Add a fingerprint of the ARM OS source files to detect when a client expects another ARM image

CHANGELOG.md

@@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+ - Added detection of a possible mismatch between client and Proxmark3 image (@doegox)
  - Changed `hf mf nested`: removed option `--single` redundant with usage of `--tblk` (@doegox)
  - Fixed `hf mf chk` single block mode (@doegox)
  - Fixed `hf mf fchk/chk` internal logic to load keys (@doegox)
@@ -20,7 +21,7 @@ This project uses the changelog in accordance with [keepchangelog](http://keepac
  - Changed `hf_mf_uidbruteforce` - added support for S70, enhance UID length management (@cactuschibre)
  - Fixed build issues that may happen from building `mfd_aes_brute` (@linuxgemini)
  - Added silicon data parsing logic for NXP chips in `hf mfu info` (@linuxgemini)
- - Addes luascript `hf_mf_em_util.lua` - Script for emulator configuration (@nisgola)
+ - Added luascript `hf_mf_em_util.lua` - Script for emulator configuration (@nisgola)
  - Fixes `hf mf restore` - now takes bin/eml/json as dump files (@iceman1001)
  - Fixes `script run some_python_script` segfault on armhf architecture (@doegox)
  - Added `trace extract` - extract authentication parts from trace (@iceman1001)

client/src/cmdhw.c

@@ -1073,6 +1073,16 @@ void pm3_version(bool verbose, bool oneliner) {
             struct p *payload = (struct p *)&resp.data.asBytes;
 
             PrintAndLogEx(NORMAL,  payload->versionstr);
+            char *ptr = strstr(payload->versionstr, " os: ");
+            if (ptr != NULL) {
+                ptr = strstr(ptr, "\n");
+                if (ptr != NULL) {
+                    if (strncmp(ptr-9, g_version_information.armsrc, 9) != 0) {
+                        PrintAndLogEx(NORMAL, "\n:warning:  " _RED_("ARM os does not match the source at the time the client was compiled") " :warning:");
+                        PrintAndLogEx(NORMAL,  "Make sure to flash a correct and up-to-date version");
+                    }
+                }
+            }
             if (strstr(payload->versionstr, "2s30vq100") == NULL) {
                 PrintAndLogEx(NORMAL, "  FPGA firmware... %s", _RED_("chip mismatch"));
             }

common/commonutil.c

@@ -49,6 +49,8 @@ void FormatVersionInformation(char *dst, int len, const char *prefix, void *vers
 
     strncat(dst, " ", len - strlen(dst) - 1);
     strncat(dst, v->buildtime, len - strlen(dst) - 1);
+    strncat(dst, " ", len - strlen(dst) - 1);
+    strncat(dst, v->armsrc, len - strlen(dst) - 1);
 }
 
 /*

include/common.h

@@ -53,6 +53,7 @@ struct version_information_t {
     char clean; /* 1: Tree was clean, no local changes. 0: Tree was unclean. 2: Couldn't be determined */
     char gitversion[50]; /* String with the git revision */
     char buildtime[30]; /* string with the build time */
+    char armsrc[10]; /* sha256sum of sha256sum of armsrc files */
 } PACKED;
 
 // debug

tools/mkversion.sh

@@ -58,6 +58,11 @@ if [ "$fullgitinfoextra" != "$fullgitinfo" ]; then
     fullgitinfo46="${fullgitinfo%"${fullgitinfoextra}"}"
     fullgitinfo="${fullgitinfo46}..."
 fi
+sha=$(
+  pm3path=$(dirname -- "$0")/..
+  cd "$pm3path" || return
+  ls armsrc/*.[ch] common_arm/*.[ch]|grep -v disabled|grep -v version_pm3|xargs sha256sum|sha256sum|grep -o '^.........'
+)
 cat <<EOF
 #include "common.h"
 /* Generated file, do not edit */
@@ -74,5 +79,6 @@ const struct version_information_t SECTVERSINFO g_version_information = {
     $clean,
     "$fullgitinfo",
     "$ctime",
+    "$sha"
 };
 EOF