arno/trezor-firmware
1
0
Fork 0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-12-16 19:38:09 +00:00
Code Issues Releases Wiki Activity

Fix bug in auth_get() when storing the authentication_sum. Remove the superfluous auth_get() call in unlock().

Browse Source
This commit is contained in:
andrew 2019-02-01 20:46:16 +01:00
parent 2888c11095
commit 8fc03a5a95
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
storage.c
View File

@ -250,7 +250,7 @@ static secbool auth_get(uint16_t key, const void **val, uint16_t *len)
// Cache the authentication sum. // Cache the authentication sum.
for (size_t i = 0; i < SHA256_DIGEST_LENGTH/sizeof(uint32_t); i++) { for (size_t i = 0; i < SHA256_DIGEST_LENGTH/sizeof(uint32_t); i++) {
#if BYTE_ORDER == LITTLE_ENDIAN #if BYTE_ORDER == LITTLE_ENDIAN
REVERSE32(((uint32_t*)authentication_sum)[i], sum[i]); REVERSE32(sum[i], ((uint32_t*)authentication_sum)[i]);
#else #else
((uint32_t*)authentication_sum)[i] = sum[i]; ((uint32_t*)authentication_sum)[i] = sum[i];
#endif #endif
@ -690,10 +690,8 @@ static secbool unlock(uint32_t pin)
memzero(keys, sizeof(keys)); memzero(keys, sizeof(keys));
memzero(tag, sizeof(tag)); memzero(tag, sizeof(tag));
// Call auth_get() to initialize the authentication_sum.
auth_get(0, &buffer, &len);
// Check that the authenticated version number matches the norcow version. // Check that the authenticated version number matches the norcow version.
// NOTE: storage_get_encrypted() calls auth_get(), which initializes the authentication_sum.
uint32_t version; uint32_t version;
if (sectrue != storage_get_encrypted(VERSION_KEY, &version, sizeof(version), &len) || len != sizeof(version) || version != norcow_active_version) { if (sectrue != storage_get_encrypted(VERSION_KEY, &version, sizeof(version), &len) || len != sizeof(version) || version != norcow_active_version) {
handle_fault(); handle_fault();