Implement SHA256 update file checking

This commit is contained in:
Mario Hüttel 2021-10-03 19:27:41 +02:00
parent c6fcd3154f
commit ae60c30919
3 changed files with 62 additions and 7 deletions

View File

@ -136,8 +136,14 @@ add_custom_command(
) )
set(HEX_PATH "${CMAKE_CURRENT_BINARY_DIR}/${HEXFILE}") set(HEX_PATH "${CMAKE_CURRENT_BINARY_DIR}/${HEXFILE}")
add_custom_target(update-image ALL DEPENDS ${HEX_PATH}) add_custom_target(update-image ALL DEPENDS ${HEX_PATH} "${HEX_PATH}.sha")
add_custom_command( add_custom_command(
DEPENDS ${ELFFILE} DEPENDS ${ELFFILE}
OUTPUT ${HEX_PATH} OUTPUT ${HEX_PATH}
COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH}) COMMAND ${CMAKE_OBJCOPY} -O ihex ${ELFFILE} ${HEX_PATH}
)
add_custom_command(
DEPENDS ${HEX_PATH}
OUTPUT "${HEX_PATH}.sha"
COMMAND sha256sum "${HEX_PATH}" | cut -d " " -f 1 > "${HEX_PATH}.sha"
)

View File

@ -79,8 +79,8 @@ uint32_t bytes_to_hex_string(uint8_t *input, uint32_t count, char *output_buffer
for (idx = 0; idx < count; idx++) { for (idx = 0; idx < count; idx++) {
b = input[idx]; b = input[idx];
output_buffer[idx] = num_to_hex_digit(b >> 4, capitalized); output_buffer[2*idx] = num_to_hex_digit(b >> 4, capitalized);
output_buffer[idx+1] = num_to_hex_digit(b & 0xF, capitalized); output_buffer[2*idx+1] = num_to_hex_digit(b & 0xF, capitalized);
} }
return 0; return 0;

View File

@ -241,19 +241,47 @@ ret_noact:
return ret; return ret;
} }
static int read_file_content(const char *fname, char *dest, size_t count)
{
FIL f;
FRESULT fres;
UINT act_read;
int ret = 0;
fres = f_open(&f, fname, FA_READ);
if (fres != FR_OK) {
return -1;
}
fres = f_read(&f, dest, (UINT)count, &act_read);
if (fres != FR_OK) {
ret = -2;
goto exit_close_file;
}
ret = (int)act_read;
exit_close_file:
(void)f_close(&f);
return ret;
}
int ram_code_main(void) int ram_code_main(void)
{ {
FRESULT fres; FRESULT fres;
int res; int res;
enum safety_memory_state safety_mem_state; enum safety_memory_state safety_mem_state;
static char filename[256]; static char filename[256];
static char hash_file_name[256];
static char tmp_buff[256]; static char tmp_buff[256];
static char sha_string[SIZE_OF_SHA_256_HASH*2+2];
uint32_t count; uint32_t count;
uint32_t update_size; uint32_t update_size;
int retries = 3; int retries = 3;
uint8_t sha_hash[SIZE_OF_SHA_256_HASH]; uint8_t sha_hash[SIZE_OF_SHA_256_HASH];
SysTick_Config(168000UL); SysTick_Config(168000UL);
external_watchdog_disable(); external_watchdog_disable();
__enable_irq(); __enable_irq();
@ -289,12 +317,33 @@ int ram_code_main(void)
} }
uart_send_string("SHA256: "); uart_send_string("SHA256: ");
bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, tmp_buff, false); bytes_to_hex_string(sha_hash, SIZE_OF_SHA_256_HASH, sha_string, false);
tmp_buff[SIZE_OF_SHA_256_HASH] = 0; sha_string[SIZE_OF_SHA_256_HASH*2] = 0;
uart_send_string(tmp_buff); uart_send_string(sha_string);
uart_send_string("\r\n"); uart_send_string("\r\n");
strncpy(hash_file_name, filename, sizeof(hash_file_name));
strcat(hash_file_name, ".sha");
res = read_file_content(hash_file_name, tmp_buff, sizeof(tmp_buff)-1);
if (res < 0) {
uart_send_string("Error reading expected hash. Is the file present?\r\n");
ram_code_exit(false);
} else if (res >= SIZE_OF_SHA_256_HASH*2) {
tmp_buff[res] = 0;
uart_send_string("Expected sha: ");
uart_send_string(tmp_buff);
uart_send_string("\r\n");
if (strncmp(sha_string, tmp_buff, SIZE_OF_SHA_256_HASH*2) != 0) {
uart_send_string("SHA sums don't match!\r\n");
ram_code_exit(false);
}
} else {
uart_send_string("Expected hash has wrong length!\r\n");
ram_code_exit(false);
}
uart_send_string("Checking hex file "); uart_send_string("Checking hex file ");
uart_send_string(filename); uart_send_string(filename);
uart_send_string("\r\n"); uart_send_string("\r\n");