arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-22 15:38:11 +00:00
Code Issues Releases Wiki Activity

trezorhal: fix hash offset in check_image_contents

Browse Source
This commit is contained in:
Pavol Rusnak 2017-10-26 18:53:20 +02:00
parent 7c891e19e5
commit 89cc35b195
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D
5 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
embed/boardloader/main.c
View File

@ -183,7 +183,7 @@ int main(void)
"invalid bootloader header");
ensure(
check_image_contents(&hdr, (const uint8_t *)BOOTLOADER_START, 1),
check_image_contents(&hdr, (const uint8_t *)BOOTLOADER_START, IMAGE_HEADER_SIZE, 1),
"invalid bootloader hash");
jump_to(BOOTLOADER_START + IMAGE_HEADER_SIZE);

2
embed/bootloader/main.c
View File

@ -328,7 +328,7 @@ int main(void)
"invalid firmware header");
ensure(
check_image_contents(&hdr, (const uint8_t *)(FIRMWARE_START + vhdr.hdrlen), 6),
check_image_contents(&hdr, (const uint8_t *)FIRMWARE_START, IMAGE_HEADER_SIZE + vhdr.hdrlen, 6),
"invalid firmware hash");
display_vendor(vhdr.vimg, (const char *)vhdr.vstr, vhdr.vstr_len, hdr.version);

6
embed/trezorhal/image.c
View File

@ -138,14 +138,14 @@ static bool check_hash(const uint8_t * const hash, const uint8_t * const data, i
#define MIN(a,b) ((a) < (b) ? (a) : (b))
bool check_image_contents(const image_header * const hdr, const uint8_t * const data, int maxblocks)
bool check_image_contents(const image_header * const hdr, const uint8_t * const data, uint32_t firstskip, int maxblocks)
{
int remaining = hdr->codelen;
if (!check_hash(hdr->hashes, data + IMAGE_HEADER_SIZE, MIN(remaining, IMAGE_CHUNK_SIZE - IMAGE_HEADER_SIZE))) {
if (!check_hash(hdr->hashes, data + firstskip, MIN(remaining, IMAGE_CHUNK_SIZE - firstskip))) {
return false;
}
int block = 1;
remaining -= IMAGE_CHUNK_SIZE - IMAGE_HEADER_SIZE;
remaining -= IMAGE_CHUNK_SIZE - firstskip;
while (remaining > 0) {
if (block >= maxblocks) {
return false;

2
embed/trezorhal/image.h
View File

@ -48,6 +48,6 @@ bool load_image_header(const uint8_t * const data, const uint32_t magic, const u
bool load_vendor_header(const uint8_t * const data, uint8_t key_m, uint8_t key_n, const uint8_t * const *keys, vendor_header * const vhdr);
bool check_image_contents(const image_header * const hdr, const uint8_t * const data, int maxblocks);
bool check_image_contents(const image_header * const hdr, const uint8_t * const data, uint32_t firstskip, int maxblocks);
#endif

8
tools/binctl
View File

@ -74,12 +74,16 @@ class BinImage(object):
print()
def compute_hashes(self):
if self.magic == b'TRZF':
hdrlen = self.vhdrlen + self.hdrlen
else:
hdrlen = self.hdrlen
hashes = b''
for i in range(16):
if i == 0:
d = self.code[:IMAGE_CHUNK_SIZE - IMAGE_HEADER_SIZE]
d = self.code[:IMAGE_CHUNK_SIZE - hdrlen]
else:
s = IMAGE_CHUNK_SIZE - IMAGE_HEADER_SIZE + (i - 1) * IMAGE_CHUNK_SIZE
s = IMAGE_CHUNK_SIZE - hdrlen + (i - 1) * IMAGE_CHUNK_SIZE
d = self.code[s:s + IMAGE_CHUNK_SIZE]
if len(d) > 0:
h = pyblake2.blake2s(d).digest()