The main firmware is in the me sub-directory. The rest is auxiliary components
(such as bootloader) and tools.
-
GCC-compatible toolchain for ARM® Cortex®-M processor family
(such as GNU Tools for ARM Embedded Processors);
we use version 4_7-2012q4, as later versions may cause compile errors with ASF 3.18 -
Atmel® Software Framework (ASF) version 3.18 (exactly)
-
GNU Make
-
GNU Bash
-
AWK, sed and xxd utilities
-
Python 2.7
-
Python Imaging Library (PIL) or a compatible replacement such as Pillow
Set the ASF environment variable to the ASF’s top level directory.
Then run make. The main Mycelium Entropy firmware will be in
me/entropy-1.0/me.bin.
The normal firmware update procedure accepts signed firmware only. Signing is done
as part of the build, or with make sign inside me.
File key.cfg in the top level directory specifies the private signing key (or,
alternatively, that a dedicated device is to be used for signing). When run for the
first time, the signing tool generates a new key and creates key.cfg for you.
Normal firmware updates are performed by the main firmware. (If you flash a custom image that doesn’t work, see 'Un-bricking' below.)
To enter firmware update and configuration mode, hold the button while plugging
the device in. It will become a storage device where you can find readme.txt
with brief instructions and settings.txt for configuration.
By default, only firmware signed by the Mycelium signing key is accepted. To allow
your custom firmware in, add your public signature key to settings.txt with the
sign keyword. If you use the auto-generated key.cfg, you can find the public key
inside in comments.
Copy me/entropy-1.0/me.bin onto the device and tell your operating system that
you are done. When it says it’s safe to remove the device, click the button to
commence the update. When you see a repeating pattern of four blinks, it’s the
device asking you to confirm that you trust your key. Click the button again and
wait until the LED is off. Then unplug the device.
|
Note
|
The device asks for confirmation before flasing a non-Mycelium signed firmware
image in order to prevent malware from adding its own key to settings.txt and then
uploading a compromised image.
|
After flashing a botched image, entering the normal update and configuration
mode can be problematic. Should this happen, hold the button for 5 seconds
while plugging the device in. The device will enter its bootloader in firmware
recovery mode and attach a volume named BOOTLOADER. Follow instructions in
readme.txt on this volume. Note that this method will not check any
signatures.
Mycelium Entropy implements Shamir’s 2-of-3 secret sharing scheme according to this specification.
Picture generated by Mycelium Entropy is built from fragments according to layout.c.
See comments in jpeg.c about fragment types. Fragments are generated by
tools/gen.py and written into jpeg-data* files, which are then linked into the
firmware image.
Results can be tested without an Entropy device. In the tools sub-directory, run
make check to build the check executable from check.c, from auto-generated
jpeg-data* files and other sources. Then run the check executable (a --help
argument shows usage notes).
There is currently no tool to help customise the output picture.