rvtr/TwlToolsRED
1
Fork 0
mirror of https://github.com/rvtr/TwlToolsRED.git synced 2025-10-31 06:41:18 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

ファイルのダイジェスト検証結果にダイジェストテーブル改竄有無の表示を追加、

Browse Source 
アクセスログ毎のダイジェスト検証結果を表示する機能を追加

git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlToolsRED@569 7061adef-622a-194b-ae81-725974e89856
This commit is contained in:
n1481 2011-07-11 04:22:12 +00:00
parent d6c6f1bcff
commit f7270205be
6 changed files with 162 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
build/tools/TamperDetectorForSrl/card_hash.cpp
View File

@ -52,7 +52,7 @@ static bool CARDi_CompareHash(const void *hash, void *buffer, u32 length)
if (memcmp(hash, tmphash, sizeof(tmphash)) != 0) if (memcmp(hash, tmphash, sizeof(tmphash)) != 0)
{ {
ret = false; ret = false;
printf("ROM-hash comparation error!\n"); // printf("ROM-hash comparation error!\n");
} }
else else
{ {
@ -105,6 +105,9 @@ void CARDi_Init( CARDRomHashContext *context, RomHeader* header)
context->hash_correct = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE); context->hash_correct = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE);
context->master_hash_correct = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE); context->master_hash_correct = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE);
// 改竄Yes/No記録
context->hash_original = (u8*)malloc( header->digest1_table_size / CARD_ROM_HASH_SIZE);
context->master_hash_original = (u8*)malloc( header->digest1_table_size / header->digest2_covered_digest1_num / CARD_ROM_HASH_SIZE);
} }
@ -205,10 +208,14 @@ bool Digest1Check(CARDRomHashContext *context, FILE* fp, RomHeader* header, u32
/* ROMデータのHashをDigest1と比較 */ /* ROMデータのHashをDigest1と比較 */
if( !CARDi_CompareHash( context->hash, context->buffer, context->bytes_per_sector)) if( !CARDi_CompareHash( context->hash, context->buffer, context->bytes_per_sector))
{ {
// printf( "digest1[%d] err\n", digest1_index);
context->hash_correct[digest1_index] = 0; // 結果記録 context->hash_correct[digest1_index] = 0; // 結果記録
ret = false; ret = false;
} }
context->hash_correct[digest1_index] = 1; // Œ‰ÊL˜^ else
{
context->hash_correct[digest1_index] = 1; // 結果記録
}
} }
rest -= context->bytes_per_sector; rest -= context->bytes_per_sector;
@ -223,7 +230,7 @@ bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header)
bool ret = true; bool ret = true;
int digest2_index; int digest2_index;
int i, j; int i, j;
int digest1_index_num = (header->digest1_table_size / header->digest1_block_size); int digest1_index_num = (header->digest1_table_size / CARD_ROM_HASH_SIZE);
for( i=0; i<digest1_index_num; ) for( i=0; i<digest1_index_num; )
{ {
@ -237,10 +244,14 @@ bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header)
if( !CARDi_CompareHash( &(context->master_hash[digest2_index * CARD_ROM_HASH_SIZE]), if( !CARDi_CompareHash( &(context->master_hash[digest2_index * CARD_ROM_HASH_SIZE]),
context->hash, (CARD_ROM_HASH_SIZE * context->sectors_per_block))) context->hash, (CARD_ROM_HASH_SIZE * context->sectors_per_block)))
{ {
// printf( "digest2[%d] err\n", digest2_index);
context->master_hash_correct[digest2_index] = 0; context->master_hash_correct[digest2_index] = 0;
ret = false; ret = false;
} }
context->master_hash_correct[digest2_index] = 1; else
{
context->master_hash_correct[digest2_index] = 1;
}
i+= header->digest2_covered_digest1_num; i+= header->digest2_covered_digest1_num;
} }
@ -263,6 +274,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{ {
printf( "検証OK.\n"); printf( "検証OK.\n");
} }
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n"); printf( "-----------------------\n\n");
printf( "twl digest area check\n"); printf( "twl digest area check\n");
@ -272,6 +287,10 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{ {
printf( "検証OK.\n"); printf( "検証OK.\n");
} }
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n"); printf( "-----------------------\n\n");
printf( "digest2 check\n"); printf( "digest2 check\n");
@ -280,9 +299,76 @@ void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp)
{ {
printf( "検証OK.\n"); printf( "検証OK.\n");
} }
else
{
printf( "検証NG.\n");
}
printf( "-----------------------\n\n"); printf( "-----------------------\n\n");
} }
/* ダイジェストテーブル1の各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest1(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
u32 i;
u8 gBuf[CARD_ROM_HASH_SIZE];
u8 mBuf[CARD_ROM_HASH_SIZE];
u32 gNum = (gHeader->digest1_table_size / CARD_ROM_HASH_SIZE);
u32 mNum = (mHeader->digest1_table_size / CARD_ROM_HASH_SIZE);
u32 num = (gNum <= mNum)? gNum : mNum;
for( i=0; i<num; i++)
{
fseek( gfp, gHeader->digest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp);
fseek( mfp, mHeader->digest1_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp);
if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0)
{
context->hash_original[i] = 1;
}
else
{
context->hash_original[i] = 0;
}
}
}
/* ダイジェストテーブル2の各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest2(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
u32 i;
u8 gBuf[CARD_ROM_HASH_SIZE];
u8 mBuf[CARD_ROM_HASH_SIZE];
u32 gNum = (gHeader->digest2_table_size / CARD_ROM_HASH_SIZE);
u32 mNum = (mHeader->digest2_table_size / CARD_ROM_HASH_SIZE);
u32 num = (gNum <= mNum)? gNum : mNum;
for( i=0; i<num; i++)
{
fseek( gfp, gHeader->digest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( gBuf, CARD_ROM_HASH_SIZE, 1, gfp);
fseek( mfp, mHeader->digest2_table_offset + (i * CARD_ROM_HASH_SIZE), SEEK_SET);
fread( mBuf, CARD_ROM_HASH_SIZE, 1, mfp);
if( memcmp( gBuf, mBuf, CARD_ROM_HASH_SIZE) == 0)
{
context->master_hash_original[i] = 1;
}
else
{
context->master_hash_original[i] = 0;
}
}
}
/* ダイジェストテーブルの各インデックス毎の改竄状況をチェック */
void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp)
{
CARD_DiffDigest1( context, gHeader, gfp, mHeader, mfp);
CARD_DiffDigest2( context, gHeader, gfp, mHeader, mfp);
}
/* 特定のファイルに対応するダイジェストテーブルが正しいか検証する */ /* 特定のファイルに対応するダイジェストテーブルが正しいか検証する */
void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2) void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2)
@ -295,13 +381,60 @@ void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry,
for( i=digest1_index_begin; i<=digest1_index_end; i++) for( i=digest1_index_begin; i<=digest1_index_end; i++)
{ {
if( !context->hash_correct[i]) if( context->hash_original[i])
{ {
*ret_digest1 = 0; printf( " digest1[%ld]", i);
} }
if( !context->master_hash_correct[i/context->sectors_per_block]) else
{ {
printf( " digest1[%ld](*)", i);
}
if( context->hash_correct[i] == 0)
{
printf( "...ng");
*ret_digest1 = 0;
}else{
printf( "...ok");
}
if( context->master_hash_original[i/context->sectors_per_block])
{
printf( " (digest2[%ld]", i/context->sectors_per_block);
}
else
{
printf( " (digest2[%ld](*)", i/context->sectors_per_block);
}
if( context->master_hash_correct[i/context->sectors_per_block] == 0)
{
printf( "...ng)\n");
*ret_digest2 = 0; *ret_digest2 = 0;
}else{
printf( "...ok)\n");
}
}
}
/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */
void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2)
{
u32 offset;
u32 digest1_index, digest2_index;
*d1 = 1;
*d2 = 1;
for( offset = start_adr; offset < end_adr; offset+=context->bytes_per_sector)
{
digest1_index = CARDi_GetHashSectorIndex( context, offset);
if( !context->hash_correct[digest1_index])
{
*d1 = 0;
}
digest2_index = (digest1_index / context->sectors_per_block);
if( !context->master_hash_correct[digest2_index])
{
*d2 = 0;
} }
} }
} }

