diff options
-rw-r--r-- | utils/sbtools/sbtoelf.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/utils/sbtools/sbtoelf.c b/utils/sbtools/sbtoelf.c index 4878c73faf..44f6e074da 100644 --- a/utils/sbtools/sbtoelf.c +++ b/utils/sbtools/sbtoelf.c | |||
@@ -484,6 +484,7 @@ static void extract(unsigned long filesize) | |||
484 | /* encryption cbc-mac */ | 484 | /* encryption cbc-mac */ |
485 | key_array_t keys = NULL; /* array of 16-bytes keys */ | 485 | key_array_t keys = NULL; /* array of 16-bytes keys */ |
486 | byte real_key[16]; | 486 | byte real_key[16]; |
487 | bool valid_key = false; /* false until a matching key was found */ | ||
487 | if(sb_header->nr_keys > 0) | 488 | if(sb_header->nr_keys > 0) |
488 | { | 489 | { |
489 | keys = read_keys(sb_header->nr_keys); | 490 | keys = read_keys(sb_header->nr_keys); |
@@ -512,8 +513,12 @@ static void extract(unsigned long filesize) | |||
512 | cbc_mac(g_buf, NULL, sb_header->header_size + sb_header->nr_sections, | 513 | cbc_mac(g_buf, NULL, sb_header->header_size + sb_header->nr_sections, |
513 | keys[i], zero, &computed_cbc_mac, 1); | 514 | keys[i], zero, &computed_cbc_mac, 1); |
514 | color(RED); | 515 | color(RED); |
515 | if(memcmp(dict_entry->hdr_cbc_mac, computed_cbc_mac, 16) == 0) | 516 | bool ok = memcmp(dict_entry->hdr_cbc_mac, computed_cbc_mac, 16) == 0; |
517 | if(ok) | ||
518 | { | ||
519 | valid_key = true; | ||
516 | printf(" Ok\n"); | 520 | printf(" Ok\n"); |
521 | } | ||
517 | else | 522 | else |
518 | printf(" Failed\n"); | 523 | printf(" Failed\n"); |
519 | color(GREEN); | 524 | color(GREEN); |
@@ -531,9 +536,9 @@ static void extract(unsigned long filesize) | |||
531 | color(YELLOW); | 536 | color(YELLOW); |
532 | print_hex(decrypted_key, 16, false); | 537 | print_hex(decrypted_key, 16, false); |
533 | /* cross-check or copy */ | 538 | /* cross-check or copy */ |
534 | if(i == 0) | 539 | if(valid_key && ok) |
535 | memcpy(real_key, decrypted_key, 16); | 540 | memcpy(real_key, decrypted_key, 16); |
536 | else if(memcmp(real_key, decrypted_key, 16) == 0) | 541 | else if(valid_key && memcmp(real_key, decrypted_key, 16) == 0) |
537 | { | 542 | { |
538 | color(RED); | 543 | color(RED); |
539 | printf(" Cross-Check Ok"); | 544 | printf(" Cross-Check Ok"); |