You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by cc...@apache.org on 2019/10/17 20:19:48 UTC
[mynewt-artifact] 02/02: Fix issues with hash calculation
This is an automated email from the ASF dual-hosted git repository.
ccollins pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-artifact.git
commit 91a9bc9025e6a3b992f2033c1c427a03b7651dad
Author: Andy Gross <an...@juul.com>
AuthorDate: Wed Oct 16 01:05:25 2019 -0500
Fix issues with hash calculation
This patch fixes the hash calculation to use the correct encrypted or
unencrypted application image bytes. This patch also fixes an
incorrect padding if a header size > 32 bytes is used.
Signed-off-by: Andy Gross <an...@juul.com>
---
image/create.go | 31 +++++++++++++++----------------
1 file changed, 15 insertions(+), 16 deletions(-)
diff --git a/image/create.go b/image/create.go
index 51003f6..8783b70 100644
--- a/image/create.go
+++ b/image/create.go
@@ -287,8 +287,8 @@ func GenerateImage(opts ImageCreateOpts) (Image, error) {
}
if opts.ImagePad > 0 {
- pad := opts.ImagePad - (len(ic.Body) % opts.ImagePad)
- ic.Body = append(ic.Body, bytes.Repeat([]byte{byte(0xff)}, pad)...)
+ tail_pad := opts.ImagePad - (len(ic.Body) % opts.ImagePad)
+ ic.Body = append(ic.Body, bytes.Repeat([]byte{byte(0xff)}, tail_pad)...)
}
if ic.HWKeyIndex >= 0 {
@@ -367,14 +367,6 @@ func calcHash(initialHash []byte, hdr ImageHdr, pad []byte,
return nil, err
}
- extra := hdr.HdrSz - IMAGE_HEADER_SIZE
- if extra > 0 {
- b := make([]byte, extra)
- if err := add(b); err != nil {
- return nil, err
- }
- }
-
if err := add(plainBody); err != nil {
return nil, err
}
@@ -401,7 +393,7 @@ func (ic *ImageCreator) Create() (Image, error) {
img.Header.Flags |= IMAGE_F_NON_BOOTABLE
}
- // Set encrypted image flag if image is to be treated as encrypted
+ // Set encrypted image flag if image is to be treated as encrypted
if ic.CipherSecret != nil && ic.HWKeyIndex < 0 {
img.Header.Flags |= IMAGE_F_ENCRYPTED
}
@@ -419,22 +411,29 @@ func (ic *ImageCreator) Create() (Image, error) {
img.Pad = make([]byte, extra)
}
- hashBytes, err := calcHash(ic.InitialHash, img.Header, img.Pad, ic.Body)
- if err != nil {
- return img, err
- }
+ payload := &ic.Body
// Followed by data.
- if ic.CipherSecret != nil {
+ if ic.PlainSecret != nil {
encBody, err := sec.EncryptAES(ic.Body, ic.PlainSecret, ic.Nonce)
if err != nil {
return img, err
}
img.Body = append(img.Body, encBody...)
+
+ if ic.HWKeyIndex >= 0 {
+ payload = &encBody
+ }
+
} else {
img.Body = append(img.Body, ic.Body...)
}
+ hashBytes, err := calcHash(ic.InitialHash, img.Header, img.Pad, *payload)
+ if err != nil {
+ return img, err
+ }
+
// Hash TLV.
tlv := ImageTlv{
Header: ImageTlvHdr{