summaryrefslogtreecommitdiff
path: root/utils/imxtools/sbtools/sb.c
diff options
context:
space:
mode:
Diffstat (limited to 'utils/imxtools/sbtools/sb.c')
-rw-r--r--utils/imxtools/sbtools/sb.c148
1 files changed, 84 insertions, 64 deletions
diff --git a/utils/imxtools/sbtools/sb.c b/utils/imxtools/sbtools/sb.c
index 145df39762..ff8e0da3ee 100644
--- a/utils/imxtools/sbtools/sb.c
+++ b/utils/imxtools/sbtools/sb.c
@@ -322,6 +322,12 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
322 byte *buf = xmalloc(sb_hdr.image_size * BLOCK_SIZE); 322 byte *buf = xmalloc(sb_hdr.image_size * BLOCK_SIZE);
323 byte *buf_p = buf; 323 byte *buf_p = buf;
324 #define write(p, sz) do { memcpy(buf_p, p, sz); buf_p += sz; } while(0) 324 #define write(p, sz) do { memcpy(buf_p, p, sz); buf_p += sz; } while(0)
325 #define check_crypto(expr) \
326 do { int err = expr; \
327 if(err != CRYPTO_ERROR_SUCCESS) { \
328 free(cbc_macs); \
329 cprintf(u, true, GREY, "Crypto error: %d\n", err); \
330 return SB_CRYPTO_ERROR; } } while(0)
325 331
326 sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr)); 332 sha_1_update(&file_sha1, (byte *)&sb_hdr, sizeof(sb_hdr));
327 write(&sb_hdr, sizeof(sb_hdr)); 333 write(&sb_hdr, sizeof(sb_hdr));
@@ -330,8 +336,11 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
330 336
331 /* update CBC-MACs */ 337 /* update CBC-MACs */
332 for(int i = 0; i < g_nr_keys; i++) 338 for(int i = 0; i < g_nr_keys; i++)
333 crypto_cbc((byte *)&sb_hdr, NULL, sizeof(sb_hdr) / BLOCK_SIZE, &g_key_array[i], 339 {
334 cbc_macs[i], &cbc_macs[i], 1); 340 check_crypto(crypto_setup(&g_key_array[i]));
341 check_crypto(crypto_apply((byte *)&sb_hdr, NULL, sizeof(sb_hdr) / BLOCK_SIZE,
342 cbc_macs[i], &cbc_macs[i], true));
343 }
335 344
336 /* produce and write section headers */ 345 /* produce and write section headers */
337 for(int i = 0; i < sb_hdr.nr_sections; i++) 346 for(int i = 0; i < sb_hdr.nr_sections; i++)
@@ -342,23 +351,23 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
342 write(&sb_sec_hdr, sizeof(sb_sec_hdr)); 351 write(&sb_sec_hdr, sizeof(sb_sec_hdr));
343 /* update CBC-MACs */ 352 /* update CBC-MACs */
344 for(int j = 0; j < g_nr_keys; j++) 353 for(int j = 0; j < g_nr_keys; j++)
345 crypto_cbc((byte *)&sb_sec_hdr, NULL, sizeof(sb_sec_hdr) / BLOCK_SIZE, 354 {
346 &g_key_array[j], cbc_macs[j], &cbc_macs[j], 1); 355 check_crypto(crypto_setup(&g_key_array[j]));
356 check_crypto(crypto_apply((byte *)&sb_sec_hdr, NULL,
357 sizeof(sb_sec_hdr) / BLOCK_SIZE, cbc_macs[j], &cbc_macs[j], true));
358 }
347 } 359 }
348 /* produce key dictionary */ 360 /* produce key dictionary */
349 for(int i = 0; i < g_nr_keys; i++) 361 for(int i = 0; i < g_nr_keys; i++)
350 { 362 {
351 struct sb_key_dictionary_entry_t entry; 363 struct sb_key_dictionary_entry_t entry;
352 memcpy(entry.hdr_cbc_mac, cbc_macs[i], 16); 364 memcpy(entry.hdr_cbc_mac, cbc_macs[i], 16);
353 crypto_cbc(real_key.u.key, entry.key, 1, &g_key_array[i], 365 check_crypto(crypto_setup(&g_key_array[i]));
354 crypto_iv, NULL, 1); 366 check_crypto(crypto_apply(real_key.u.key, entry.key, 1, crypto_iv, NULL, true));
