summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--utils/sbtools/elftosb.c46
1 files changed, 42 insertions, 4 deletions
diff --git a/utils/sbtools/elftosb.c b/utils/sbtools/elftosb.c
index 28717fddd9..de041f9207 100644
--- a/utils/sbtools/elftosb.c
+++ b/utils/sbtools/elftosb.c
@@ -843,6 +843,10 @@ static void produce_sb_file(struct sb_file_t *sb, const char *filename)
843 bugp("cannot open output file"); 843 bugp("cannot open output file");
844 844
845 byte real_key[16]; 845 byte real_key[16];
846 byte (*cbc_macs)[16] = xmalloc(16 * g_nr_keys);
847 /* init CBC-MACs */
848 for(int i = 0; i < g_nr_keys; i++)
849 memset(cbc_macs[i], 0, 16);
846 850
847 fill_gaps(sb); 851 fill_gaps(sb);
848 compute_sb_offsets(sb); 852 compute_sb_offsets(sb);
@@ -857,6 +861,10 @@ static void produce_sb_file(struct sb_file_t *sb, const char *filename)
857 produce_sb_header(sb, &sb_hdr); 861 produce_sb_header(sb, &sb_hdr);
858 sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr)); 862 sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr));
859 write(fd, &sb_hdr, sizeof(sb_hdr)); 863 write(fd, &sb_hdr, sizeof(sb_hdr));
864 /* update CBC-MACs */
865 for(int i = 0; i < g_nr_keys; i++)
866 cbc_mac((byte *)&sb_hdr, NULL, sizeof(sb_hdr) / BLOCK_SIZE, g_key_array[i],
867 cbc_macs[i], &cbc_macs[i], 1);
860 868
861 /* produce and write section headers */ 869 /* produce and write section headers */
862 for(int i = 0; i < sb_hdr.nr_sections; i++) 870 for(int i = 0; i < sb_hdr.nr_sections; i++)
@@ -865,32 +873,60 @@ static void produce_sb_file(struct sb_file_t *sb, const char *filename)
865 produce_sb_section_header(&sb->sections[i], &sb_sec_hdr); 873 produce_sb_section_header(&sb->sections[i], &sb_sec_hdr);
866 sha_1_update(&file_sha1, (byte *)&sb_sec_hdr, sizeof(sb_sec_hdr)); 874 sha_1_update(&file_sha1, (byte *)&sb_sec_hdr, sizeof(sb_sec_hdr));
867 write(fd, &sb_sec_hdr, sizeof(sb_sec_hdr)); 875 write(fd, &sb_sec_hdr, sizeof(sb_sec_hdr));
876 /* update CBC-MACs */
877 for(int j = 0; j < g_nr_keys; j++)
878 cbc_mac((byte *)&sb_sec_hdr, NULL, sizeof(sb_sec_hdr) / BLOCK_SIZE,
879 g_key_array[j], cbc_macs[j], &cbc_macs[j], 1);
868 } 880 }
869 /* produce key dictionary */ 881 /* produce key dictionary */
882 for(int i = 0; i < g_nr_keys; i++)
883 {
884 struct sb_key_dictionary_entry_t entry;
885 memcpy(entry.hdr_cbc_mac, cbc_macs[i], 16);
886 cbc_mac(real_key, entry.key, sizeof(real_key) / BLOCK_SIZE, g_key_array[i],
887 (byte *)&sb_hdr, NULL, 1);
888
889 write(fd, &entry, sizeof(entry));
890 sha_1_update(&file_sha1, (byte *)&entry, sizeof(entry));
891 }
870 /* produce sections data */ 892 /* produce sections data */
871 for(int i = 0; i< sb_hdr.nr_sections; i++) 893 for(int i = 0; i< sb_hdr.nr_sections; i++)
872 { 894 {
873 /* produce tag command */ 895 /* produce tag command */
874 struct sb_instruction_tag_t tag_cmd; 896 struct sb_instruction_tag_t tag_cmd;
875 produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections); 897 produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections);
898 if(g_nr_keys > 0)
899 cbc_mac((byte *)&tag_cmd, (byte *)&tag_cmd, sizeof(tag_cmd) / BLOCK_SIZE,
900 real_key, (byte *)&sb_hdr, NULL, 1);
876 sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd)); 901 sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd));
877 write(fd, &tag_cmd, sizeof(tag_cmd)); 902 write(fd, &tag_cmd, sizeof(tag_cmd));
878 /* produce other commands */ 903 /* produce other commands */
904 byte cur_cbc_mac[16];
905 memcpy(cur_cbc_mac, (byte *)&sb_hdr, 16);
879 for(int j = 0; j < sb->sections[i].nr_insts; j++) 906 for(int j = 0; j < sb->sections[i].nr_insts; j++)
880 { 907 {
881 struct sb_inst_t *inst = &sb->sections[i].insts[j]; 908 struct sb_inst_t *inst = &sb->sections[i].insts[j];
882 /* command */ 909 /* command */
883 struct sb_instruction_common_t cmd; 910 struct sb_instruction_common_t cmd;
884 produce_sb_instruction(inst, &cmd); 911 produce_sb_instruction(inst, &cmd);
912 if(g_nr_keys > 0)
913 cbc_mac((byte *)&cmd, (byte *)&cmd, sizeof(cmd) / BLOCK_SIZE,
914 real_key, cur_cbc_mac, &cur_cbc_mac, 1);
885 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd)); 915 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd));
886 write(fd, &cmd, sizeof(cmd)); 916 write(fd, &cmd, sizeof(cmd));
887 /* data */ 917 /* data */
888 if(inst->inst == SB_INST_LOAD) 918 if(inst->inst == SB_INST_LOAD)
889 { 919 {
890 sha_1_update(&file_sha1, inst->data, inst->size); 920 uint32_t sz = inst->size + inst->padding_size;
891 write(fd, inst->data, inst->size); 921 byte *data = xmalloc(sz);
892 sha_1_update(&file_sha1, inst->padding, inst->padding_size); 922 memcpy(data, inst->data, inst->size);
893 write(fd, inst->padding, inst->padding_size); 923 memcpy(data + inst->size, inst->padding, inst->padding_size);
924 if(g_nr_keys > 0)
925 cbc_mac(data, data, sz / BLOCK_SIZE,
926 real_key, cur_cbc_mac, &cur_cbc_mac, 1);
927 sha_1_update(&file_sha1, data, sz);
928 write(fd, data, sz);
929 free(data);
894 } 930 }
895 } 931 }
896 } 932 }
@@ -899,6 +935,8 @@ static void produce_sb_file(struct sb_file_t *sb, const char *filename)
899 sha_1_finish(&file_sha1); 935 sha_1_finish(&file_sha1);
900 sha_1_output(&file_sha1, final_sig); 936 sha_1_output(&file_sha1, final_sig);
901 generate_random_data(final_sig + 20, 12); 937 generate_random_data(final_sig + 20, 12);
938 if(g_nr_keys > 0)
939 cbc_mac(final_sig, final_sig, 2, real_key, (byte *)&sb_hdr, NULL, 1);
902 write(fd, final_sig, 32); 940 write(fd, final_sig, 32);
903 941
904 close(fd); 942 close(fd);
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 03:45:44 +0000