Пример #1
0
int cust_sign (unsigned char* d_buf,  unsigned int d_len, unsigned char* s_buf, unsigned int s_len)
{
    //RSA1024
	if(s_len == RSA1024_KEY_LENGTH)
	{
        unsigned char sha1_buf[SHA1_LENGTH_IN_BYTE] = {0};    
            
        if( cust_hash(d_buf, d_len, sha1_buf, SHA1_LENGTH_IN_BYTE) != 0 )
        {
            return -1;
        }        

        //To sign here
        
        return -1;        
    }
    //RSA2048
    else if(s_len == RSA2048_KEY_LENGTH)
    {
        unsigned char sha256_buf[SHA256_LENGTH_IN_BYTE] = {0};
       
        if( cust_hash(d_buf, d_len, sha256_buf, SHA256_LENGTH_IN_BYTE) != 0 )
        {
            return -1;
        }        
        
        //To sign here
        
        return -1;        
    }

    //If length is not supported, then go here directly
    return -1;
}
/**************************************************************************
 *  RSA Sign (should support RSA1024 and RSA2048)
 **************************************************************************/     
int cust_sign(unsigned char* data_buf,  unsigned int data_len, unsigned char* sig_buf, unsigned int sig_len)
{
    memset(sig_buf, 0x00, sig_len);
    
    if(RSA1024_SIG_LEN == sig_len)
    {
        unsigned char sha1sum[SHA1_HASH_LEN] = {0};

        /* SHA1 */        
        if( cust_hash(data_buf, data_len, sha1sum, SHA1_HASH_LEN) != 0 )
        {
            /* return sign pass */
            return 0;
        }
    
        /* TODO : use cust_sign to sign data buffer with RSA1024 */    
        /* customer needs to customized this function */
        
        return 0;        
    }
    else if(RSA2048_SIG_LEN == sig_len)
    {
        unsigned char sha256sum[SHA256_HASH_LEN] = {0};

        /* SHA256 */      
        if( cust_hash(data_buf, data_len, sha256sum, SHA256_HASH_LEN) != 0 )
        {
            /* return sign pass */
            return 0;
        }
        
        /* TODO : use cust_sign to sign data buffer with RSA2048*/    
        /* customer needs to customized this function */
        
        return 0;        
    }
    else
    {
        /* unsupported, just return sign failed */
        return -1;
    }

}
Пример #3
0
int pro_img_v3(char *hs_name, char *img_name,char *hdr_name)
{
    uint32 br = 0;
    uchar *d_buf = NULL;
    uchar *d_buf_prt = NULL;
    uchar c_buf[SEC_IMG_HDR_SZ];    
    uchar *sig;
    uchar *hash;    
    uint32 i = 0, ret = 0;    
    SEC_IMG_HEADER *sec = NULL;
    SEC_EXTENTION_CFG *p_ext_cfg = (SEC_EXTENTION_CFG *)get_ext_cfg();  
    SEC_EXTENSTION_CRYPTO *crypto_ext = NULL;
    SEC_FRAGMENT_CFG *frag_ext = NULL;
    SEC_EXTENSTION_HASH_ONLY **hash_only_ext;
    SEC_EXTENSTION_END_MARK *end_ext = NULL;
    uint32 total_size = 0;
    uint32 real_chunk_size = 0;

    /* ------------------------------------- */
    /* open hash and signature file          */
    /* ------------------------------------- */    
    FILE *hs_fd = fopen(hs_name,"wb");      
    
    if(hs_fd == 0)
    {
        MSG("[%s] %s not found\n",MOD,hs_name);
        goto _init_fail;
    }

    /* ------------------------------------- */
    /* read image header                     */
    /* ------------------------------------- */    
    
    FILE *hdr_fd = fopen(hdr_name,"r");            

    br = fread(c_buf,1,SEC_IMG_HDR_SZ,hdr_fd); /* read header */    

    sec = (SEC_IMG_HEADER *)c_buf;

    if(br == 0)
    {
        MSG("\n[%s] read '%s' image hdr fail, read bytes = '%d'\n",MOD,hdr_name,br);
        ret = -1;
        goto _hdr_fail;
    }

    /* ------------------------------------- */
    /* initialize buffer                     */
    /* ------------------------------------- */   
    sig = (uchar*) malloc(get_sigature_size(g_sig_type));
    hash = (uchar*) malloc(get_hash_size(g_hash_type));