355
356 write(&entry, sizeof(entry)); 367 write(&entry, sizeof(entry));
357 sha_1_update(&file_sha1, (byte *)&entry, sizeof(entry)); 368 sha_1_update(&file_sha1, (byte *)&entry, sizeof(entry));
358 } 369 }
359 370
360 free(cbc_macs);
361
362 /* HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK */ 371 /* HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK HACK */
363 /* Image crafting, don't use it unless you understand what you do */ 372 /* Image crafting, don't use it unless you understand what you do */
364 if(sb->override_real_key) 373 if(sb->override_real_key)
@@ -388,6 +397,8 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
388 write(data, init_gap); 397 write(data, init_gap);
389 free(data); 398 free(data);
390 } 399 }
400 /* setup real key */
401 check_crypto(crypto_setup(&real_key));
391 /* produce sections data */ 402 /* produce sections data */
392 for(int i = 0; i< sb_hdr.nr_sections; i++) 403 for(int i = 0; i< sb_hdr.nr_sections; i++)
393 { 404 {
@@ -395,8 +406,10 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
395 struct sb_instruction_tag_t tag_cmd; 406 struct sb_instruction_tag_t tag_cmd;
396 produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections); 407 produce_section_tag_cmd(&sb->sections[i], &tag_cmd, (i + 1) == sb_hdr.nr_sections);
397 if(g_nr_keys > 0) 408 if(g_nr_keys > 0)
398 crypto_cbc((byte *)&tag_cmd, (byte *)&tag_cmd, sizeof(tag_cmd) / BLOCK_SIZE, 409 {
399 &real_key, crypto_iv, NULL, 1); 410 check_crypto(crypto_apply((byte *)&tag_cmd, (byte *)&tag_cmd,
411 sizeof(tag_cmd) / BLOCK_SIZE, crypto_iv, NULL, true));
412 }
400 sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd)); 413 sha_1_update(&file_sha1, (byte *)&tag_cmd, sizeof(tag_cmd));
401 write(&tag_cmd, sizeof(tag_cmd)); 414 write(&tag_cmd, sizeof(tag_cmd));
402 /* produce other commands */ 415 /* produce other commands */
@@ -411,8 +424,10 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
411 struct sb_instruction_common_t cmd; 424 struct sb_instruction_common_t cmd;
412 produce_sb_instruction(inst, &cmd, u, cprintf); 425 produce_sb_instruction(inst, &cmd, u, cprintf);
413 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext) 426 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
414 crypto_cbc((byte *)&cmd, (byte *)&cmd, sizeof(cmd) / BLOCK_SIZE, 427 {
415 &real_key, cur_cbc_mac, &cur_cbc_mac, 1); 428 check_crypto(crypto_apply((byte *)&cmd, (byte *)&cmd,
429 sizeof(cmd) / BLOCK_SIZE, cur_cbc_mac, &cur_cbc_mac, true));
430 }
416 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd)); 431 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd));
417 write(&cmd, sizeof(cmd)); 432 write(&cmd, sizeof(cmd));
418 } 433 }
@@ -424,8 +439,10 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
424 memcpy(data, inst->data, inst->size); 439 memcpy(data, inst->data, inst->size);
425 memcpy(data + inst->size, inst->padding, inst->padding_size); 440 memcpy(data + inst->size, inst->padding, inst->padding_size);
426 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext) 441 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
