Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
enforce ascending writes in bootloader update #368
Almost LGTM. With this patch an attacker can't choose freely which bytes get interpreted as the version.
To do this, she could flash an older firmware with BootWrite commands, reboot the key, then issue the BootDone command, which would verify the signature correctly and then use an uninitialized pointer to read the firmware version.