8
build/tools/TamperDetectorForSrl/card_hash.h
View File

@ -79,8 +79,13 @@ typedef struct CARDRomHashContext
u8 *buffer; u8 *buffer;
u8 *hash; u8 *hash;
/* ダイジェスト検証が通るかどうかのフラグ */
u8 *master_hash_correct; u8 *master_hash_correct;
u8 *hash_correct; u8 *hash_correct;
/* 改竄されているかどうかのフラグ */
u8* master_hash_original;
u8* hash_original;
} }
CARDRomHashContext; CARDRomHashContext;
@ -88,8 +93,11 @@ CARDRomHashContext;
void CARDi_Init( CARDRomHashContext *context, RomHeader* header); void CARDi_Init( CARDRomHashContext *context, RomHeader* header);
void CARDi_CheckHash(CARDRomHashContext *context, FILE* fp, u32 sect, u32 size, RomHeader* header); void CARDi_CheckHash(CARDRomHashContext *context, FILE* fp, u32 sect, u32 size, RomHeader* header);
bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header); bool Digest2Check(CARDRomHashContext *context, FILE* fp, RomHeader* header);
void CARD_DiffDigest(CARDRomHashContext *context, RomHeader* gHeader, FILE* gfp, RomHeader* mHeader, FILE* mfp);
void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp); void CARD_CheckHash(CARDRomHashContext *context, RomHeader* header, FILE* fp);
void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2); void CARD_CheckFileDigest(CARDRomHashContext *context, MyFileEntry* file_entry, u8* ret_digest1, u8* ret_digest2);
/* アドレスの範囲に該当するダイジェスト検証の合否を表示する */
void GetDigestResult( CARDRomHashContext *context, u32 start_adr, u32 end_adr, u8* d1, u8* d2);
#endif //CARD_HASH_H_ #endif //CARD_HASH_H_

