From 71021382172f3ea121fc2805e5411047e96ff43d Mon Sep 17 00:00:00 2001
From: irriden <irriden@proton.me>
Date: Sat, 18 Nov 2023 02:06:01 +0000
Subject: [PATCH] sphinx-key: check integrity of ota bin file

---
 broker/Cargo.lock     | 10 +++++-----
 broker/Cargo.toml     |  4 ++--
 sphinx-key/Cargo.lock | 12 ++++++------
 sphinx-key/Cargo.toml |  6 +++---
 sphinx-key/src/ota.rs | 22 +++++++++++++++++++---
 tester/Cargo.lock     | 12 ++++++------
 tester/Cargo.toml     |  4 ++--
 7 files changed, 43 insertions(+), 27 deletions(-)

diff --git a/broker/Cargo.lock b/broker/Cargo.lock
index e2aadf1..0e6e672 100644
--- a/broker/Cargo.lock
+++ b/broker/Cargo.lock
@@ -1691,7 +1691,7 @@ dependencies = [
 [[package]]
 name = "lss-connector"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "lightning-storage-server",
@@ -2693,7 +2693,7 @@ dependencies = [
 [[package]]
 name = "rmp-utils"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "log",
@@ -3268,7 +3268,7 @@ dependencies = [
 [[package]]
 name = "sphinx-auther"
 version = "0.1.12"
-source = "git+https://github.com/stakwork/sphinx-rs?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "base64 0.21.2",
@@ -3280,7 +3280,7 @@ dependencies = [
 [[package]]
 name = "sphinx-glyph"
 version = "0.1.2"
-source = "git+https://github.com/stakwork/sphinx-rs?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "hex",
@@ -3326,7 +3326,7 @@ dependencies = [
 [[package]]
 name = "sphinx-signer"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "bip39",
diff --git a/broker/Cargo.toml b/broker/Cargo.toml
index 2a61dfa..37cb668 100644
--- a/broker/Cargo.toml
+++ b/broker/Cargo.toml
@@ -39,8 +39,8 @@ vls-proxy           = { git = "https://gitlab.com/lightning-signer/validating-li
 # vls-protocol-client = { path = "../../vls/vls-protocol-client" }
 # vls-proxy           = { path = "../../vls/vls-proxy" }
 
-lss-connector = { git = "https://github.com/stakwork/sphinx-rs", rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
-sphinx-signer = { git = "https://github.com/stakwork/sphinx-rs", rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
+lss-connector = { git = "https://github.com/stakwork/sphinx-rs", rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
+sphinx-signer = { git = "https://github.com/stakwork/sphinx-rs", rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
 # lss-connector = { path = "../../sphinx-rs/lss-connector" }
 # sphinx-signer = { path = "../../sphinx-rs/signer" }
 
diff --git a/sphinx-key/Cargo.lock b/sphinx-key/Cargo.lock
index 41d0592..047fe2c 100644
--- a/sphinx-key/Cargo.lock
+++ b/sphinx-key/Cargo.lock
@@ -1161,7 +1161,7 @@ checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4"
 [[package]]
 name = "lss-connector"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "log",
@@ -1530,7 +1530,7 @@ dependencies = [
 [[package]]
 name = "rmp-utils"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "log",
@@ -1728,7 +1728,7 @@ dependencies = [
 [[package]]
 name = "sphinx-auther"
 version = "0.1.12"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "base64",
@@ -1740,7 +1740,7 @@ dependencies = [
 [[package]]
 name = "sphinx-crypter"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "chacha20poly1305",
@@ -1751,7 +1751,7 @@ dependencies = [
 [[package]]
 name = "sphinx-glyph"
 version = "0.1.2"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "hex",
@@ -1783,7 +1783,7 @@ dependencies = [
 [[package]]
 name = "sphinx-signer"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "bip39",
diff --git a/sphinx-key/Cargo.toml b/sphinx-key/Cargo.toml
index d508fdf..942342f 100644
--- a/sphinx-key/Cargo.toml
+++ b/sphinx-key/Cargo.toml
@@ -21,9 +21,9 @@ serde_urlencoded = "0.7.1"
 url              = "2"
 
