From e480ee6c59e7380197ae06460ec4abfe74978512 Mon Sep 17 00:00:00 2001
From: ko1N <ko1N1337@gmail.com>
Date: Mon, 5 May 2025 20:26:29 +0200
Subject: [PATCH] Add checksum check

---
 Cargo.lock                       | 12 +++++
 memflow-pcileech/Cargo.toml      |  3 +-
 memflow-pcileech/src/download.rs | 77 +++++++++++++++++++++++---------
 3 files changed, 70 insertions(+), 22 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index aad0bc2..421e5a4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1250,6 +1250,7 @@ dependencies = [
  "memflow-win32",
  "parking_lot 0.12.3",
  "progress-streams",
+ "sha2",
  "ureq",
  "zip",
 ]
@@ -1815,6 +1816,17 @@ dependencies = [
  "digest",
 ]
 
+[[package]]
+name = "sha2"
+version = "0.10.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "digest",
+]
+
 [[package]]
 name = "shlex"
 version = "1.3.0"
diff --git a/memflow-pcileech/Cargo.toml b/memflow-pcileech/Cargo.toml
index fe556fd..62c532f 100644
--- a/memflow-pcileech/Cargo.toml
+++ b/memflow-pcileech/Cargo.toml
@@ -23,6 +23,7 @@ parking_lot = "0.12"
 
 ureq = { version = "2.10", optional = true }
 zip = { version = "2.6", optional = true }
+sha2 = { version = "0.10", optional = true }
 indicatif = { version = "0.17", optional = true }
 progress-streams = { version = "1.1", optional = true }
 
@@ -33,7 +34,7 @@ memflow-win32 = { version = "0.2" }
 [features]
 default = ["download_drivers", "download_progress"]
 bindgen = ["leechcore-sys/bindgen"]
-download_drivers = ["ureq", "zip"]
+download_drivers = ["ureq", "zip", "sha2"]
 download_progress = ["indicatif", "progress-streams"]
 
 [[example]]
diff --git a/memflow-pcileech/src/download.rs b/memflow-pcileech/src/download.rs
index f7755bc..7adb8dc 100644
--- a/memflow-pcileech/src/download.rs
+++ b/memflow-pcileech/src/download.rs
@@ -1,4 +1,5 @@
-use log::info;
+use log::{error, info, warn};
+use sha2::{Digest, Sha256};
 use std::fs::File;
 use std::io::{self, Cursor, Read, Write};
 use std::path::PathBuf;
@@ -14,6 +15,44 @@ use {
     std::sync::Arc,
 };
 
+// Windows
+#[cfg(all(target_os = "windows", target_arch = "x86"))]
+pub fn download_url() -> (&'static str, &'static str, &'static str) {
+    (
+        "https://ftdichip.com/wp-content/uploads/2025/03/Winusb_D3XX_Release_1.4.0.0.zip",
+        "WU_FTD3XXLib/Lib/Dynamic/x86/FTD3XXWU.dll",
+        "xxx",
+    )
+}
+#[cfg(all(target_os = "windows", target_arch = "x86_64"))]
+pub fn download_url() -> (&'static str, &'static str, &'static str) {
+    (
+        "https://ftdichip.com/wp-content/uploads/2025/03/Winusb_D3XX_Release_1.4.0.0.zip",
+        "WU_FTD3XXLib/Lib/Dynamic/x64/FTD3XXWU.dll",
+        "f0315b7f20ebdf1303082b63d6dd598ff7d98d3b738fc7444d000a4b64913666",
+    )
+}
+#[cfg(all(target_os = "windows", target_arch = "aarch64"))]
+pub fn download_url() -> (&'static str, &'static str, &'static str) {
+    (
+        "https://ftdichip.com/wp-content/uploads/2025/03/Winusb_D3XX_Release_1.4.0.0.zip",
+        "WU_FTD3XXLib/Lib/Dynamic/ARM64/FTD3XXWU.dll",
+        "xxx",
+    )
+}
+
+// TODO: linux
+#[cfg(all(target_os = "linux", target_arch = "x86_64"))]
+pub fn download_url() -> (&'static str, &'static str, &'static str) {
+    (
+        "https://ftdichip.com/wp-content/uploads/2023/11/FTD3XXLibrary_v1.3.0.8.zip",
+        "FTD3XXLibrary_v1.3.0.8/x64/DLL/FTD3XX.dll",
+        "1234",
+    )
+}
+
+// TODO: mac
+
 fn download_file(url: &str) -> Result<Vec<u8>> {
     info!("downloading file from {}", url);
     let resp = ureq::get(url).call().map_err(|_| {
@@ -79,25 +118,8 @@ fn read_to_end<T: Read>(reader: &mut T, _len: usize) -> Result<Vec<u8>> {
     Ok(buffer)
 }
 
-#[cfg(all(target_os = "windows", target_arch = "x86_64"))]
-pub fn download_url() -> (&'static str, &'static str) {
-    (
-        "https://ftdichip.com/wp-content/uploads/2023/11/FTD3XXLibrary_v1.3.0.8.zip",
-        "FTD3XXLibrary_v1.3.0.8/x64/DLL/FTD3XX.dll",
-    )
-}
-
-// TODO:
-#[cfg(all(target_os = "linux", target_arch = "x86_64"))]
-pub fn download_url() -> (&'static str, &'static str) {
-    (
-        "https://ftdichip.com/wp-content/uploads/2023/11/FTD3XXLibrary_v1.3.0.8.zip",
-        "FTD3XXLibrary_v1.3.0.8/x64/DLL/FTD3XX.dll",
-    )
-}
-
 pub fn download_driver() -> Result<()> {
-    let (url, file_to_extract) = download_url();
+    let (url, file_to_extract, file_checksum) = download_url();
 
     let file_to_extract_path: PathBuf = file_to_extract.parse().unwrap();
     let file_to_extract_name = file_to_extract_path.file_name().unwrap().to_str().unwrap();
@@ -131,7 +153,6 @@ pub fn download_driver() -> Result<()> {
         let mut file = archive
             .by_index(i)
             .map_err(|_| Error(ErrorOrigin::Connector, ErrorKind::UnableToReadFile))?;
-        println!("file.name: {}", file.name());
         if file.name() == file_to_extract {
             info!("Found file to extract: {}", file_to_extract);
 
@@ -143,8 +164,22 @@ pub fn download_driver() -> Result<()> {
                 output_path.display()
             ));
 
+            let mut file_contents = Vec::new();
+            file.read_to_end(&mut file_contents).unwrap();
+            let hash = format!("{:x}", Sha256::digest(&file_contents));
+            if hash != file_checksum {
+                error!(
+                    "invalid checksum of extracted {} (found {})",
+                    file_to_extract_name, hash
+                );
+                return Ok(());
+            }
+
             // Copy the file content
-            io::copy(&mut file, &mut output_file).expect("Failed to write extracted file");
+            output_file
+                .write_all(&file_contents)
+                .expect("Failed to write extracted file");
+            output_file.flush().unwrap();
 
             info!(
                 "Successfully extracted {} to {}",