trezorhal: store image fingerprint in the image_header structure

embed/trezorhal/image.c

@@ -59,19 +59,18 @@ secbool load_image_header(const uint8_t * const data, const uint32_t magic, cons
 
     // check header signature
 
-    uint8_t hash[BLAKE2S_DIGEST_LENGTH];
     BLAKE2S_CTX ctx;
     blake2s_Init(&ctx, BLAKE2S_DIGEST_LENGTH);
     blake2s_Update(&ctx, data, IMAGE_HEADER_SIZE - IMAGE_SIG_SIZE);
     for (int i = 0; i < IMAGE_SIG_SIZE; i++) {
         blake2s_Update(&ctx, (const uint8_t *)"\x00", 1);
     }
-    blake2s_Final(&ctx, hash, BLAKE2S_DIGEST_LENGTH);
+    blake2s_Final(&ctx, hdr->fingerprint, BLAKE2S_DIGEST_LENGTH);
 
     ed25519_public_key pub;
     if (sectrue != compute_pubkey(key_m, key_n, keys, hdr->sigmask, pub)) return secfalse;
 
-    return sectrue * (0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig));
+    return sectrue * (0 == ed25519_sign_open(hdr->fingerprint, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig));
 }
 
 secbool load_vendor_header(const uint8_t * const data, uint8_t key_m, uint8_t key_n, const uint8_t * const *keys, vendor_header * const vhdr)

embed/trezorhal/image.h

@@ -31,6 +31,7 @@ typedef struct {
     // uint8_t reserved[415];
     uint8_t sigmask;
     uint8_t sig[64];
+    uint8_t fingerprint[32];
 } image_header;
 
 #define MAX_VENDOR_PUBLIC_KEYS 8

tools/binctl

@@ -54,7 +54,9 @@ class BinImage(object):
         assert self.reserved2 == 415 * b'\x00'
         self.code = data[self.hdrlen:]
         assert len(self.code) == self.codelen
-        self.fingerprint = pyblake2.blake2s(data[:IMAGE_HEADER_SIZE - 65]).hexdigest()
+        h = pyblake2.blake2s(data[:IMAGE_HEADER_SIZE - 65])
+        h.update(b'\x00' * 65)
+        self.fingerprint = h.hexdigest()
 
     def print(self):
         if self.magic == b'TRZF':