    /* ------------------------------------- */
    /* initialize extnesion header buffer       */
    /* ------------------------------------- */ 
    crypto_ext = (SEC_EXTENSTION_CRYPTO *) allocate_ext_crypto();
    frag_ext = (SEC_FRAGMENT_CFG *) allocate_ext_frag();
    hash_only_ext = (SEC_EXTENSTION_HASH_ONLY **)malloc(p_ext_cfg->verify_count * sizeof(SEC_EXTENSTION_HASH_ONLY *));
    for(i=0;i<p_ext_cfg->verify_count;i++)
    {
        hash_only_ext[i] = (SEC_EXTENSTION_HASH_ONLY *) allocate_ext_hash_only(g_hash_type);
    }
    end_ext = (SEC_EXTENSTION_END_MARK *) allocate_ext_end();


    /* ------------------------------------- */
    /* initial extenstion header                    */
    /* ------------------------------------- */     
    crypto_ext->hash_type = g_hash_type;
    crypto_ext->sig_type = g_sig_type;
    crypto_ext->enc_type = SEC_CRYPTO_ENC_UNKNOWN;
    frag_ext->frag_count = p_ext_cfg->verify_count;
    frag_ext->chunk_size = p_ext_cfg->chunk_size;
    for(i=0;i<p_ext_cfg->verify_count;i++)
    {
        hash_only_ext[i]->hash_offset = p_ext_cfg->verify_offset[i];
        hash_only_ext[i]->hash_len = p_ext_cfg->verify_length[i];
    }

    /* ----------------------------------------- */
    /* generate hash for each region by chunk size      */
    /* ----------------------------------------- */    
    FILE *img_fd = fopen(img_name,"r");        
    
    if(img_fd == 0)
    {
        MSG("[%s] %s not found\n",MOD,img_name);
        ret = -1;
        goto _img_open_fail;
    }  

    for(i=0;i<p_ext_cfg->verify_count;i++)
    {
        if(frag_ext->chunk_size == 0)
        {
            real_chunk_size = hash_only_ext[i]->hash_len;
        }
        else
        {
            real_chunk_size = frag_ext->chunk_size;
        }
        if(gen_hash_by_chunk(img_fd, hash_only_ext[i]->hash_offset, hash_only_ext[i]->hash_len,
            hash, hash_only_ext[i]->sub_type, real_chunk_size)!=0)
        {
            ret = -1;
            goto _ext_hash_fail;
        }
        mcpy(hash_only_ext[i]->hash_data,hash,get_hash_size(g_hash_type));
    }

    /* ------------------------------------- */
    /* prepare buffer                     */
    /* ------------------------------------- */   
    total_size =    SEC_IMG_HDR_SZ + 
                    p_ext_cfg->verify_count*get_hash_size(g_hash_type)+                            
                    sizeof(*crypto_ext)+
                    sizeof(*frag_ext)+
                    p_ext_cfg->verify_count*get_ext_hash_only_struct_size(g_hash_type)+
                    sizeof(*end_ext);
    d_buf = (uchar*) malloc(total_size);
    d_buf_prt = d_buf;

    /* copy header */
    mcpy(d_buf_prt,c_buf,SEC_IMG_HDR_SZ);
    d_buf_prt += SEC_IMG_HDR_SZ;
    
    /* copy hash */
    for(i=0;i<p_ext_cfg->verify_count;i++)
    {
        mcpy(d_buf_prt,hash_only_ext[i]->hash_data,get_hash_size(g_hash_type));
        d_buf_prt += get_hash_size(g_hash_type);
    }
    
    /* copy crypto extension */
    mcpy(d_buf_prt,crypto_ext,sizeof(*crypto_ext));
    d_buf_prt += sizeof(*crypto_ext);

    /* copy frag extension */
    mcpy(d_buf_prt,frag_ext,sizeof(*frag_ext));
    d_buf_prt += sizeof(*frag_ext);

    /* copy hash extension */
    for(i=0;i<p_ext_cfg->verify_count;i++)
    {
        mcpy(d_buf_prt,hash_only_ext[i],get_ext_hash_only_struct_size(g_hash_type));
        d_buf_prt += get_ext_hash_only_struct_size(g_hash_type);
    }

    /* copy end mark extension */
    mcpy(d_buf_prt,end_ext,sizeof(*end_ext));
    d_buf_prt += sizeof(*end_ext);

    /* ------------------------------------- */
    /* generate hash                    */
    /* ------------------------------------- */  
    if( cust_hash(d_buf,total_size,hash,get_hash_size(g_hash_type)) == -1)
    {
        MSG("[%s] Sign %s fail\n",MOD,img_name);
        ret = -1;
        goto _final_hash_fail;
    }

