Release 2.1.1
Compatible with desktop app versions v2.1.2 or newer. Adds U2F support and implements ISO 7816-4 USB communication.
- To reproduce and verify the deterministic build:
# Clone the repository
git clone https://github.com/digitalbitbox/mcu.git
cd mcu
# Build deterministically (requires Vagrant and Virtualbox and OSX or Linux)
vagrant up
cp build-vagrant/bin/firmware.bin firmware.deterministic.2.1.1.bin
# Verify the deterministic binary
shasum -a 256 firmware.deterministic.2.1.1.bin # 073197f33db3e4840945ac4d46af5cbf3b92812e1bd24fde38b831d942c667ff
# Append signatures of the firmware
py/append_signatures_firmware_binary.py firmware.deterministic.2.1.1.bin firmware.deterministic.2.1.1.signed.bin 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000713b243546825f155bc6527d27dd53331c963def45249fcce07079b13b95264f43889ac3a895621925d0a014fea9dc06fac25472c679ace3604a22e9b8a0bbd7e47e909617f401064b579665961e0535c9618ea525e0dd325623834e451e1bb63eec6fd7ea3d259d42ca776bac992d86933e89b589c04322d253a18080122c9f5d080a6cbbdceed080c13721bdd093eb3ad60881abf8b03146e28086e8f9b40f0a3921f0796079f196527cc037fe7451a426815f9c85043e0776e85975492b3aca225002e2cf45d5580187d6564ab4f664a480867fa6f767a999c065a829e3c5599f21c06a26b473f9b303e2aca245ea899f67b7b156935b384ccfabc1069669
# Verify the signed deterministic binary
shasum -a 256 firmware.deterministic.2.1.1.signed.bin # 9f842d0706074e78e84bc04932320d3c2f4465402d02bf735c422faf1f9b2f41
# Signed deterministic binaries can be loaded into the Digital Bitbox
# using the Upgrade Firmware button in the desktop app.
# In case of problems, check that:
vagrant box list # ubuntu/trusty64 (virtualbox, 20170313.0.7)
virtualbox --help # Oracle VM VirtualBox Manager 5.0.36
- ECC secp256k1 public keys and signatures of the double SHA256 hash of
firmware.deterministic.X.Y.Z.bin:
0263b742d9873405c609814da884324ab0f4c1597a5fd152b388899857f4d041df : 713b243546825f155bc6527d27dd53331c963def45249fcce07079b13b95264f43889ac3a895621925d0a014fea9dc06fac25472c679ace3604a22e9b8a0bbd7
02b95dc22d293376222ef896f74a8436a8b6672e7e416299f3c4e23b49c38ad366 : e47e909617f401064b579665961e0535c9618ea525e0dd325623834e451e1bb63eec6fd7ea3d259d42ca776bac992d86933e89b589c04322d253a18080122c9f
03ef4c48dc308ace971c025db3edd4bc5d5110e28e14bdd925fffafd4d21002800 : 5d080a6cbbdceed080c13721bdd093eb3ad60881abf8b03146e28086e8f9b40f0a3921f0796079f196527cc037fe7451a426815f9c85043e0776e85975492b3a
030d8b0b86fca70bfd3a8d842cdb3ff8362c02f455fd092b080f1bb137dfc1d25f : ca225002e2cf45d5580187d6564ab4f664a480867fa6f767a999c065a829e3c5599f21c06a26b473f9b303e2aca245ea899f67b7b156935b384ccfabc1069669
- Signature blob appended to
firmware.deterministic.X.Y.Z.bin
000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000713b243546825f155bc6527d27dd53331c963def45249fcce07079b13b95264f43889ac3a895621925d0a014fea9dc06fac25472c679ace3604a22e9b8a0bbd7e47e909617f401064b579665961e0535c9618ea525e0dd325623834e451e1bb63eec6fd7ea3d259d42ca776bac992d86933e89b589c04322d253a18080122c9f5d080a6cbbdceed080c13721bdd093eb3ad60881abf8b03146e28086e8f9b40f0a3921f0796079f196527cc037fe7451a426815f9c85043e0776e85975492b3aca225002e2cf45d5580187d6564ab4f664a480867fa6f767a999c065a829e3c5599f21c06a26b473f9b303e2aca245ea899f67b7b156935b384ccfabc1069669