 # sphinx-rs
-lss-connector  = { git = "https://github.com/stakwork/sphinx-rs.git", default-features = false, rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
-sphinx-crypter = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
-sphinx-signer  = { git = "https://github.com/stakwork/sphinx-rs.git", optional = true, rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
+lss-connector  = { git = "https://github.com/stakwork/sphinx-rs.git", default-features = false, rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
+sphinx-crypter = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
+sphinx-signer  = { git = "https://github.com/stakwork/sphinx-rs.git", optional = true, rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
 # local
 # lss-connector  = { path = "../../sphinx-rs/lss-connector", default-features = false }
 # sphinx-crypter  = { path = "../../sphinx-rs/crypter" }
diff --git a/sphinx-key/src/ota.rs b/sphinx-key/src/ota.rs
index cf0a933..fb75abb 100644
--- a/sphinx-key/src/ota.rs
+++ b/sphinx-key/src/ota.rs
@@ -5,10 +5,11 @@ use esp_idf_svc::http::client::FollowRedirectsPolicy::FollowNone;
 use esp_idf_svc::http::Method;
 use esp_idf_svc::ota::EspOta;
 use log::{error, info};
+use sphinx_signer::lightning_signer::bitcoin::hashes::{self, Hash};
 use sphinx_signer::sphinx_glyph::control::OtaParams;
 use std::fs::{remove_file, File};
-use std::io::BufWriter;
 use std::io::Write;
+use std::io::{BufReader, BufWriter};
 
 const BUFFER_LEN: usize = 1024;
 const UPDATE_BIN_PATH: &str = "/sdcard/update.bin";
@@ -61,10 +62,25 @@ fn get_update(params: OtaParams) -> Result<()> {
     Ok(())
 }
 
+fn check_integrity(params: OtaParams) -> Result<()> {
+    let f = File::open(UPDATE_BIN_PATH)?;
+    let mut reader = BufReader::new(f);
+    let mut engine = hashes::sha256::HashEngine::default();
+    std::io::copy(&mut reader, &mut engine)?;
+    let hash = hashes::sha256::Hash::from_engine(engine);
+    if hash.to_string() == params.sha256_hash {
+        Ok(())
+    } else {
+        Err(anyhow!("Integrity check failed!"))
+    }
+}
+
 pub fn update_sphinx_key(params: OtaParams) -> Result<()> {
     info!("Getting the update...");
-    get_update(params)?;
-    info!("Update written to sd card, performing factory reset");
+    get_update(params.clone())?;
+    info!("Update written to sd card, checking integrity...");
+    check_integrity(params)?;
+    info!("Integrity check passed, performing factory reset...");
     factory_reset()?;
     info!("Factory reset completed!");
     Ok(())
diff --git a/tester/Cargo.lock b/tester/Cargo.lock
index 85136ff..604ec62 100644
--- a/tester/Cargo.lock
+++ b/tester/Cargo.lock
@@ -1151,7 +1151,7 @@ dependencies = [
 [[package]]
 name = "lss-connector"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "log",
@@ -1702,7 +1702,7 @@ dependencies = [
 [[package]]
 name = "rmp-utils"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "log",
@@ -2085,7 +2085,7 @@ dependencies = [
 [[package]]
 name = "sphinx-auther"
 version = "0.1.12"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "base64 0.21.2",
@@ -2097,7 +2097,7 @@ dependencies = [
 [[package]]
 name = "sphinx-crypter"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "chacha20poly1305",
@@ -2108,7 +2108,7 @@ dependencies = [
 [[package]]
 name = "sphinx-glyph"
 version = "0.1.2"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "hex",
@@ -2147,7 +2147,7 @@ dependencies = [
 [[package]]
 name = "sphinx-signer"
 version = "0.1.0"
-source = "git+https://github.com/stakwork/sphinx-rs.git?rev=55c4b00dc079d21353904fec45b10c7f09ec8f85#55c4b00dc079d21353904fec45b10c7f09ec8f85"
+source = "git+https://github.com/stakwork/sphinx-rs.git?rev=db9f902750742c1aa4dc96ebc97f7c0e69b015a5#db9f902750742c1aa4dc96ebc97f7c0e69b015a5"
 dependencies = [
  "anyhow",
  "bip39",
diff --git a/tester/Cargo.toml b/tester/Cargo.toml
index aafd43a..b6a6f94 100644
--- a/tester/Cargo.toml
+++ b/tester/Cargo.toml
@@ -24,8 +24,8 @@ serde_json        = "1.0"
 tokio             = { version = "1.4.0", features = ["rt", "rt-multi-thread", "macros"] }
 urlencoding       = "2.1.0"
 
-sphinx-crypter = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
-sphinx-signer = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "55c4b00dc079d21353904fec45b10c7f09ec8f85" }
+sphinx-crypter = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
+sphinx-signer = { git = "https://github.com/stakwork/sphinx-rs.git", rev = "db9f902750742c1aa4dc96ebc97f7c0e69b015a5" }
 # sphinx-crypter = { path = "../../sphinx-rs/crypter" }
 # sphinx-signer = { path = "../../sphinx-rs/signer" }