    /* ------------------------------------- */
    /* generate signature                    */
    /* ------------------------------------- */  
    if( cust_sign(d_buf,total_size,sig,get_sigature_size(g_sig_type)) == -1)
    {
        MSG("[%s] Sign %s fail\n",MOD,img_name);
        ret = -1;
        goto _final_sign_fail;
    }

    /* ------------------------------------- */
    /* dump hash value for debug             */
    /* ------------------------------------- */ 
#if DUMP_MORE_FOR_DEBUG        
    {
        unsigned loop_count = total_size/8;
        unsigned remain_count = total_size%8;
        MSG("[%s] Total verify size is : %d\n",MOD, total_size);    
        for(i=0; i<loop_count ; i++)
        {    
            DBG("[%s] Data value [%d-%d]==> (0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x, 0x%x) \n",MOD, 
                i*8, (i+1)*8-1, 
                d_buf[0+i*8], d_buf[1+i*8], d_buf[2+i*8], d_buf[3+i*8], 
                d_buf[4+i*8], d_buf[5+i*8], d_buf[6+i*8], d_buf[7+i*8]);  
        }
        if(remain_count)
        {
            DBG("[%s] Data value [%d-%d]==> (",MOD,loop_count*8, loop_count*8+remain_count);
            for(i=0; i<remain_count ; i++)
            {    
                DBG("0x%x,", d_buf[loop_count*8+i]);  
            }
            DBG(") \n");
        }
    }
#endif    
    MSG("[%s] Hash value : \n",MOD);    
    for(i=0;i<get_hash_size(g_hash_type);i++)
    {
        MSG("0x%x,",hash[i]);
    }
    MSG("\n",MOD);    

    /* ------------------------------------- */
    /* write hash and signature              */
    /* ------------------------------------- */    
    fwrite (sig , 1 , get_sigature_size(g_sig_type), hs_fd);   
    fwrite (hash , 1 , get_hash_size(g_hash_type) , hs_fd);

    
    /* ------------------------------------- */
    /* write extension              */
    /* ------------------------------------- */ 
    d_buf_prt = d_buf;
    d_buf_prt += SEC_IMG_HDR_SZ + p_ext_cfg->verify_count*get_hash_size(g_hash_type);
    fwrite (d_buf_prt , 1 , 
        total_size-(SEC_IMG_HDR_SZ+p_ext_cfg->verify_count*get_hash_size(g_hash_type)), 
        hs_fd);   
    
    fclose (hs_fd);    

_final_sign_fail:
_final_hash_fail:
    free(d_buf);
_ext_hash_fail:    
_img_open_fail:
_img_read_fail:
    free(end_ext);
    free(frag_ext);
    free(crypto_ext);
    free(hash_only_ext);
    free(hash);
    free(sig);
_hdr_fail:
    fclose(hdr_fd);
_init_fail:

    return ret;
}
Пример #4
0
int gen_hash_by_chunk(FILE *img_fd, uint32 img_hash_off, uint32 img_hash_len,
    uchar *final_hash_buf, SEC_CRYPTO_HASH_TYPE hash_type, uint32 chunk_size)
{
    uint32 br = 0;
    uint32 i = 0, ret = 0; 
    uchar *chunk_buf = NULL;
    uchar *hash_tmp;
    uchar *hash_comb;
    uint32 seek_pos = 0;
    uint32 hash_size = get_hash_size(hash_type);
    uint32 chunk_count = ((img_hash_len-1)/chunk_size)+1;
    uint32 read_size = 0;
    uint32 left_size = 0;

    if(!img_hash_len)
    {
        
        MSG("[%s] hash length is zero, no need to do hash\n",MOD);
        ret = -1;
        memset(final_hash_buf, 0x00, hash_size);
        goto end_error;        
    }

#if DUMP_MORE_FOR_DEBUG    
    DBG("[%s] Hash size is %d (0x%x)\n",MOD, hash_size, hash_size);
    DBG("[%s] Offset is %d (0x%x)\n",MOD, img_hash_off, img_hash_off);
    DBG("[%s] Size is %d (0x%x)\n",MOD, img_hash_len, img_hash_len);
    DBG("[%s] Chunk size is %d (0x%x)\n",MOD, chunk_size, chunk_size);
    DBG("[%s] Chunk count is %d (0x%x)\n",MOD, chunk_count, chunk_count);
#endif

