• Stars
    star
    152
  • Rank 244,685 (Top 5 %)
  • Language
    C
  • License
    GNU Lesser Genera...
  • Created over 9 years ago
  • Updated 9 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

KeepKey Device Firmware

CircleCI

KeepKey Build Procedure

Toolchain Installation

Install Docker Community Edition from: https://www.docker.com/get-docker

$ docker pull kktech/firmware:v5-beta

Clone the Source

The sources can be obtained from github:

$ git clone [email protected]:keepkey/keepkey-firmware.git
$ git submodule update --init --recursive

Build

To build the firmware using the docker container, use the provided script:

$ ./scripts/build/docker/device/release.sh

Verifying Published Binaries

Compare the hash of a given tagged build:

$ git checkout v6.2.0
$ git submodule update --init --recursive
$ ./scripts/build/docker/device/release.sh
$ tail -c +257 ./bin/firmware.keepkey.bin | shasum -a 256

With that of the signed v6.2.0 binary on github, ignoring signatures and firmware metadata:

$ tail -c +257 firmware.keepkey.bin | shasum -a 256

Then inspect the metadata itself by comparing against the structure described here:

$ head -c +256 signed_firmware.bin | xxd -

Caveats:

  1. v6.2.2 and v6.3.0 had an issue with build reproducibility. See #212.
  2. As of v6.1.0 and later, we started prepending empty slots for signatures as part of the build, and prior firmwares were emitted without that metadata section. See 87b9ebb84

Docs

Documentation can be found here.

License

If license is not specified in the header of a file, it can be assumed that it is licensed under LGPLv3.