Ejemplo n.º 1
0
static int decode_header_info(struct header *hdr, RSA *pkey, int *img_len)
{
	struct little_header lhdr;

	/* Decode header information */
	if (fb_seek_end(sizeof(lhdr)) != 0) {
		error("image not cryptographically enabled");
		exit(NO_CRYPT);
	}
	fb_read(&lhdr, sizeof(lhdr));
	if (lhdr.magic != htons(LITTLE_CRYPTO_MAGIC)) {
#ifdef CONFIG_USER_NETFLASH_CRYPTO_OPTIONAL
		notice("WARNING: no crypto header found\n");
		return 0;
#else
		error("size magic incorrect");
		exit(BAD_CRYPT_MAGIC);
#endif
	}
	{
		unsigned short hlen = ntohs(lhdr.hlen);
		unsigned char tmp[hlen];
		unsigned char t2[hlen];
		int len;

		if (fb_seek_end(sizeof(lhdr) + hlen) != 0) {
			error("crypt header length invalid");
			exit(BAD_CRYPT_LEN);
		}
		fb_read(tmp, hlen);
#ifdef CONFIG_USER_NETFLASH_CRYPTO_V2
		fb_meta_add(sizeof(lhdr) + hlen);
		*img_len = fb_len() - fb_meta_len();
#else
		fb_trim(sizeof(lhdr) + hlen);
		*img_len = fb_len();
#endif
		len = RSA_public_decrypt(hlen, tmp, t2,
				pkey, RSA_PKCS1_PADDING);
		if (len == -1) {
			error("decrypt failed");
			exit(BAD_DECRYPT);
		}
		if (len != sizeof(struct header)) {
			error("length mismatch %d %d\n", (int)sizeof(struct header), len);
		}
		memcpy(hdr, t2, sizeof(struct header));
	}
	if (hdr->magic != htonl(CRYPTO_MAGIC)) {
		error("image not cryptographically enabled");
		exit(NO_CRYPT);
	}
	return 1;
}
Ejemplo n.º 2
0
/*
 * The last few bytes of the image look like the following:
 *
 *  \0version\0vendore_name\0product_namechksum
 *	the chksum is 16bits wide, and the version is no more than 20bytes.
 *
 * version is w.x.y[nz], where n is ubpi, and w, x, y and z are 1 or 2 digit
 * numbers.
 *
 * vendorName and productName may be a comma separated list of names
 * which are acceptable
 */
int check_vendor(void)
{
	int versionInfo;

	/*
	 * Point to what should be the last byte in the product name string.
	 */
	if (fb_seek_end(1) != 0)
		return 5;

	/*
	 * Now try to get the vendor/product/version strings, from the end
	 * of the image
	 */
	if (get_string(imageProductName, MAX_PRODUCT_SIZE) != 0)
		return 5;

	if (get_string(imageVendorName, MAX_VENDOR_SIZE) != 0)
		return 5;

	if (get_string(imageVersion, MAX_VERSION_SIZE) != 0)
		return 5;

	/* Looks like there was versioning information there, strip it off
	 * now so that we don't write it to flash, or try to decompress it, etc */
	fb_trim(strlen(imageProductName) + strlen(imageVendorName) + strlen(imageVersion) + 3);

	/*
	 * Check the product name. Our product name may be a comma separated list of names.
	 */
	if (!check_match(imageProductName, our_product_name)) {
		return 1;
	}

	/*
	 * Check the vendor name. Our vendor name may be a comma separated list of names.
	 */
	if (!check_match(imageVendorName, our_vendor_name)) {
		return 2;
	}

	/*
	 * Check the version number.
	 */
	versionInfo = check_version_info(our_image_version, imageVersion);

	return versionInfo;
}