diff --git a/embed/trezorhal/image.c b/embed/trezorhal/image.c index c689bda7dc..6ea1083fce 100644 --- a/embed/trezorhal/image.c +++ b/embed/trezorhal/image.c @@ -59,19 +59,18 @@ secbool load_image_header(const uint8_t * const data, const uint32_t magic, cons // check header signature - uint8_t hash[BLAKE2S_DIGEST_LENGTH]; BLAKE2S_CTX ctx; blake2s_Init(&ctx, BLAKE2S_DIGEST_LENGTH); blake2s_Update(&ctx, data, IMAGE_HEADER_SIZE - IMAGE_SIG_SIZE); for (int i = 0; i < IMAGE_SIG_SIZE; i++) { blake2s_Update(&ctx, (const uint8_t *)"\x00", 1); } - blake2s_Final(&ctx, hash, BLAKE2S_DIGEST_LENGTH); + blake2s_Final(&ctx, hdr->fingerprint, BLAKE2S_DIGEST_LENGTH); ed25519_public_key pub; if (sectrue != compute_pubkey(key_m, key_n, keys, hdr->sigmask, pub)) return secfalse; - return sectrue * (0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig)); + return sectrue * (0 == ed25519_sign_open(hdr->fingerprint, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig)); } secbool load_vendor_header(const uint8_t * const data, uint8_t key_m, uint8_t key_n, const uint8_t * const *keys, vendor_header * const vhdr) diff --git a/embed/trezorhal/image.h b/embed/trezorhal/image.h index a87e7c34fe..30ed15d580 100644 --- a/embed/trezorhal/image.h +++ b/embed/trezorhal/image.h @@ -31,6 +31,7 @@ typedef struct { // uint8_t reserved[415]; uint8_t sigmask; uint8_t sig[64]; + uint8_t fingerprint[32]; } image_header; #define MAX_VENDOR_PUBLIC_KEYS 8 diff --git a/tools/binctl b/tools/binctl index 6a56a3cf41..49ddff478f 100755 --- a/tools/binctl +++ b/tools/binctl @@ -54,7 +54,9 @@ class BinImage(object): assert self.reserved2 == 415 * b'\x00' self.code = data[self.hdrlen:] assert len(self.code) == self.codelen - self.fingerprint = pyblake2.blake2s(data[:IMAGE_HEADER_SIZE - 65]).hexdigest() + h = pyblake2.blake2s(data[:IMAGE_HEADER_SIZE - 65]) + h.update(b'\x00' * 65) + self.fingerprint = h.hexdigest() def print(self): if self.magic == b'TRZF':