mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 23:48:12 +00:00
bootloader/loader: use blake2s instead of sha256 for digests
This commit is contained in:
parent
4c206be585
commit
e313234fe3
@ -83,6 +83,7 @@ CFLAGS_MOD += \
|
|||||||
|
|
||||||
OBJ_MOD += \
|
OBJ_MOD += \
|
||||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
||||||
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/blake2s.o \
|
||||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
||||||
|
|
||||||
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
||||||
|
@ -81,6 +81,7 @@ CFLAGS_MOD += \
|
|||||||
|
|
||||||
OBJ_MOD += \
|
OBJ_MOD += \
|
||||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
||||||
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/blake2s.o \
|
||||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
||||||
|
|
||||||
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
||||||
|
@ -21,7 +21,8 @@ it will start in a firmware update mode, allowing a firmware update via USB.
|
|||||||
|
|
||||||
## Common notes
|
## Common notes
|
||||||
|
|
||||||
* Hash function used below is SHA-256 and signature system is Ed25519 (allows combining signatures by multiple keys into one).
|
* Hash function used for computing data digest for signatures is BLAKE2s.
|
||||||
|
* Signature system is Ed25519 (allows combining signatures by multiple keys into one).
|
||||||
* All multibyte integer values are little endian.
|
* All multibyte integer values are little endian.
|
||||||
* There is a tool called [firmwarectl](../tools/firmwarectl) which checks validity of the loader/firmware images including their headers.
|
* There is a tool called [firmwarectl](../tools/firmwarectl) which checks validity of the loader/firmware images including their headers.
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include "sha2.h"
|
#include "blake2s.h"
|
||||||
#include "ed25519-donna/ed25519.h"
|
#include "ed25519-donna/ed25519.h"
|
||||||
|
|
||||||
#include "crypto.h"
|
#include "crypto.h"
|
||||||
@ -87,17 +87,17 @@ bool check_signature(const uint8_t *start)
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t hash[SHA256_DIGEST_LENGTH];
|
uint8_t hash[BLAKE2S_DIGEST_LENGTH];
|
||||||
SHA256_CTX ctx;
|
BLAKE2S_CTX ctx;
|
||||||
sha256_Init(&ctx);
|
blake2s_Init(&ctx, BLAKE2S_DIGEST_LENGTH);
|
||||||
sha256_Update(&ctx, start, 256 - 65);
|
blake2s_Update(&ctx, start, 256 - 65);
|
||||||
for (int i = 0; i < 65; i++) {
|
for (int i = 0; i < 65; i++) {
|
||||||
sha256_Update(&ctx, (const uint8_t *)"\x00", 1);
|
blake2s_Update(&ctx, (const uint8_t *)"\x00", 1);
|
||||||
}
|
}
|
||||||
sha256_Update(&ctx, start + 256, codelen);
|
blake2s_Update(&ctx, start + 256, codelen);
|
||||||
sha256_Final(&ctx, hash);
|
blake2s_Final(&ctx, hash, BLAKE2S_DIGEST_LENGTH);
|
||||||
|
|
||||||
const uint8_t *pub = get_pubkey(sigidx);
|
const uint8_t *pub = get_pubkey(sigidx);
|
||||||
|
|
||||||
return pub && (0 == ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
|
return pub && (0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
|
||||||
}
|
}
|
||||||
|
@ -2,8 +2,8 @@
|
|||||||
import sys
|
import sys
|
||||||
import struct
|
import struct
|
||||||
import binascii
|
import binascii
|
||||||
import hashlib
|
|
||||||
import ed25519
|
import ed25519
|
||||||
|
import pyblake2
|
||||||
|
|
||||||
|
|
||||||
# loader/firmware headers specification: https://github.com/trezor/trezor-core/blob/master/docs/bootloader.md
|
# loader/firmware headers specification: https://github.com/trezor/trezor-core/blob/master/docs/bootloader.md
|
||||||
@ -27,7 +27,7 @@ def get_sig(data):
|
|||||||
print('Enter privkey: ', end='')
|
print('Enter privkey: ', end='')
|
||||||
seckey = binascii.unhexlify(input())
|
seckey = binascii.unhexlify(input())
|
||||||
signkey = ed25519.SigningKey(seckey)
|
signkey = ed25519.SigningKey(seckey)
|
||||||
digest = hashlib.sha256(data).digest()
|
digest = pyblake2.blake2s(data).digest()
|
||||||
sigidx = (1, )
|
sigidx = (1, )
|
||||||
sig = signkey.sign(digest)
|
sig = signkey.sign(digest)
|
||||||
return sigidx, sig
|
return sigidx, sig
|
||||||
|
Loading…
Reference in New Issue
Block a user