427 crypto_cbc(data, data, sz / BLOCK_SIZE, 442 {
428 &real_key, cur_cbc_mac, &cur_cbc_mac, 1); 443 check_crypto(crypto_apply(data, data, sz / BLOCK_SIZE,
444 cur_cbc_mac, &cur_cbc_mac, true));
445 }
429 sha_1_update(&file_sha1, data, sz); 446 sha_1_update(&file_sha1, data, sz);
430 write(data, sz); 447 write(data, sz);
431 free(data); 448 free(data);
@@ -450,8 +467,10 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
450 cmd.hdr.opcode = SB_INST_NOP; 467 cmd.hdr.opcode = SB_INST_NOP;
451 cmd.hdr.checksum = instruction_checksum(&cmd.hdr); 468 cmd.hdr.checksum = instruction_checksum(&cmd.hdr);
452 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext) 469 if(g_nr_keys > 0 && !sb->sections[i].is_cleartext)
453 crypto_cbc((byte *)&cmd, (byte *)&cmd, sizeof(cmd) / BLOCK_SIZE, 470 {
454 &real_key, cur_cbc_mac, &cur_cbc_mac, 1); 471 check_crypto(crypto_apply((byte *)&cmd, (byte *)&cmd,
472 sizeof(cmd) / BLOCK_SIZE, cur_cbc_mac, &cur_cbc_mac, true));
473 }
455 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd)); 474 sha_1_update(&file_sha1, (byte *)&cmd, sizeof(cmd));
456 write(&cmd, sizeof(cmd)); 475 write(&cmd, sizeof(cmd));
457 } 476 }
@@ -463,28 +482,34 @@ enum sb_error_t sb_write_file(struct sb_file_t *sb, const char *filename, void *
463 sha_1_output(&file_sha1, final_sig); 482 sha_1_output(&file_sha1, final_sig);
464 generate_random_data(final_sig + 20, 12); 483 generate_random_data(final_sig + 20, 12);
465 if(g_nr_keys > 0) 484 if(g_nr_keys > 0)
466 crypto_cbc(final_sig, final_sig, 2, &real_key, crypto_iv, NULL, 1); 485 check_crypto(crypto_apply(final_sig, final_sig, 2, crypto_iv, NULL, true));
467 write(final_sig, 32); 486 write(final_sig, 32);
487
488 free(cbc_macs);
489
468 if(buf_p - buf != sb_hdr.image_size * BLOCK_SIZE) 490 if(buf_p - buf != sb_hdr.image_size * BLOCK_SIZE)
469 { 491 {
470 printf(GREY, "[ERROR][INTERNAL] SB image buffer was not entirely filled !\n"); 492 free(buf);
471 printf(GREY, "[ERROR][INTERNAL] expected %u blocks, got %u\n", 493 printf(GREY, "Internal error: SB image buffer was not entirely filled !\n");
494 printf(GREY, "Internal error: expected %u blocks, got %u\n",
472 (buf_p - buf) / BLOCK_SIZE, sb_hdr.image_size); 495 (buf_p - buf) / BLOCK_SIZE, sb_hdr.image_size);
496 cprintf(u, true, GREY, "Internal error\n");
473 return SB_ERROR; 497 return SB_ERROR;
474 } 498 }
475 499
476 FILE *fd = fopen(filename, "wb"); 500 FILE *fd = fopen(filename, "wb");
477 if(fd == NULL) 501 if(fd == NULL)
478 return SB_OPEN_ERROR; 502 return SB_OPEN_ERROR;
479 if(fwrite(buf, sb_hdr.image_size * BLOCK_SIZE, 1, fd) != 1) 503 int cnt = fwrite(buf, sb_hdr.image_size * BLOCK_SIZE, 1, fd);
480 { 504 if(cnt != 1)
481 free(buf); 505 printf(GREY, "Write error: %m\n");
482 return SB_WRITE_ERROR;
483 }
484 fclose(fd);
485 free(buf); 506 free(buf);
507 fclose(fd);
508 if(cnt != 1)
509 return SB_WRITE_ERROR;
486 510
487 return SB_SUCCESS; 511 return SB_SUCCESS;
512 #undef check_crypto
488 #undef printf 513 #undef printf
489} 514}
490 515
@@ -712,22 +737,28 @@ static void sb_printer(void *user, const char *fmt, ...)