    /* allocate hash buffer */    
    hash_tmp = (uchar*) malloc(hash_size);
    hash_comb = (uchar*) malloc(hash_size*2);
    memset(hash_tmp, 0x00, hash_size);
    memset(hash_comb, 0x00, hash_size*2);

    /* allocate buffer with known chunk size */
    chunk_buf = (uchar*) malloc(chunk_size);

    /* caculate first hash */
    seek_pos = img_hash_off;
    left_size = img_hash_len;
    read_size = (left_size>=chunk_size)?chunk_size:left_size;
    fseek(img_fd,seek_pos*sizeof(char),SEEK_SET);  
    br = fread(chunk_buf,1,read_size,img_fd);    
    if(br != read_size)
    {
        MSG("[%s] read image content fail, read offset = '0x%x'\n",MOD,seek_pos);
        ret = -2;
        goto end_error;  
    }
    if( cust_hash(chunk_buf,read_size,hash_tmp,hash_size) == -1)
    {
        MSG("[%s] hash fail, offset is '0x%x'(A)\n",MOD,seek_pos);
        ret = -3;
        goto end_error;
    }

#if DUMP_MORE_FOR_DEBUG
    /* ------------------------------------- */
    /* dump hash value for debug             */
    /* ------------------------------------- */    
    DBG("[%s] Data value(4 bytes) ==> (0x%x, 0x%x, 0x%x, 0x%x) \n",MOD, 
            chunk_buf[0], chunk_buf[1], chunk_buf[2], chunk_buf[3]);    
    DBG("[%s] Hash value(single) (0x%x): \n",MOD, seek_pos);    
    for(i=0;i<hash_size;i++)
    {
        DBG("0x%x,",hash_tmp[i]);
    }
    DBG("\n",MOD);    
#endif

    /* copy to compose buffer (first block) */
    mcpy(hash_comb,hash_tmp,hash_size);

    /* move next */
    seek_pos += read_size;
    left_size -= read_size;

    /* loop hash */
    while(left_size)
    {
        /* load data */
        read_size = (left_size>=chunk_size)?chunk_size:left_size;
        fseek(img_fd,seek_pos*sizeof(char),SEEK_SET);  
        br = fread(chunk_buf,1,read_size,img_fd);   
            
        if(br != read_size)
        {
            MSG("[%s] read image content fail, read offset = '0x%x'\n",MOD,seek_pos);
            ret = -4;
            goto end_error;  
        }
    
        /* caculate this hash */        
        if( cust_hash(chunk_buf,read_size,hash_tmp,hash_size) == -1)
        {
            MSG("[%s] hash fail, offset is '0x%x'(B)\n",MOD,seek_pos);
            ret = -5;
            goto end_error;
        }

#if DUMP_MORE_FOR_DEBUG
        /* ------------------------------------- */
        /* dump hash value for debug             */
        /* ------------------------------------- */  
        DBG("[%s] Data value(4 bytes) ==> (0x%x, 0x%x, 0x%x, 0x%x) \n",MOD, 
            chunk_buf[0], chunk_buf[1], chunk_buf[2], chunk_buf[3]);   
        DBG("[%s] Hash value(single) (0x%x): \n",MOD, seek_pos);    
        for(i=0;i<hash_size;i++)
        {
            DBG("0x%x,",hash_tmp[i]);
        }
        DBG("\n",MOD);  
#endif

        /* compose two hash to buffer (second block) */
        mcpy(hash_comb+hash_size,hash_tmp,hash_size);

        /* caculate compose hash */
        if( cust_hash(hash_comb,hash_size*2,hash_tmp,hash_size) == -1)
        {
            MSG("[%s] hash fail, offset is '0x%x'(C)\n",MOD,seek_pos);
            ret = -6;
            goto end_error;
        }

#if DUMP_MORE_FOR_DEBUG
        /* ------------------------------------- */
        /* dump hash value for debug             */
        /* ------------------------------------- */ 
        DBG("[%s] Data value(4 bytes) ==> (0x%x, 0x%x, 0x%x, 0x%x) \n",MOD, 
            hash_comb[0], hash_comb[1], hash_comb[2], hash_comb[3]);    
        DBG("[%s] Hash value(comp): \n",MOD);    
        for(i=0;i<hash_size;i++)
        {
            DBG("0x%x,",hash_tmp[i]);
        }
        DBG("\n",MOD);  
#endif

        /* save this hash to compose buffer (first block) */
        mcpy(hash_comb,hash_tmp,hash_size);

        /* move next */        
        seek_pos += read_size;
        left_size -= read_size;
    }
    
