Docker and Debian Stretch:

Requires:

To build the base image:

docker build --tag shift/mcu-base -f Dockerfile.dev .

To build and run the full set of tests with both gcc and clang:

docker build --tag shift/mcu-base-ci -f Dockerfile.tests .

To use the base container:

docker run -it shift/mcu-base

To use the contious integration container:

docker run -it shift/mcu-base-ci

This build process Debian Stable (Stretch).

Contributing

Please do not use an editor that automatically reformats.

Please do use the coding style set by AStyle version 3.0 (http://astyle.sourceforge.net/; also available from homebrew) with the following parameters:

astyle --style=kr --indent-switches --indent-labels --pad-oper --pad-header --align-pointer=name --add-braces --convert-tabs --max-code-length=90 --break-after-logical --suffix=none *.c *.h --recursive --exclude=src/yajl --exclude=src/secp256k1 --exclude=src/drivers --exclude=tests/hidapi | grep Formatted

Pull requests will automatically fail if the coding style is not met. For convenience, enable a Git hook to trigger the astyle styling whenever a git commit operation is performed. This is done by typing in the repository directory:

cd .git/hooks
ln -s ../../contrib/git/pre-commit

All commits must be signed with PGP. To set Git to auto-sign your commits:

git config --global user.signingkey YourGPGKeyID
git config --global commit.gpgsign true

The PGP public keys of the contributors can be found in contrib/contributors_gpg_keys. Please add your PGP key with your first pull request.

About

MCU code for the Digital Bitbox hardware wallet

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 71.1%
  • C++ 23.5%
  • Pawn 3.2%
  • SourcePawn 1.1%
  • CMake 0.5%
  • Python 0.4%
  • Shell 0.2%