Revert "Move Secure Boot to another branch."

This reverts commit 8cb2484aa3.

src/fs/otp.c

@@ -179,6 +179,64 @@ bool otp_is_secure_boot_locked() {
     return false;
 }
 
+int otp_enable_secure_boot(uint8_t bootkey, bool secure_lock) {
+    int ret = 0;
+#ifdef PICO_RP2350
+    alignas(2) uint8_t BOOTKEY[] = "\xe1\xd1\x6b\xa7\x64\xab\xd7\x12\xd4\xef\x6e\x3e\xdd\x74\x4e\xd5\x63\x8c\x26\xb\x77\x1c\xf9\x81\x51\x11\xb\xaf\xac\x9b\xc8\x71";
+    if (is_empty_otp_buffer(OTP_DATA_BOOTKEY0_0_ROW + 0x10*bootkey, 32)) {
+        PICOKEY_CHECK(otp_write_data(OTP_DATA_BOOTKEY0_0_ROW + 0x10*bootkey, BOOTKEY, sizeof(BOOTKEY)));
+    }
+
+    const uint8_t *boot_flags1 = otp_buffer_raw(OTP_DATA_BOOT_FLAGS1_ROW);
+    alignas(4) uint8_t flagsb1[] = { boot_flags1[0] | (1 << (bootkey + OTP_DATA_BOOT_FLAGS1_KEY_VALID_LSB)), boot_flags1[1], boot_flags1[2], 0x00 };
+    if (secure_lock) {
+        flagsb1[1] |= ((OTP_DATA_BOOT_FLAGS1_KEY_INVALID_BITS >> OTP_DATA_BOOT_FLAGS1_KEY_INVALID_LSB) & (~(1 << bootkey)));
+    }
+
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_ROW, flagsb1, sizeof(flagsb1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_R1_ROW, flagsb1, sizeof(flagsb1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_BOOT_FLAGS1_R2_ROW, flagsb1, sizeof(flagsb1)));
+
+    const uint8_t *crit1 = otp_buffer_raw(OTP_DATA_CRIT1_ROW);
+    alignas(4) uint8_t flagsc1[] = { crit1[0] | (1 << OTP_DATA_CRIT1_SECURE_BOOT_ENABLE_LSB), crit1[1], crit1[2], 0x00 };
+    if (secure_lock) {
+        flagsc1[0] |= (1 << OTP_DATA_CRIT1_DEBUG_DISABLE_LSB);
+        flagsc1[0] |= (1 << OTP_DATA_CRIT1_GLITCH_DETECTOR_ENABLE_LSB);
+        flagsc1[0] |= (3 << OTP_DATA_CRIT1_GLITCH_DETECTOR_SENS_LSB);
+    }
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R1_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R2_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R3_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R4_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R5_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R6_ROW, flagsc1, sizeof(flagsc1)));
+    PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_CRIT1_R7_ROW, flagsc1, sizeof(flagsc1)));
+
+    if (secure_lock) {
+        const uint8_t *page1 = otp_buffer_raw(OTP_DATA_PAGE1_LOCK1_ROW);
+        uint8_t page1v = page1[0] | (OTP_DATA_PAGE1_LOCK1_LOCK_BL_VALUE_READ_ONLY << OTP_DATA_PAGE1_LOCK1_LOCK_BL_LSB);
+        alignas(4) uint8_t flagsp1[] = { page1v, page1v, page1v, 0x00 };
+        PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_PAGE1_LOCK1_ROW, flagsp1, sizeof(flagsp1)));
+        const uint8_t *page2 = otp_buffer_raw(OTP_DATA_PAGE2_LOCK1_ROW);
+        uint8_t page2v = page2[0] | (OTP_DATA_PAGE2_LOCK1_LOCK_BL_VALUE_READ_ONLY << OTP_DATA_PAGE2_LOCK1_LOCK_BL_LSB);
+        alignas(4) uint8_t flagsp2[] = { page2v, page2v, page2v, 0x00 };
+        PICOKEY_CHECK(otp_write_data_raw(OTP_DATA_PAGE2_LOCK1_ROW, flagsp2, sizeof(flagsp2)));
+    }
+#elif defined(ESP_PLATFORM)
+    // TODO: Implement secure boot for ESP32-S3
+#else
+    (void)bootkey;
+    (void)secure_lock;
+#endif // PICO_RP2350
+    goto err;
+    err:
+    if (ret != PICOKEY_OK) {
+        return ret;
+    }
+    return PICOKEY_OK;
+}
+
 #ifdef PICO_RP2350
 static void otp_invalidate_key(uint16_t row, uint16_t len) {
     if (!is_empty_otp_buffer(row, len)) {

src/fs/otp.h

@@ -44,6 +44,7 @@ extern int otp_write_data_raw(uint16_t row, const uint8_t *data, uint16_t len);
 
 #endif
 
+extern int otp_enable_secure_boot(uint8_t bootkey, bool secure_lock);
 extern void init_otp_files();
 
 extern const uint8_t *otp_key_1;

src/rescue.c

@@ -54,8 +54,6 @@ int rescue_select(app_t *a, uint8_t force) {
     res_APDU[res_APDU_size++] = PICO_PRODUCT;
     res_APDU[res_APDU_size++] = PICO_VERSION_MAJOR;
     res_APDU[res_APDU_size++] = PICO_VERSION_MINOR;
-    memcpy(res_APDU + res_APDU_size, pico_serial.id, PICO_UNIQUE_BOARD_ID_SIZE_BYTES);
-    res_APDU_size += PICO_UNIQUE_BOARD_ID_SIZE_BYTES;
     apdu.ne = res_APDU_size;
     if (force) {
         scan_flash();
@@ -126,6 +124,23 @@ int cmd_read() {
     return SW_OK();
 }
 
+#if defined(PICO_RP2350) || defined(ESP_PLATFORM)
+int cmd_secure() {
+    if (apdu.nc != 0) {
+        return SW_WRONG_LENGTH();
+    }
+
+    uint8_t bootkey = P1(apdu);
+    bool secure_lock = P2(apdu) == 0x1;
+
+    int ret = otp_enable_secure_boot(bootkey, secure_lock);
+    if (ret != 0) {
+        return SW_EXEC_ERROR();
+    }
+    return SW_OK();
+}
+#endif
+
 #ifdef PICO_PLATFORM
 int cmd_reboot_bootsel() {
     if (apdu.nc != 0) {
@@ -149,11 +164,15 @@ int cmd_reboot_bootsel() {
 #endif
 
 #define INS_WRITE            0x1C
+#define INS_SECURE           0x1D
 #define INS_READ             0x1E
 #define INS_REBOOT_BOOTSEL   0x1F
 
 static const cmd_t cmds[] = {
     { INS_WRITE, cmd_write },
+#if defined(PICO_RP2350) || defined(ESP_PLATFORM)
+    { INS_SECURE, cmd_secure },
+#endif
     { INS_READ, cmd_read },
 #ifdef PICO_PLATFORM
     { INS_REBOOT_BOOTSEL, cmd_reboot_bootsel },