Skip to content

Instantly share code, notes, and snippets.

@johanbove
Last active March 21, 2021 14:33
Show Gist options
  • Save johanbove/989c71584163d823dc15fb5ade3efdf1 to your computer and use it in GitHub Desktop.
Save johanbove/989c71584163d823dc15fb5ade3efdf1 to your computer and use it in GitHub Desktop.
How to upgrade a SoloKey firmware
// See https://github.com/conorpp/solo-dicekeys/releases/tag/5.0.0
$ solo version
0.0.27
$ python3 --version
Python 3.9.0
$ solo ls
:: Solos
208B31985653: Solo 4.1.1
~ $ pip3 install --upgrade solo-python
Requirement already satisfied: solo-python in /usr/local/lib/python3.9/site-packages (0.0.27)
Requirement already satisfied: cryptography in /usr/local/lib/python3.9/site-packages (from solo-python) (3.4.6)
Requirement already satisfied: pyusb in /usr/local/lib/python3.9/site-packages (from solo-python) (1.1.1)
Requirement already satisfied: click>=7.0 in /usr/local/lib/python3.9/site-packages (from solo-python) (7.1.2)
Requirement already satisfied: fido2~=0.8.1 in /usr/local/lib/python3.9/site-packages (from solo-python) (0.8.1)
Requirement already satisfied: pyserial in /usr/local/lib/python3.9/site-packages (from solo-python) (3.5)
Requirement already satisfied: requests in /usr/local/lib/python3.9/site-packages (from solo-python) (2.25.1)
Requirement already satisfied: ecdsa in /usr/local/lib/python3.9/site-packages (from solo-python) (0.16.1)
Requirement already satisfied: intelhex in /usr/local/lib/python3.9/site-packages (from solo-python) (2.3.0)
Requirement already satisfied: cffi>=1.12 in /usr/local/lib/python3.9/site-packages (from cryptography->solo-python) (1.14.5)
Requirement already satisfied: pycparser in /usr/local/lib/python3.9/site-packages (from cffi>=1.12->cryptography->solo-python) (2.20)
Requirement already satisfied: six>=1.9.0 in /usr/local/lib/python3.9/site-packages (from ecdsa->solo-python) (1.15.0)
Requirement already satisfied: cryptography in /usr/local/lib/python3.9/site-packages (from solo-python) (3.4.6)
Requirement already satisfied: six>=1.9.0 in /usr/local/lib/python3.9/site-packages (from ecdsa->solo-python) (1.15.0)
Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.9/site-packages (from requests->solo-python) (2020.12.5)
Requirement already satisfied: idna<3,>=2.5 in /usr/local/lib/python3.9/site-packages (from requests->solo-python) (2.10)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in /usr/local/lib/python3.9/site-packages (from requests->solo-python) (1.26.2)
Requirement already satisfied: chardet<5,>=3.0.2 in /usr/local/lib/python3.9/site-packages (from requests->solo-python) (4.0.0)
~ $ solo key version
4.1.1 unlocked
~ $ solo key
Usage: solo key [OPTIONS] COMMAND [ARGS]...
Interact with Solo keys, see subcommands.
Options:
--help Show this message and exit.
Commands:
challenge-response Uses `hmac-secret` to implement a challenge-response...
change-pin Change pin of current key
credential Credential management, see subcommands.
disable-updates Permanently disable firmware updates on Solo.
keyboard Program the specified key sequence to Solo
make-credential Generate a credential.
ping Send ping command to key
probe Calculate HASH.
reset Reset key - wipes all credentials!!!
rng Access TRNG on key, see subcommands.
set-pin Set pin of current key
sign-file Sign the specified file using the given credential-id
update Update Solo key to latest firmware version.
verify Verify key is valid Solo Secure or Solo Hacker.
version Version of firmware on key.
wink Send wink command to key (blinks LED a few times).
~ $ solo key verify
Please press the button on your Solo key
Register valid
Solo Hacker firmware.
~ $ solo ls
:: Solos
208B31985653: Solo 4.1.1
~ $ cd ~/Desktop/
bundle-hacker-5.0.0.hex
bundle-hacker-5.0.0.sha2
Desktop $ solo program aux enter-bootloader
Solo rebooted. Reconnecting...
Traceback (most recent call last):
File "/usr/local/bin/solo", line 8, in <module>
sys.exit(solo_cli())
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 829, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/solo/cli/program.py", line 219, in enter_bootloader
return _enter_bootloader(serial)
File "/usr/local/lib/python3.9/site-packages/solo/cli/program.py", line 206, in _enter_bootloader
if solo.client.find(serial) is None:
File "/usr/local/lib/python3.9/site-packages/solo/client.py", line 53, in find
raise solo.exceptions.NoSoloFoundError("no Solo found")
solo.exceptions.NoSoloFoundError: no Solo found
Desktop $ solo ls
Not using FIDO2 interface.
:: Solos
208B31985653: Solo Bootloader 5.0.0
Desktop $ solo program aux enter-bootloader
Not using FIDO2 interface.
Solo rebooted. Reconnecting...
Not using FIDO2 interface.
Desktop $ solo program aux enter-dfu
Not using FIDO2 interface.
Please powercycle the device (pull out, plug in again)
Desktop $ solo program aux enter-dfu
Traceback (most recent call last):
File "/usr/local/bin/solo", line 8, in <module>
sys.exit(solo_cli())
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 829, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 782, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1259, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1066, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 610, in invoke
return callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/solo/cli/program.py", line 247, in enter_dfu
p = solo.client.find(serial)
File "/usr/local/lib/python3.9/site-packages/solo/client.py", line 53, in find
raise solo.exceptions.NoSoloFoundError("no Solo found")
solo.exceptions.NoSoloFoundError: no Solo found
Desktop $ solo ls
:: Solos
...
@johanbove
Copy link
Author

johanbove commented Mar 15, 2021

The "Please powercycle the device (pull out, plug in again)" is important

@johanbove
Copy link
Author

johanbove commented Mar 15, 2021

I still see the BOOTLOADER in lsusb:

Bus 020 Device 024: ID 0483:df11 STMicroelectronics STM32 BOOTLOADER Serial: 208B31985653

@johanbove
Copy link
Author

johanbove commented Mar 15, 2021

The firmware worked!
solo program dfu bundle-hacker-5.0.0.hex

$ solo program dfu bundle-hacker-5.0.0.hex
erasing...
downloading 100.00%  08038800 - 0803882e ...         
time: 5920 ms
verifying...
reading 100.00%  08038800 - 0803882e ...         
firmware readback verified.

@johanbove
Copy link
Author

$ solo program aux leave-dfu
Rewriting option bytes...
Warning: OSError with write_page
Please powercycle the device (pull out, plug in again)

@johanbove
Copy link
Author

johanbove commented Mar 15, 2021

$ solo ls
:: Solos
208B31985653: Solo DiceKeys 5.0.0
$ solo key verify
Please press the button on your Solo key
Register valid
Solo Hacker firmware.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment