[SECURITY] Flash memory usage change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka
@@ -1,3 +1,9 @@
|
||||
2017-04-27 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* src/flash.c (flash_init): Return address of end of data object.
|
||||
* src/openpgp.c (gpg_init): Get address of end of data object.
|
||||
* src/openpgp-do.c (gpg_data_scan): Check the end address.
|
||||
|
||||
2017-02-02 NIIBE Yutaka <gniibe@fsij.org>
|
||||
|
||||
* VERSION: 1.2.3.
|
||||
|
||||
14
src/flash.c
14
src/flash.c
@@ -1,7 +1,7 @@
|
||||
/*
|
||||
* flash.c -- Data Objects (DO) and GPG Key handling on Flash ROM
|
||||
*
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017
|
||||
* Free Software Initiative of Japan
|
||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||
*
|
||||
@@ -102,8 +102,8 @@ static int key_available_at (const uint8_t *k, int key_size)
|
||||
|
||||
|
||||
#define CHIP_ID_REG ((uint32_t *)0xe0042000)
|
||||
const uint8_t *
|
||||
flash_init (void)
|
||||
void
|
||||
flash_init (const uint8_t **p_do_start, const uint8_t **p_do_end)
|
||||
{
|
||||
uint16_t gen0, gen1;
|
||||
uint16_t *gen0_p = (uint16_t *)&_data_pool;
|
||||
@@ -121,8 +121,11 @@ flash_init (void)
|
||||
gen1 = *gen1_p;
|
||||
|
||||
if (gen0 == 0xffff && gen1 == 0xffff)
|
||||
{
|
||||
/* It's terminated. */
|
||||
return NULL;
|
||||
*p_do_start = *p_do_end = NULL;
|
||||
return;
|
||||
}
|
||||
|
||||
if (gen0 == 0xffff)
|
||||
/* Use another page if a page is erased. */
|
||||
@@ -134,7 +137,8 @@ flash_init (void)
|
||||
/* When both pages have valid header, use newer page. */
|
||||
data_pool = &_data_pool + flash_page_size;
|
||||
|
||||
return data_pool + FLASH_DATA_POOL_HEADER_SIZE;
|
||||
*p_do_start = data_pool + FLASH_DATA_POOL_HEADER_SIZE;
|
||||
*p_do_end = data_pool + flash_page_size;
|
||||
}
|
||||
|
||||
static uint8_t *flash_key_getpage (enum kind_of_key kk);
|
||||
|
||||
@@ -106,7 +106,7 @@ extern uint16_t data_objects_number_of_bytes;
|
||||
|
||||
#define CHALLENGE_LEN 32
|
||||
|
||||
void gpg_data_scan (const uint8_t *p);
|
||||
void gpg_data_scan (const uint8_t *start, const uint8_t *end);
|
||||
void gpg_data_copy (const uint8_t *p);
|
||||
void gpg_do_terminate (void);
|
||||
void gpg_do_get_data (uint16_t tag, int with_tag);
|
||||
@@ -139,7 +139,7 @@ enum size_of_key {
|
||||
int gpg_get_algo_attr (enum kind_of_key kk);
|
||||
int gpg_get_algo_attr_key_size (enum kind_of_key kk, enum size_of_key s);
|
||||
|
||||
const uint8_t *flash_init (void);
|
||||
void flash_init (const uint8_t **, const uint8_t **);
|
||||
void flash_terminate (void);
|
||||
void flash_activate (void);
|
||||
void flash_init_keys (void);
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
/*
|
||||
* openpgp-do.c -- OpenPGP card Data Objects (DO) handling
|
||||
*
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017
|
||||
* Free Software Initiative of Japan
|
||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||
*
|
||||
@@ -1543,12 +1543,13 @@ gpg_do_table[] = {
|
||||
* Reading data from Flash ROM, initialize DO_PTR, PW_ERR_COUNTERS, etc.
|
||||
*/
|
||||
void
|
||||
gpg_data_scan (const uint8_t *p_start)
|
||||
gpg_data_scan (const uint8_t *do_start, const uint8_t *do_end)
|
||||
{
|
||||
const uint8_t *p;
|
||||
int i;
|
||||
const uint8_t *dsc_h14_p, *dsc_l10_p;
|
||||
int dsc_h14, dsc_l10;
|
||||
const uint8_t *p_end;
|
||||
|
||||
dsc_h14_p = dsc_l10_p = NULL;
|
||||
pw1_lifetime_p = NULL;
|
||||
@@ -1556,10 +1557,15 @@ gpg_data_scan (const uint8_t *p_start)
|
||||
pw_err_counter_p[PW_ERR_RC] = NULL;
|
||||
pw_err_counter_p[PW_ERR_PW3] = NULL;
|
||||
algo_attr_sig_p = algo_attr_dec_p = algo_attr_aut_p = NULL;
|
||||
digital_signature_counter = 0;
|
||||
|
||||
/* When the card is terminated no data objects are valid. */
|
||||
if (do_start == NULL)
|
||||
return;
|
||||
|
||||
/* Traverse DO, counters, etc. in DATA pool */
|
||||
p = p_start;
|
||||
while (p && *p != NR_EMPTY)
|
||||
p = do_start;
|
||||
while (p < do_end && *p != NR_EMPTY)
|
||||
{
|
||||
uint8_t nr = *p++;
|
||||
uint8_t second_byte = *p;
|
||||
@@ -1571,7 +1577,9 @@ gpg_data_scan (const uint8_t *p_start)
|
||||
if (nr < 0x80)
|
||||
{
|
||||
/* It's Data Object */
|
||||
if (nr < NR_DO__LAST__)
|
||||
do_ptr[nr] = p;
|
||||
|
||||
p += second_byte + 1; /* second_byte has length */
|
||||
|
||||
if (((uint32_t)p & 1))
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
/*
|
||||
* openpgp.c -- OpenPGP card protocol support
|
||||
*
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016
|
||||
* Copyright (C) 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017
|
||||
* Free Software Initiative of Japan
|
||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||
*
|
||||
@@ -106,16 +106,17 @@ uint8_t file_selection;
|
||||
static void
|
||||
gpg_init (void)
|
||||
{
|
||||
const uint8_t *flash_data_start;
|
||||
const uint8_t *flash_do_start;
|
||||
const uint8_t *flash_do_end;
|
||||
|
||||
flash_data_start = flash_init ();
|
||||
flash_init (&flash_do_start, &flash_do_end);
|
||||
|
||||
if (flash_data_start == NULL)
|
||||
if (flash_do_start == NULL)
|
||||
file_selection = FILE_CARD_TERMINATED;
|
||||
else
|
||||
file_selection = FILE_NONE;
|
||||
|
||||
gpg_data_scan (flash_data_start);
|
||||
gpg_data_scan (flash_do_start, flash_do_end);
|
||||
flash_init_keys ();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user