Add modulus+exponent KM hashes

This commit is contained in:
Nikolaj Schlej 2022-10-23 13:37:19 +02:00
parent 50396d7291
commit c9e16cb180

View File

@ -488,17 +488,34 @@ USTATUS FitParser::parseFitEntryBootGuardKeyManifest(const UByteArray & keyManif
} }
kmInfo += "\n"; kmInfo += "\n";
// Calculate the hashes of public key modulus only
// One of those hashes is what's getting written into Field Programmable Fuses // One of those hashes is what's getting written into Field Programmable Fuses
// Calculate the hashes of public key modulus only
UINT8 hash[SHA384_HASH_SIZE] = {}; UINT8 hash[SHA384_HASH_SIZE] = {};
sha256(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash); sha256(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (SHA256): "); kmInfo += usprintf("Key Manifest Public Key Hash (Modulus Only, SHA256): ");
for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) { for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]); kmInfo += usprintf("%02X", hash[i]);
} }
kmInfo += "\n"; kmInfo += "\n";
sha384(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash); sha384(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (SHA384): "); kmInfo += usprintf("Key Manifest Public Key Hash (Modulus Only, SHA384): ");
for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]);
}
kmInfo += "\n";
// Calculate the hashes of public key modulus + exponent
UByteArray dataToHash;
dataToHash.append(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length());
UINT32 exponent = key_signature->public_key()->exponent();
dataToHash.append((const char*)&exponent, sizeof(exponent));
sha256(dataToHash.constData(), dataToHash.size(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (Modulus+Exponent, SHA256): ");
for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]);
}
kmInfo += "\n";
sha384(dataToHash.constData(), dataToHash.size(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (Modulus+Exponent, SHA384): ");
for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) { for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]); kmInfo += usprintf("%02X", hash[i]);
} }
@ -597,17 +614,34 @@ USTATUS FitParser::parseFitEntryBootGuardKeyManifest(const UByteArray & keyManif
} }
kmInfo += "\n"; kmInfo += "\n";
// Calculate the hashes of public key modulus only
// One of those hashes is what's getting written into Field Programmable Fuses // One of those hashes is what's getting written into Field Programmable Fuses
// Calculate the hashes of public key modulus only
UINT8 hash[SHA384_HASH_SIZE] = {}; UINT8 hash[SHA384_HASH_SIZE] = {};
sha256(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash); sha256(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (SHA256): "); kmInfo += usprintf("Key Manifest Public Key Hash (Modulus Only, SHA256): ");
for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) { for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]); kmInfo += usprintf("%02X", hash[i]);
} }
kmInfo += "\n"; kmInfo += "\n";
sha384(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash); sha384(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (SHA384): "); kmInfo += usprintf("Key Manifest Public Key Hash (Modulus Only, SHA384): ");
for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]);
}
kmInfo += "\n";
// Calculate the hashes of public key modulus + exponent
UByteArray dataToHash;
dataToHash.append(key_signature->public_key()->modulus().data(), key_signature->public_key()->modulus().length());
UINT32 exponent = key_signature->public_key()->exponent();
dataToHash.append((const char*)&exponent, sizeof(exponent));
sha256(dataToHash.constData(), dataToHash.size(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (Modulus+Exponent, SHA256): ");
for (UINT8 i = 0; i < SHA256_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]);
}
kmInfo += "\n";
sha384(dataToHash.constData(), dataToHash.size(), hash);
kmInfo += usprintf("Key Manifest Public Key Hash (Modulus+Exponent, SHA384): ");
for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) { for (UINT8 i = 0; i < SHA384_HASH_SIZE; i++) {
kmInfo += usprintf("%02X", hash[i]); kmInfo += usprintf("%02X", hash[i]);
} }