From f7270205be79053c1d6f0555e7e273fe48064d03 Mon Sep 17 00:00:00 2001 From: n1481 Date: Mon, 11 Jul 2011 04:22:12 +0000 Subject: [PATCH] =?UTF-8?q?=E3=83=95=E3=82=A1=E3=82=A4=E3=83=AB=E3=81=AE?= =?UTF-8?q?=E3=83=80=E3=82=A4=E3=82=B8=E3=82=A7=E3=82=B9=E3=83=88=E6=A4=9C?= =?UTF-8?q?=E8=A8=BC=E7=B5=90=E6=9E=9C=E3=81=AB=E3=83=80=E3=82=A4=E3=82=B8?= =?UTF-8?q?=E3=82=A7=E3=82=B9=E3=83=88=E3=83=86=E3=83=BC=E3=83=96=E3=83=AB?= =?UTF-8?q?=E6=94=B9=E7=AB=84=E6=9C=89=E7=84=A1=E3=81=AE=E8=A1=A8=E7=A4=BA?= =?UTF-8?q?=E3=82=92=E8=BF=BD=E5=8A=A0=E3=80=81=20=E3=82=A2=E3=82=AF?= =?UTF-8?q?=E3=82=BB=E3=82=B9=E3=83=AD=E3=82=B0=E6=AF=8E=E3=81=AE=E3=83=80?= =?UTF-8?q?=E3=82=A4=E3=82=B8=E3=82=A7=E3=82=B9=E3=83=88=E6=A4=9C=E8=A8=BC?= =?UTF-8?q?=E7=B5=90=E6=9E=9C=E3=82=92=E8=A1=A8=E7=A4=BA=E3=81=99=E3=82=8B?= =?UTF-8?q?=E6=A9=9F=E8=83=BD=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlToolsRED@569 7061adef-622a-194b-ae81-725974e89856 --- .../tools/TamperDetectorForSrl/card_hash.cpp | 147 +++++++++++++++++- build/tools/TamperDetectorForSrl/card_hash.h | 8 + build/tools/TamperDetectorForSrl/checker.cpp | 10 +- build/tools/TamperDetectorForSrl/checker.h | 2 +- build/tools/TamperDetectorForSrl/entry.cpp | 4 +- build/tools/TamperDetectorForSrl/main.cpp | 5 +- 6 files changed, 162 insertions(+), 14 deletions(-) diff --git a/build/tools/TamperDetectorForSrl/card_hash.cpp b/build/tools/TamperDetectorForSrl/card_hash.cpp index 231633e..ce19ee3 100644 --- a/build/tools/TamperDetectorForSrl/card_hash.cpp +++ b/build/tools/TamperDetectorForSrl/card_hash.cpp @@ -52,7 +52,7 @@ static bool CARDi_CompareHash(const void *hash, void *buffer, u32 length) if (memcmp(hash, tmphash, sizeof(tmphash)) != 0) { ret = false; - printf("ROM-hash comparation error!\n"); +// printf("ROM-hash comparation error!\n"); } else { @@ -105,6 +105,9 @@ void CARDi_Init( CARDRomHashContext *context, RomHeader* header) context->hash_correct = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE); context->master_hash_correct = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE); + // 改竄Yes/No記録 + context->hash_original = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE); + context->master_hash_original = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE); } @@ -205,10 +208,14 @@ bool Digest1Check(CARDRomHashContext *context, FILE* fp, RomHeader* header, u32 /* ROMデータのHashをDigest1と比較 */ if( !CARDi_CompareHash( context->hash, context->buffer, context->bytes_per_sector)) { +// printf( "digest1[%d] err\n", digest1_index); context->hash_correct[digest1_index] = 0; // 結果記録 ret = false; } - context->hash_correct[digest1_index] = 1; // 結果記録 + else + { + context->hash_correct[digest1_index] = 1; // 結果記録 + } } rest -= context->bytes_per_sector; @@ -223,7 +230,7 @@ bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header) bool ret = true; int digest2_index; int i, j; - int digest1_index_num = (header->digest1_table_size / header->digest1_block_size); + int digest1_index_num = (header->digest1_table_size / CARD_ROM_HASH_SIZE); for( i=0; imaster_hash[digest2_index * CARD_ROM_HASH_SIZE]), context->hash, (CARD_ROM_HASH_SIZE * context->sectors_per_block))) { +// printf( "digest2[%d] err\n", digest2_index); context->master_hash_correct[digest2_index] = 0; ret = false; } - context->master_hash_correct[digest2_index] = 1; + else + { + context->master_hash_correct[digest2_index] = 1; + } i+= header->digest2_covered_digest1_num; } @@ -263,6 +274,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp) { printf( "(検証OK.)\n"); } + else + { + printf( "(検証NG.)\n"); + } printf( "-----------------------\n\n"); printf( "twl digest area check\n"); @@ -272,6 +287,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp) { printf( "(検証OK.)\n"); } + else + { + printf( "(検証NG.)\n"); + } printf( "-----------------------\n\n"); printf( "digest2 check\n"); @@ -280,9 +299,76 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp) { printf( "(検証OK.)\n"); } + else + { + printf( "(検証NG.)