712} 737}
713 738
714struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, void *u, 739struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, void *u,
715 generic_printf_t cprintf, enum sb_error_t *err) 740 generic_printf_t cprintf, enum sb_error_t *out_err)
716{ 741{
717 struct sb_file_t *sb_file = NULL; 742 struct sb_file_t *sb_file = NULL;
718 uint8_t *buf = _buf; 743 uint8_t *buf = _buf;
719 744
720 #define printf(c, ...) cprintf(u, false, c, __VA_ARGS__) 745 #define printf(c, ...) cprintf(u, false, c, __VA_ARGS__)
721 #define fatal(e, ...) \ 746 #define fatal(e, ...) \
722 do { if(err) *err = e; \ 747 do { if(out_err) *out_err = e; \
723 cprintf(u, true, GREY, __VA_ARGS__); \ 748 cprintf(u, true, GREY, __VA_ARGS__); \
749 free(cbcmacs); \
724 sb_free(sb_file); \ 750 sb_free(sb_file); \
725 return NULL; } while(0) 751 return NULL; } while(0)
726 struct printer_t printer = {.user = u, .cprintf = cprintf, .color = OFF, .error = false }; 752 struct printer_t printer = {.user = u, .cprintf = cprintf, .color = OFF, .error = false };
727 #define print_hex(c, p, len, nl) \ 753 #define print_hex(c, p, len, nl) \
728 do { printer.color = c; print_hex(&printer, sb_printer, p, len, nl); } while(0) 754 do { printer.color = c; print_hex(&printer, sb_printer, p, len, nl); } while(0)
755 #define check_crypto(expr) \
756 do { int err = expr; \
757 if(err != CRYPTO_ERROR_SUCCESS) \
758 fatal(SB_CRYPTO_ERROR, "Crypto error: %d\n", err); } while(0)
729 759
730 struct sha_1_params_t sha_1_params; 760 struct sha_1_params_t sha_1_params;
761 byte (*cbcmacs)[16] = xmalloc(16 * g_nr_keys);
731 sb_file = xmalloc(sizeof(struct sb_file_t)); 762 sb_file = xmalloc(sizeof(struct sb_file_t));
732 memset(sb_file, 0, sizeof(struct sb_file_t)); 763 memset(sb_file, 0, sizeof(struct sb_file_t));
733 struct sb_header_t *sb_header = (struct sb_header_t *)buf; 764 struct sb_header_t *sb_header = (struct sb_header_t *)buf;
@@ -826,12 +857,12 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
826 printf(YELLOW, "0x%08x\n", sb_header->first_boot_sec_id); 857 printf(YELLOW, "0x%08x\n", sb_header->first_boot_sec_id);
827 858
828 /* encryption cbc-mac */ 859 /* encryption cbc-mac */
829 byte real_key[16]; 860 struct crypto_key_t real_key;
861 real_key.method = CRYPTO_KEY;
830 bool valid_key = false; /* false until a matching key was found */ 862 bool valid_key = false; /* false until a matching key was found */
831 863
832 if(sb_header->nr_keys > 0) 864 if(sb_header->nr_keys > 0)
833 { 865 {
834 byte (*cbcmacs)[16] = xmalloc(16 * g_nr_keys);
835 printf(BLUE, "Encryption keys\n"); 866 printf(BLUE, "Encryption keys\n");
836 for(int i = 0; i < g_nr_keys; i++) 867 for(int i = 0; i < g_nr_keys; i++)
837 { 868 {
@@ -843,13 +874,9 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
843 /* check it */ 874 /* check it */
844 byte zero[16]; 875 byte zero[16];
845 memset(zero, 0, 16); 876 memset(zero, 0, 16);
846 int ret = crypto_cbc(buf, NULL, sb_header->header_size + sb_header->nr_sections, 877 check_crypto(crypto_setup(&g_key_array[i]));
847 &g_key_array[i], zero, &cbcmacs[i], 1); 878 check_crypto(crypto_apply(buf, NULL, sb_header->header_size +
848 if(ret != CRYPTO_ERROR_SUCCESS) 879 sb_header->nr_sections, zero, &cbcmacs[i], true));
849 {
850 free(cbcmacs);
851 fatal(SB_FIRST_CRYPTO_ERROR + ret, "Crypto error: %d", ret);
852 }
853 print_hex(YELLOW, cbcmacs[i], 16, true); 880 print_hex(YELLOW, cbcmacs[i], 16, true);
854 } 881 }
855 882
@@ -878,24 +905,20 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
878 byte decrypted_key[16]; 905 byte decrypted_key[16];
