mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-26 01:18:28 +00:00
bootloader/loader: use blake2s instead of sha256 for digests
This commit is contained in:
parent
4c206be585
commit
e313234fe3
@ -83,6 +83,7 @@ CFLAGS_MOD += \
|
||||
|
||||
OBJ_MOD += \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/blake2s.o \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
||||
|
||||
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
||||
|
@ -81,6 +81,7 @@ CFLAGS_MOD += \
|
||||
|
||||
OBJ_MOD += \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/ed25519-donna/ed25519.o \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/blake2s.o \
|
||||
$(BUILD_FW)/extmod/modtrezorcrypto/trezor-crypto/sha2.o \
|
||||
|
||||
OBJ = $(OBJ_MOD) $(OBJ_MP) $(OBJ_FW)
|
||||
|
@ -21,7 +21,8 @@ it will start in a firmware update mode, allowing a firmware update via USB.
|
||||
|
||||
## Common notes
|
||||
|
||||
* Hash function used below is SHA-256 and signature system is Ed25519 (allows combining signatures by multiple keys into one).
|
||||
* Hash function used for computing data digest for signatures is BLAKE2s.
|
||||
* Signature system is Ed25519 (allows combining signatures by multiple keys into one).
|
||||
* All multibyte integer values are little endian.
|
||||
* There is a tool called [firmwarectl](../tools/firmwarectl) which checks validity of the loader/firmware images including their headers.
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
#include <string.h>
|
||||
|
||||
#include "sha2.h"
|
||||
#include "blake2s.h"
|
||||
#include "ed25519-donna/ed25519.h"
|
||||
|
||||
#include "crypto.h"
|
||||
@ -87,17 +87,17 @@ bool check_signature(const uint8_t *start)
|
||||
return false;
|
||||
}
|
||||
|
||||
uint8_t hash[SHA256_DIGEST_LENGTH];
|
||||
SHA256_CTX ctx;
|
||||
sha256_Init(&ctx);
|
||||
sha256_Update(&ctx, start, 256 - 65);
|
||||
uint8_t hash[BLAKE2S_DIGEST_LENGTH];
|
||||
BLAKE2S_CTX ctx;
|
||||
blake2s_Init(&ctx, BLAKE2S_DIGEST_LENGTH);
|
||||
blake2s_Update(&ctx, start, 256 - 65);
|
||||
for (int i = 0; i < 65; i++) {
|
||||
sha256_Update(&ctx, (const uint8_t *)"\x00", 1);
|
||||
blake2s_Update(&ctx, (const uint8_t *)"\x00", 1);
|
||||
}
|
||||
sha256_Update(&ctx, start + 256, codelen);
|
||||
sha256_Final(&ctx, hash);
|
||||
blake2s_Update(&ctx, start + 256, codelen);
|
||||
blake2s_Final(&ctx, hash, BLAKE2S_DIGEST_LENGTH);
|
||||
|
||||
const uint8_t *pub = get_pubkey(sigidx);
|
||||
|
||||
return pub && (0 == ed25519_sign_open(hash, SHA256_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
|
||||
return pub && (0 == ed25519_sign_open(hash, BLAKE2S_DIGEST_LENGTH, *(const ed25519_public_key *)pub, *(const ed25519_signature *)sig));
|
||||
}
|
||||
|
@ -2,8 +2,8 @@
|
||||
import sys
|
||||
import struct
|
||||
import binascii
|
||||
import hashlib
|
||||
import ed25519
|
||||
import pyblake2
|
||||
|
||||
|
||||
# loader/firmware headers specification: https://github.com/trezor/trezor-core/blob/master/docs/bootloader.md
|
||||
@ -27,7 +27,7 @@ def get_sig(data):
|
||||
print('Enter privkey: ', end='')
|
||||
seckey = binascii.unhexlify(input())
|
||||
signkey = ed25519.SigningKey(seckey)
|
||||
digest = hashlib.sha256(data).digest()
|
||||
digest = pyblake2.blake2s(data).digest()
|
||||
sigidx = (1, )
|
||||
sig = signkey.sign(digest)
|
||||
return sigidx, sig
|
||||
|
Loading…
Reference in New Issue
Block a user