\n"); + } printf( "-----------------------\n\n"); } +/* ダイジェストテーブル1の各インデックス毎の改竄状況をチェック */ +void CARD_DiffDigest1(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp) +{ + u32 i; + u8 gBuf[CARD_ROM_HASH_SIZE]; + u8 mBuf[CARD_ROM_HASH_SIZE]; + u32 gNum = (gHeader->digest1_table_size / CARD_ROM_HASH_SIZE); + u32 mNum = (mHeader->digest1_table_size / CARD_ROM_HASH_SIZE); + u32 num = (gNum <= mNum)? gNum : mNum; + + for( i=0; idigest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET); + fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp); + fseek( mfp, mHeader->digest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET); + fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp); + + if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0) + { + context->hash_original[i] = 1; + } + else + { + context->hash_original[i] = 0; + } + } +} + +/* ダイジェストテーブル2の各インデックス毎の改竄状況をチェック */ +void CARD_DiffDigest2(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp) +{ + u32 i; + u8 gBuf[CARD_ROM_HASH_SIZE]; + u8 mBuf[CARD_ROM_HASH_SIZE]; + u32 gNum = (gHeader->digest2_table_size / CARD_ROM_HASH_SIZE); + u32 mNum = (mHeader->digest2_table_size / CARD_ROM_HASH_SIZE); + u32 num = (gNum <= mNum)? gNum : mNum; + + for( i=0; idigest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET); + fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp); + fseek( mfp, mHeader->digest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET); + fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp); + + if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0) + { + context->master_hash_original[i] = 1; + } + else + { + context->master_hash_original[i] = 0; + } + } +} + +/* ダイジェストテーブルの各インデックス毎の改竄状況をチェック */ +void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp) +{ + CARD_DiffDigest1( context, gHeader, gfp, mHeader, mfp); + CARD_DiffDigest2( context, gHeader, gfp, mHeader, mfp); +} + /* 特定のファイルに対応するダイジェストテーブルが正しいか検証する */ void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2) @@ -295,13 +381,60 @@ void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, for( i=digest1_index_begin; i<=digest1_index_end; i++) { - if( !context->hash_correct[i]) + if( context->hash_original[i]) { - *ret_digest1 = 0; + printf( " digest1[%ld]", i); } - if( !context->master_hash_correct[i/context->sectors_per_block]) + else { + printf( " digest1[%ld](*)", i); + } + if( context->hash_correct[i] == 0) + { + printf( "...ng"); + *ret_digest1 = 0; + }else{ + printf( "...ok"); + } + + if( context->master_hash_original[i/context->sectors_per_block]) + { + printf( " (digest2[%ld]", i/context->sectors_per_block); + } + else + { + printf( " (digest2[%ld](*)", i/context->sectors_per_block); + } + if( context->master_hash_correct[i/context->sectors_per_block] == 0) + { + printf( "...ng)\n"); *ret_digest2 = 0; + }else{ + printf( "...ok)\n"); + } + } +} + +/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */ +void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2) +{ + u32 offset; + u32 digest1_index, digest2_index; + *d1 = 1; + *d2 = 1; + + for( offset = start_adr; offset < end_adr; offset+=context->bytes_per_sector) + { + digest1_index = CARDi_GetHashSectorIndex( context, offset); + if( !context->hash_correct[digest1_index]) + { + *d1 = 0; + } + + digest2_index = (digest1_index / context->sectors_per_block); + if( !context->master_hash_correct[digest2_index]) + { + *d2 = 0; } } } diff --git a/build/tools/TamperDetectorForSrl/card_hash.h b/build/tools/TamperDetectorForSrl/card_hash.h index 2ca5a4e..4a5500b 100644 --- a/build/tools/TamperDetectorForSrl/card_hash.h +++ b/build/tools/TamperDetectorForSrl/card_hash.h @@ -79,8 +79,13 @@ typedef struct CARDRomHashContext u8 *buffer; u8 *hash; + /* ダイジェスト検証が通るかどうかのフラグ */ u8 *master_hash_correct; u8 *hash_correct; + + /* 改竄されているかどうかのフラグ */ + u8* master_hash_original; + u8* hash_original; } CARDRomHashContext; @@ -88,8 +93,11 @@ CARDRomHashContext; void CARDi_Init( CARDRomHashContext *context, RomHeader* header); void CARDi_CheckHash(CARDRomHashContext *context, FILE* fp, u32 sect, u32 size, RomHeader* header); bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header); +void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp); void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp); void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2); +/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */ +void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2); #endif //CARD_HASH_H_ diff --git a/build/tools/TamperDetectorForSrl/checker.cpp b/build/tools/TamperDetectorForSrl/checker.cpp index 8ea06e4..03354b9 100644 --- a/build/tools/TamperDetectorForSrl/checker.cpp +++ b/build/tools/TamperDetectorForSrl/checker.cpp @@ -949,9 +949,10 @@ u32 Checker::GetOctValue( char* hex_char) } char logBuf[0x46]; -void Checker::FindAccessLogFile( Entry* entry, FILE* lfp) +void Checker::FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context) { int i = 0; + u8 d1, d2; u32 log_start_adr, log_end_adr; while( fread( logBuf, 6, 1, lfp)) @@ -978,10 +979,13 @@ void Checker::FindAccessLogFile( Entry* entry, FILE* lfp) (GetOctValue(&logBuf[0x0D]) * 0x10000000)); printf( "%d 0x%lx - 0x%lx", i, log_start_adr, log_end_adr); - if( !(entry->FindFileLocation( log_start_adr, log_end_adr))) + if( entry->FindFileLocation( log_start_adr, log_end_adr)) { - entry->FindAreaLocation( log_start_adr, log_end_adr); + GetDigestResult( context, log_start_adr, log_end_adr, &d1, &d2); + if( d1) { printf( "[d1:OK]");} else { printf( "[d1:NG]");}; + if( d2) { printf( "[d2:OK]");} else { printf( "[d2:NG]");}; } + entry->FindAreaLocation( log_start_adr, log_end_adr); printf( "\n"); } else diff --git a/build/tools/TamperDetectorForSrl/checker.h b/build/tools/TamperDetectorForSrl/checker.h index 4c0c137..bed85eb 100644 --- a/build/tools/TamperDetectorForSrl/checker.h +++ b/build/tools/TamperDetectorForSrl/checker.h @@ -71,7 +71,7 @@ class Checker u32 GetOctValue( char* hex_char); - void FindAccessLogFile( Entry* entry, FILE* lfp); + void FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context); }; diff --git a/build/tools/TamperDetectorForSrl/entry.cpp b/build/tools/TamperDetectorForSrl/entry.cpp index 3bd9281..a225820 100644 --- a/build/tools/TamperDetectorForSrl/entry.cpp +++ b/build/tools/TamperDetectorForSrl/entry.cpp @@ -197,12 +197,14 @@ MyFileEntry* Entry::FindFileEntry( char* my_full_path_name) /* アドレスの範囲に該当するファイルを表示する */ MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr) { + MyFileEntry* retEntry = NULL; MyFileEntry *currentEntry = fileEntry; while( currentEntry) { if( ((currentEntry->top <= start_adr)&&(currentEntry->bottom > start_adr)) || ((currentEntry->top <= end_adr)&&(currentEntry->bottom > end_adr))) { + retEntry = currentEntry; if( currentEntry->modified) { // 改竄されているファイルの識別表示 printf( " %s(*),", currentEntry->full_path_name); @@ -212,7 +214,7 @@ MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr) } currentEntry = (MyFileEntry*)(currentEntry->next); } - return NULL; + return retEntry; } diff --git a/build/tools/TamperDetectorForSrl/main.cpp b/build/tools/TamperDetectorForSrl/main.cpp index 518a920..d003aee 100644 --- a/build/tools/TamperDetectorForSrl/main.cpp +++ b/build/tools/TamperDetectorForSrl/main.cpp @@ -59,7 +59,7 @@ bool int_bits(void) int main (int argc, char *argv[]) { - CARDRomHashContext context; + static CARDRomHashContext context; // 処理系の unsignedビット数が想定外ならエラー終了(types.hを変更してビルドし直してください) if( !int_bits()) @@ -94,6 +94,7 @@ int main (int argc, char *argv[]) // ダイジェスト検証(digest1, digest2) { CARDi_Init( &context, &mHeaderBuf); + CARD_DiffDigest( &context, &gHeaderBuf, gfp, &mHeaderBuf, mfp); CARD_CheckHash( &context, &mHeaderBuf, mfp); } @@ -137,7 +138,7 @@ int main (int argc, char *argv[]) lfp = fopen( log_fname, "r"); printf( "\n\n\nACCESS LOG\n"); - checker.FindAccessLogFile( &gEntry, lfp); + checker.FindAccessLogFile( &gEntry, lfp, &context); printf( "------------------\n"); }