rvtr/TwlToolsRED
1
Fork 0
mirror of https://github.com/rvtr/TwlToolsRED.git synced 2025-10-31 06:41:18 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

ファイルのダイジェスト検証結果にダイジェストテーブル改竄有無の表示を追加、

Browse Source 
アクセスログ毎のダイジェスト検証結果を表示する機能を追加

git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlToolsRED@569 7061adef-622a-194b-ae81-725974e89856
This commit is contained in:
n1481 2011-07-11 04:22:12 +00:00
parent d6c6f1bcff
commit f7270205be
6 changed files with 162 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
build/tools/TamperDetectorForSrl/card_hash.cpp
View File

@ -52,7 +52,7 @@ static bool CARDi_CompareHash(const void *hash, void *buffer, u32 length)
if (memcmp(hash, tmphash, sizeof(tmphash)) != 0)
{
ret = false;
printf("ROM-hash comparation error!\n");
// printf("ROM-hash comparation error!\n");
}
else
{
@ -105,6 +105,9 @@ void CARDi_Init( CARDRomHashContext *context, RomHeader* header)
context->hash_correct = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE);
context->master_hash_correct = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE);
// 改竄Yes/No記録
context->hash_original = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE);
context->master_hash_original = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE);
}
@ -205,10 +208,14 @@ bool Digest1Check(CARDRomHashContext *context, FILE* fp, RomHeader* header, u32
/* ROMデータのHashをDigest1と比較 */
if( !CARDi_CompareHash( context->hash, context->buffer, context->bytes_per_sector))
{
// printf( "digest1[%d] err\n", digest1_index);
context->hash_correct[digest1_index] = 0; // 結果記録
ret = false;
}
context->hash_correct[digest1_index] = 1; // Œ‰ÊL˜^
else
{
context->hash_correct[digest1_index] = 1; // 結果記録
}
}
rest -= context->bytes_per_sector;
@ -223,7 +230,7 @@ bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header)
bool ret = true;
int digest2_index;
int i, j;
int digest1_index_num = (header->digest1_table_size / header->digest1_block_size);
int digest1_index_num = (header->digest1_table_size / CARD_ROM_HASH_SIZE);
for( i=0; i<digest1_index_num; )
{
@ -237,10 +244,14 @@ bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header)
if( !CARDi_CompareHash( &(context->master_hash[digest2_index * CARD_ROM_HASH_SIZE]),
context->hash, (CARD_ROM_HASH_SIZE * context->sectors_per_block)))
{
// printf( "digest2[%d] err\n", digest2_index);
context->master_hash_correct[digest2_index] = 0;
ret = false;
}
context->master_hash_correct[digest2_index] = 1;
else
{
context->master_hash_correct[digest2_index] = 1;
}
i+= header->digest2_covered_digest1_num;
}
@ -263,6 +274,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{
printf( "検証OK.\n");
}
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n");
printf( "twl digest area check\n");
@ -272,6 +287,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{
printf( "検証OK.\n");
}
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n");
printf( "digest2 check\n");
@ -280,9 +299,76 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{
printf( "検証OK.\n");
}
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n");
}
/* ダイジェストテーブル1の各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest1(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
u32 i;
u8 gBuf[CARD_ROM_HASH_SIZE];
u8 mBuf[CARD_ROM_HASH_SIZE];
u32 gNum = (gHeader->digest1_table_size / CARD_ROM_HASH_SIZE);
u32 mNum = (mHeader->digest1_table_size / CARD_ROM_HASH_SIZE);
u32 num = (gNum <= mNum)? gNum : mNum;
for( i=0; i<num; i++)
{
fseek( gfp, gHeader->digest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp);
fseek( mfp, mHeader->digest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp);
if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0)
{
context->hash_original[i] = 1;
}
else
{
context->hash_original[i] = 0;
}
}
}
/* ダイジェストテーブル2の各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest2(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
u32 i;
u8 gBuf[CARD_ROM_HASH_SIZE];
u8 mBuf[CARD_ROM_HASH_SIZE];
u32 gNum = (gHeader->digest2_table_size / CARD_ROM_HASH_SIZE);
u32 mNum = (mHeader->digest2_table_size / CARD_ROM_HASH_SIZE);
u32 num = (gNum <= mNum)? gNum : mNum;
for( i=0; i<num; i++)
{
fseek( gfp, gHeader->digest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp);
fseek( mfp, mHeader->digest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp);
if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0)
{
context->master_hash_original[i] = 1;
}
else
{
context->master_hash_original[i] = 0;
}
}
}
/* ダイジェストテーブルの各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
CARD_DiffDigest1( context, gHeader, gfp, mHeader, mfp);
CARD_DiffDigest2( context, gHeader, gfp, mHeader, mfp);
}
/* 特定のファイルに対応するダイジェストテーブルが正しいか検証する */
void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2)
@ -295,13 +381,60 @@ void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry,
for( i=digest1_index_begin; i<=digest1_index_end; i++)
{
if( !context->hash_correct[i])
if( context->hash_original[i])
{
*ret_digest1 = 0;
printf( " digest1[%ld]", i);
}
if( !context->master_hash_correct[i/context->sectors_per_block])
else
{
printf( " digest1[%ld](*)", i);
}
if( context->hash_correct[i] == 0)
{
printf( "...ng");
*ret_digest1 = 0;
}else{
printf( "...ok");
}
if( context->master_hash_original[i/context->sectors_per_block])
{
printf( " (digest2[%ld]", i/context->sectors_per_block);
}
else
{
printf( " (digest2[%ld](*)", i/context->sectors_per_block);
}
if( context->master_hash_correct[i/context->sectors_per_block] == 0)
{
printf( "...ng)\n");
*ret_digest2 = 0;
}else{
printf( "...ok)\n");
}
}
}
/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */
void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2)
{
u32 offset;
u32 digest1_index, digest2_index;
*d1 = 1;
*d2 = 1;
for( offset = start_adr; offset < end_adr; offset+=context->bytes_per_sector)
{
digest1_index = CARDi_GetHashSectorIndex( context, offset);
if( !context->hash_correct[digest1_index])
{
*d1 = 0;
}
digest2_index = (digest1_index / context->sectors_per_block);
if( !context->master_hash_correct[digest2_index])
{
*d2 = 0;
}
}
}

