|
|
@ -29,13 +29,8 @@ static bool compute_pubkey(uint8_t sig_m, uint8_t sig_n, const uint8_t * const *
|
|
|
|
return 0 == ed25519_cosi_combine_publickeys(res, keys, sig_m);
|
|
|
|
return 0 == ed25519_cosi_combine_publickeys(res, keys, sig_m);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
bool image_parse_header(const uint8_t *data, uint32_t magic, uint32_t maxsize, image_header *hdr)
|
|
|
|
bool image_parse_header(const uint8_t * const data, const uint32_t magic, const uint32_t maxsize, image_header * const hdr)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
if (!hdr) {
|
|
|
|
|
|
|
|
image_header h;
|
|
|
|
|
|
|
|
hdr = &h;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&hdr->magic, data, 4);
|
|
|
|
memcpy(&hdr->magic, data, 4);
|
|
|
|
if (hdr->magic != magic) return false;
|
|
|
|
if (hdr->magic != magic) return false;
|
|
|
|
|
|
|
|
|
|
|
@ -43,11 +38,13 @@ bool image_parse_header(const uint8_t *data, uint32_t magic, uint32_t maxsize, i
|
|
|
|
if (hdr->hdrlen != HEADER_SIZE) return false;
|
|
|
|
if (hdr->hdrlen != HEADER_SIZE) return false;
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&hdr->expiry, data + 8, 4);
|
|
|
|
memcpy(&hdr->expiry, data + 8, 4);
|
|
|
|
|
|
|
|
// TODO: expiry mechanism needs to be ironed out before production or those
|
|
|
|
|
|
|
|
// devices won't accept expiring bootloaders (due to boardloader write protection).
|
|
|
|
if (hdr->expiry != 0) return false;
|
|
|
|
if (hdr->expiry != 0) return false;
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&hdr->codelen, data + 12, 4);
|
|
|
|
memcpy(&hdr->codelen, data + 12, 4);
|
|
|
|
if (hdr->hdrlen + hdr->codelen < 4 * 1024) return false;
|
|
|
|
if (hdr->codelen > (maxsize - hdr->hdrlen)) return false;
|
|
|
|
if (hdr->hdrlen + hdr->codelen > maxsize) return false;
|
|
|
|
if ((hdr->hdrlen + hdr->codelen) < 4 * 1024) return false;
|
|
|
|
if ((hdr->hdrlen + hdr->codelen) % 512 != 0) return false;
|
|
|
|
if ((hdr->hdrlen + hdr->codelen) % 512 != 0) return false;
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&hdr->version, data + 16, 4);
|
|
|
|
memcpy(&hdr->version, data + 16, 4);
|
|
|
@ -79,17 +76,13 @@ bool image_check_signature(const uint8_t *data, const image_header *hdr, uint8_t
|
|
|
|
return 0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig);
|
|
|
|
return 0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, pub, *(const ed25519_signature *)hdr->sig);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
bool vendor_parse_header(const uint8_t *data, vendor_header *vhdr)
|
|
|
|
bool vendor_parse_header(const uint8_t * const data, vendor_header * const vhdr)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
if (!vhdr) {
|
|
|
|
|
|
|
|
vendor_header h;
|
|
|
|
|
|
|
|
vhdr = &h;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&vhdr->magic, data, 4);
|
|
|
|
memcpy(&vhdr->magic, data, 4);
|
|
|
|
if (vhdr->magic != 0x565A5254) return false; // TRZV
|
|
|
|
if (vhdr->magic != 0x565A5254) return false; // TRZV
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&vhdr->hdrlen, data + 4, 4);
|
|
|
|
memcpy(&vhdr->hdrlen, data + 4, 4);
|
|
|
|
|
|
|
|
// TODO: sanity check hdr->hdrlen as it is used as a src to memcpy below
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(&vhdr->expiry, data + 8, 4);
|
|
|
|
memcpy(&vhdr->expiry, data + 8, 4);
|
|
|
|
if (vhdr->expiry != 0) return false;
|
|
|
|
if (vhdr->expiry != 0) return false;
|
|
|
|