    /* ------------------------------------- */
    /* dump hash value for debug             */
    /* ------------------------------------- */    
#if DUMP_MORE_FOR_DEBUG    
    DBG("[%s] Hash value(final) : \n",MOD);    
    for(i=0;i<hash_size;i++)
    {
        DBG("0x%x,",hash_tmp[i]);
    }
    DBG("\n",MOD);    
#endif

    /* copy hash */
    mcpy(final_hash_buf,hash_tmp,hash_size);
    
end_error:
    free(hash_comb);
    free(chunk_buf);
    free(hash_tmp);

    return ret;
}
Пример #5
0
int pro_img_v1_v2(char *hs_name, char *img_name,char *hdr_name)
{
    uint32 br = 0;
    uchar *d_buf = NULL;
    uchar c_buf[SEC_IMG_HDR_SZ];    
    uchar *sig;
    uchar *hash;    
    uint32 i = 0;    
    SEC_IMG_HEADER *sec = NULL;    

    /* ------------------------------------- */
    /* open hash and signature file          */
    /* ------------------------------------- */    
    FILE *hs_fd = fopen(hs_name,"wb");      
    
    if(hs_fd == 0)
    {
        MSG("[%s] %s not found\n",MOD,hs_name);
        goto _err;
    }

    /* ------------------------------------- */
    /* read image header                     */
    /* ------------------------------------- */    
    
    FILE *hdr_fd = fopen(hdr_name,"r");            

    br = fread(c_buf,1,SEC_IMG_HDR_SZ,hdr_fd); /* read header */    

    sec = (SEC_IMG_HEADER *)c_buf;

    if(br == 0)
    {
        MSG("\n[%s] read '%s' image hdr fail, read bytes = '%d'\n",MOD,hdr_name,br);
        goto _err;
    }


    /* ------------------------------------- */
    /* initialize buffer                     */
    /* ------------------------------------- */    
    d_buf = (uchar*) malloc(SEC_IMG_HDR_SZ + sec->s_len*sizeof(char));
    sig = (uchar*) malloc(get_sigature_size(g_sig_type));
    hash = (uchar*) malloc(get_hash_size(g_hash_type));

    mcpy(d_buf,c_buf,SEC_IMG_HDR_SZ);

    /* ------------------------------------- */
    /* read image content                    */
    /* ------------------------------------- */    
    FILE *img_fd = fopen(img_name,"r");        
    
    if(img_fd == 0)
    {
        MSG("[%s] %s not found\n",MOD,img_name);
        goto _err;
    }
       
    fseek(img_fd,sec->s_off*sizeof(char),SEEK_SET);   
    
    br = fread(d_buf+SEC_IMG_HDR_SZ,1,sec->s_len,img_fd);

    if(br == 0)
    {
        MSG("\n[%s] read image content fail, read bytes = '%d'\n",MOD,br);
        goto _err;  
    }

    /* ------------------------------------- */
    /* Sign  
     * @1 : file
     * @2 : file length to be signed
     * @3 : signature
     * @3 : signature length */
    /* ------------------------------------- */     
    if( cust_sign(d_buf,SEC_IMG_HDR_SZ + sec->s_len,sig,get_sigature_size(g_sig_type)) == -1)
    {
        MSG("[%s] Sign %s fail\n",MOD,img_name);
        goto _err;
    }

    /* ------------------------------------- */
    /* Hash  
     * @1 : file
     * @2 : file length to be hashed
     * @3 : hash
     * @3 : hash length */
    /* ------------------------------------- */     
    if( cust_hash(d_buf,SEC_IMG_HDR_SZ + sec->s_len,hash,get_hash_size(g_hash_type)) == -1)
    {
        MSG("[%s] Sign %s fail\n",MOD,img_name);
        goto _err;
    }

    /* ------------------------------------- */
    /* dump hash value for debug             */
    /* ------------------------------------- */    
    MSG("[%s] Hash value : \n",MOD);    
    for(i=0;i<get_hash_size(g_hash_type);i++)
    {
        MSG("0x%x,",hash[i]);
    }
    MSG("\n",MOD);    

    /* ------------------------------------- */
    /* write hash and signature              */
    /* ------------------------------------- */    
    fwrite (sig , 1 , get_sigature_size(g_sig_type), hs_fd);   
    fwrite (hash , 1 , get_hash_size(g_hash_type) , hs_fd);
    fclose (hs_fd);    


    free(d_buf);    
    return 0;

_err:

    free(d_buf);
    return -1;

}