10
build/tools/TamperDetectorForSrl/checker.cpp
View File

@ -949,9 +949,10 @@ u32 Checker::GetOctValue( char* hex_char)
} }
char logBuf[0x46]; char logBuf[0x46];
void Checker::FindAccessLogFile( Entry* entry, FILE* lfp) void Checker::FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context)
{ {
int i = 0; int i = 0;
u8 d1, d2;
u32 log_start_adr, log_end_adr; u32 log_start_adr, log_end_adr;
while( fread( logBuf, 6, 1, lfp)) while( fread( logBuf, 6, 1, lfp))
@ -978,10 +979,13 @@ void Checker::FindAccessLogFile( Entry* entry, FILE* lfp)
(GetOctValue(&logBuf[0x0D]) * 0x10000000)); (GetOctValue(&logBuf[0x0D]) * 0x10000000));
printf( "%d 0x%lx - 0x%lx", i, log_start_adr, log_end_adr); printf( "%d 0x%lx - 0x%lx", i, log_start_adr, log_end_adr);
if( !(entry->FindFileLocation( log_start_adr, log_end_adr))) if( entry->FindFileLocation( log_start_adr, log_end_adr))
{ {
entry->FindAreaLocation( log_start_adr, log_end_adr); GetDigestResult( context, log_start_adr, log_end_adr, &d1, &d2);
if( d1) { printf( "[d1:OK]");} else { printf( "[d1:NG]");};
if( d2) { printf( "[d2:OK]");} else { printf( "[d2:NG]");};
} }
entry->FindAreaLocation( log_start_adr, log_end_adr);
printf( "\n"); printf( "\n");
} }
else else

2
build/tools/TamperDetectorForSrl/checker.h
View File

@ -71,7 +71,7 @@ class Checker
u32 GetOctValue( char* hex_char); u32 GetOctValue( char* hex_char);
void FindAccessLogFile( Entry* entry, FILE* lfp); void FindAccessLogFile( Entry* entry, FILE* lfp, CARDRomHashContext *context);
}; };

4
build/tools/TamperDetectorForSrl/entry.cpp
View File

@ -197,12 +197,14 @@ MyFileEntry* Entry::FindFileEntry( char* my_full_path_name)
/* アドレスの範囲に該当するファイルを表示する */ /* アドレスの範囲に該当するファイルを表示する */
MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr) MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr)
{ {
MyFileEntry* retEntry = NULL;
MyFileEntry *currentEntry = fileEntry; MyFileEntry *currentEntry = fileEntry;
while( currentEntry) while( currentEntry)
{ {
if( ((currentEntry->top <= start_adr)&&(currentEntry->bottom > start_adr)) || if( ((currentEntry->top <= start_adr)&&(currentEntry->bottom > start_adr)) ||
((currentEntry->top <= end_adr)&&(currentEntry->bottom > end_adr))) ((currentEntry->top <= end_adr)&&(currentEntry->bottom > end_adr)))
{ {
retEntry = currentEntry;
if( currentEntry->modified) if( currentEntry->modified)
{ // 改竄されているファイルの識別表示 { // 改竄されているファイルの識別表示
printf( " %s(*),", currentEntry->full_path_name); printf( " %s(*),", currentEntry->full_path_name);
@ -212,7 +214,7 @@ MyFileEntry* Entry::FindFileLocation( u32 start_adr, u32 end_adr)
} }
currentEntry = (MyFileEntry*)(currentEntry->next); currentEntry = (MyFileEntry*)(currentEntry->next);
} }
return NULL; return retEntry;
} }

5
build/tools/TamperDetectorForSrl/main.cpp
View File

@ -59,7 +59,7 @@ bool int_bits(void)
int main (int argc, char *argv[]) int main (int argc, char *argv[])
{ {
CARDRomHashContext context; static CARDRomHashContext context;
// 処理系の unsignedビット数が想定外ならエラー終了types.hを変更してビルドし直してください // 処理系の unsignedビット数が想定外ならエラー終了types.hを変更してビルドし直してください
if( !int_bits()) if( !int_bits())
@ -94,6 +94,7 @@ int main (int argc, char *argv[])
// ダイジェスト検証(digest1, digest2) // ダイジェスト検証(digest1, digest2)
{ {
CARDi_Init( &context, &mHeaderBuf); CARDi_Init( &context, &mHeaderBuf);
CARD_DiffDigest( &context, &gHeaderBuf, gfp, &mHeaderBuf, mfp);
CARD_CheckHash( &context, &mHeaderBuf, mfp); CARD_CheckHash( &context, &mHeaderBuf, mfp);
} }
@ -137,7 +138,7 @@ int main (int argc, char *argv[])
lfp = fopen( log_fname, "r"); lfp = fopen( log_fname, "r");
printf( "\n\n\nACCESS LOG\n"); printf( "\n\n\nACCESS LOG\n");
checker.FindAccessLogFile( &gEntry, lfp); checker.FindAccessLogFile( &gEntry, lfp, &context);
printf( "------------------\n"); printf( "------------------\n");
} }