8
build/tools/TamperDetectorForSrl/card_hash.h
View File

@ -79,8 +79,13 @@ typedef struct CARDRomHashContext
u8 *buffer;
u8 *hash;
/* ダイジェスト検証が通るかどうかのフラグ */
u8 *master_hash_correct;
u8 *hash_correct;
/* 改竄されているかどうかのフラグ */
u8* master_hash_original;
u8* hash_original;
}
CARDRomHashContext;
@ -88,8 +93,11 @@ CARDRomHashContext;
void CARDi_Init( CARDRomHashContext *context, RomHeader* header);
void CARDi_CheckHash(CARDRomHashContext *context, FILE* fp, u32 sect, u32 size, RomHeader* header);
bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header);
void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp);
void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp);
void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2);
/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */
void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2);
#endif //CARD_HASH_H_

10
build/tools/TamperDetectorForSrl/checker.cpp
View File

@ -949,9 +949,10 @@ u32 Checker::GetOctValue( char* hex_char)
}
char logBuf[0x46];
void Checker::FindAccessLogFile( Entry* entry, FILE* lfp)
void Checker::FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context)
{
int i = 0;
u8 d1, d2;
u32 log_start_adr, log_end_adr;
while( fread( logBuf, 6, 1, lfp))
@ -978,10 +979,13 @@ void Checker::FindAccessLogFile( Entry* entry, FILE* lfp)
(GetOctValue(&logBuf[0x0D]) * 0x10000000));
printf( "%d 0x%lx - 0x%lx", i, log_start_adr, log_end_adr);
if( !(entry->FindFileLocation( log_start_adr, log_end_adr)))
if( entry->FindFileLocation( log_start_adr, log_end_adr))
{
entry->FindAreaLocation( log_start_adr, log_end_adr);
GetDigestResult( context, log_start_adr, log_end_adr, &d1, &d2);
if( d1) { printf( "[d1:OK]");} else { printf( "[d1:NG]");};
if( d2) { printf( "[d2:OK]");} else { printf( "[d2:NG]");};
}
entry->FindAreaLocation( log_start_adr, log_end_adr);
printf( "\n");
}
else

2
build/tools/TamperDetectorForSrl/checker.h
View File

@ -71,7 +71,7 @@ class Checker
u32 GetOctValue( char* hex_char);
void FindAccessLogFile( Entry* entry, FILE* lfp);
void FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context);
};

4
build/tools/TamperDetectorForSrl/entry.cpp
View File

@ -197,12 +197,14 @@ MyFileEntry* Entry::FindFileEntry( char* my_full_path_name)
/* アドレスの範囲に該当するファイルを表示する */
MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr)
{
MyFileEntry* retEntry = NULL;
MyFileEntry *currentEntry = fileEntry;
while( currentEntry)
{
if( ((currentEntry->top <= start_adr)&&(currentEntry->bottom > start_adr)) ||
((currentEntry->top <= end_adr)&&(currentEntry->bottom > end_adr)))
{
retEntry = currentEntry;
if( currentEntry->modified)
{ // 改竄されているファイルの識別表示
printf( " %s(*),", currentEntry->full_path_name);
@ -212,7 +214,7 @@ MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr)
}
currentEntry = (MyFileEntry*)(currentEntry->next);
}
return NULL;
return retEntry;
}

5
build/tools/TamperDetectorForSrl/main.cpp
View File

@ -59,7 +59,7 @@ bool int_bits(void)
int main (int argc, char *argv[])
{
CARDRomHashContext context;
static CARDRomHashContext context;
// 処理系の unsignedビット数が想定外ならエラー終了types.hを変更してビルドし直してください
if( !int_bits())
@ -94,6 +94,7 @@ int main (int argc, char *argv[])
// ダイジェスト検証(digest1, digest2)
{
CARDi_Init( &context, &mHeaderBuf);
CARD_DiffDigest( &context, &gHeaderBuf, gfp, &mHeaderBuf, mfp);
CARD_CheckHash( &context, &mHeaderBuf, mfp);
}
@ -137,7 +138,7 @@ int main (int argc, char *argv[])
lfp = fopen( log_fname, "r");
printf( "\n\n\nACCESS LOG\n");
checker.FindAccessLogFile( &gEntry, lfp);
checker.FindAccessLogFile( &gEntry, lfp, &context);
printf( "------------------\n");
}