879 byte iv[16]; 906 byte iv[16];
880 memcpy(iv, buf, 16); /* uses the first 16-bytes of SHA-1 sig as IV */ 907 memcpy(iv, buf, 16); /* uses the first 16-bytes of SHA-1 sig as IV */
881 int ret = crypto_cbc(dict_entry->key, decrypted_key, 1, &g_key_array[idx], iv, NULL, 0); 908 check_crypto(crypto_setup(&g_key_array[idx]));
882 if(ret != CRYPTO_ERROR_SUCCESS) 909 check_crypto(crypto_apply(dict_entry->key, decrypted_key, 1, iv, NULL, false));
883 {
884 free(cbcmacs);
885 fatal(SB_FIRST_CRYPTO_ERROR + ret, "Crypto error: %d\n", ret);
886 }
887 printf(GREEN, " Decrypted key: "); 910 printf(GREEN, " Decrypted key: ");
888 print_hex(YELLOW, decrypted_key, 16, false); 911 print_hex(YELLOW, decrypted_key, 16, false);
889 if(valid_key) 912 if(valid_key)
890 { 913 {
891 if(memcmp(real_key, decrypted_key, 16) == 0) 914 if(memcmp(real_key.u.key, decrypted_key, 16) == 0)
892 printf(RED, " Cross-Check Ok"); 915 printf(RED, " Cross-Check Ok");
893 else 916 else
894 printf(RED, " Cross-Check Failed"); 917 printf(RED, " Cross-Check Failed");
895 } 918 }
896 else 919 else
897 { 920 {
898 memcpy(real_key, decrypted_key, 16); 921 memcpy(real_key.u.key, decrypted_key, 16);
899 valid_key = true; 922 valid_key = true;
900 } 923 }
901 printf(OFF, "\n"); 924 printf(OFF, "\n");
@@ -904,8 +927,6 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
904 printf(RED, " Don't Match\n"); 927 printf(RED, " Don't Match\n");
905 } 928 }
906 929
907 free(cbcmacs);
908
909 if(!valid_key) 930 if(!valid_key)
910 { 931 {
911 if(g_force) 932 if(g_force)
@@ -916,11 +937,9 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
916 937
917 if(getenv("SB_REAL_KEY") != 0) 938 if(getenv("SB_REAL_KEY") != 0)
918 { 939 {
919 struct crypto_key_t k;
920 char *env = getenv("SB_REAL_KEY"); 940 char *env = getenv("SB_REAL_KEY");
921 if(!parse_key(&env, &k) || *env) 941 if(!parse_key(&env, &real_key) || *env)
922 fatal(SB_ERROR, "Invalid SB_REAL_KEY\n"); 942 fatal(SB_ERROR, "Invalid SB_REAL_KEY\n");
923 memcpy(real_key, k.u.key, 16);
924 /* assume the key is valid */ 943 /* assume the key is valid */
925 if(valid_key) 944 if(valid_key)
926 printf(GREY, " Overriding real key\n"); 945 printf(GREY, " Overriding real key\n");
@@ -931,16 +950,17 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
931 950
932 printf(RED, " Summary:\n"); 951 printf(RED, " Summary:\n");
933 printf(GREEN, " Real key: "); 952 printf(GREEN, " Real key: ");
934 print_hex(YELLOW, real_key, 16, true); 953 print_hex(YELLOW, real_key.u.key, 16, true);
935 printf(GREEN, " IV : "); 954 printf(GREEN, " IV : ");
936 print_hex(YELLOW, buf, 16, true); 955 print_hex(YELLOW, buf, 16, true);
937 956
938 memcpy(sb_file->real_key, real_key, 16); 957 memcpy(sb_file->real_key, real_key.u.key, 16);
939 memcpy(sb_file->crypto_iv, buf, 16); 958 memcpy(sb_file->crypto_iv, buf, 16);
959 /* setup real key if needed */
960 check_crypto(crypto_setup(&real_key));
940 } 961 }
941 else 962 else
942 valid_key = true; 963 valid_key = true;
943
944 /* sections */ 964 /* sections */
945 if(!(flags & SB_RAW_MODE)) 965 if(!(flags & SB_RAW_MODE))
946 { 966 {
@@ -986,12 +1006,13 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
986 /* save it */ 1006 /* save it */
987 byte *sec = xmalloc(size); 1007 byte *sec = xmalloc(size);
988 if(encrypted) 1008 if(encrypted)
989 cbc_mac(buf + pos, sec, size / BLOCK_SIZE, real_key, buf, NULL, 0); 1009 check_crypto(crypto_apply(buf + pos, sec, size / BLOCK_SIZE, buf, NULL, false));
990 else 1010 else
991 memcpy(sec, buf + pos, size); 1011 memcpy(sec, buf + pos, size);
992 1012
993 struct sb_section_t *s = read_section(data_sec, sec_hdr->identifier, 1013 struct sb_section_t *s = read_section(data_sec, sec_hdr->identifier,
994 sec, size, " ", u, cprintf, err); 1014 sec, size, " ", u, cprintf, out_err);
1015 free(sec);
995 if(s) 1016 if(s)
996 { 1017 {
997 s->other_flags = sec_hdr->flags & ~SECTION_STD_MASK; 1018 s->other_flags = sec_hdr->flags & ~SECTION_STD_MASK;
@@ -1001,9 +1022,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1001 free(s); 1022 free(s);
1002 } 1023 }
1003 else 1024 else
1004 fatal(*err, "Error reading section\n"); 1025 fatal(*out_err, "Error reading section\n");
1005
1006 free(sec);
1007 } 1026 }
1008 } 1027 }
1009 else if(valid_key) 1028 else if(valid_key)
@@ -1019,7 +1038,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1019 memcpy(iv, buf, 16); 1038 memcpy(iv, buf, 16);
1020 byte cmd[BLOCK_SIZE]; 1039 byte cmd[BLOCK_SIZE];
1021 if(sb_header->nr_keys > 0) 1040 if(sb_header->nr_keys > 0)
1022 cbc_mac(buf + offset, cmd, 1, real_key, iv, &iv, 0); 1041 check_crypto(crypto_apply(buf + offset, cmd, 1, iv, &iv, false));
1023 else 1042 else
1024 memcpy(cmd, buf + offset, BLOCK_SIZE); 1043 memcpy(cmd, buf + offset, BLOCK_SIZE);
1025 struct sb_instruction_header_t *hdr = (struct sb_instruction_header_t *)cmd; 1044 struct sb_instruction_header_t *hdr = (struct sb_instruction_header_t *)cmd;
@@ -1077,12 +1096,13 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1077 /* save it */ 1096 /* save it */
1078 byte *sec = xmalloc(size); 1097 byte *sec = xmalloc(size);
1079 if(encrypted) 1098 if(encrypted)
1080 cbc_mac(buf + pos, sec, size / BLOCK_SIZE, real_key, buf, NULL, 0); 1099 check_crypto(crypto_apply(buf + pos, sec, size / BLOCK_SIZE, buf, NULL, false));
1081 else 1100 else
1082 memcpy(sec, buf + pos, size); 1101 memcpy(sec, buf + pos, size);
1083 1102
1084 struct sb_section_t *s = read_section(data_sec, tag->identifier, 1103 struct sb_section_t *s = read_section(data_sec, tag->identifier,
1085 sec, size, " ", u, cprintf, err); 1104 sec, size, " ", u, cprintf, out_err);
1105 free(sec);
1086 if(s) 1106 if(s)
1087 { 1107 {
1088 s->other_flags = tag->flags & ~SECTION_STD_MASK; 1108 s->other_flags = tag->flags & ~SECTION_STD_MASK;
@@ -1094,8 +1114,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1094 free(s); 1114 free(s);
1095 } 1115 }
1096 else 1116 else
1097 fatal(*err, "Error reading section\n"); 1117 fatal(*out_err, "Error reading section\n");
1098 free(sec);
1099 1118
1100 /* last one ? */ 1119 /* last one ? */
1101 if(tag->hdr.flags & SB_INST_LAST_TAG) 1120 if(tag->hdr.flags & SB_INST_LAST_TAG)
@@ -1126,7 +1145,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1126 printf(OFF, " "); 1145 printf(OFF, " ");
1127 print_hex(YELLOW, encrypted_block + 16, 16, true); 1146 print_hex(YELLOW, encrypted_block + 16, 16, true);
1128 /* decrypt it */ 1147 /* decrypt it */
1129 cbc_mac(encrypted_block, decrypted_block, 2, real_key, buf, NULL, 0); 1148 check_crypto(crypto_apply(encrypted_block, decrypted_block, 2, buf, NULL, false));
1130 } 1149 }
1131 else 1150 else
1132 memcpy(decrypted_block, &buf[filesize - 32], 32); 1151 memcpy(decrypted_block, &buf[filesize - 32], 32);
@@ -1153,6 +1172,7 @@ struct sb_file_t *sb_read_memory(void *_buf, size_t filesize, unsigned flags, vo
1153 fatal(SB_CHECKSUM_ERROR, "File SHA-1 error\n"); 1172 fatal(SB_CHECKSUM_ERROR, "File SHA-1 error\n");
1154 } 1173 }
1155 1174
1175 free(cbcmacs);
1156 return sb_file; 1176 return sb_file;
1157 #undef printf 1177 #undef printf
1158 #undef fatal 1178 #undef fatal
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-17 21:48:11 +0000