Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-11 07:34:31 +00:00
Code Issues Projects Releases Packages Wiki Activity
u-boot/boot/image-fit-sig.c

552 lines
14 KiB
C
Raw Normal View History

lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright (c) 2013, Google Inc.
*/
#ifdef USE_HOSTCC
#include "mkimage.h"
#include <time.h>
#else
#include <common.h>
common: Drop log.h from common header Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-10 17:40:05 +00:00
#include <log.h>
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
#include <malloc.h>
common: Drop asm/global_data.h from common header Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com>
2020-10-31 03:38:53 +00:00
#include <asm/global_data.h>
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
DECLARE_GLOBAL_DATA_PTR;
#endif /* !USE_HOSTCC*/
libfdt: split fdt_region declarations out to <fdt_region.h> fdt_region APIs are not part of libfdt. They are U-Boot extension for the verified boot. Split the declarations related to fdt_region out of <fdt_region.h>. This allows <linux/libfdt.h> to become a simple wrapper file, like Linux does. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
2020-04-16 09:30:18 +00:00
#include <fdt_region.h>
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
#include <image.h>
#include <u-boot/rsa.h>
lib: Rename rsa-checksum.c to hash-checksum.c rsa-checksum.c sontains the hash_calculate() implementations. Despite the "rsa-" file prefix, this function is useful for other algorithms. To prevent confusion, move this file to lib/, and rename it to hash-checksum.c, to give it a more "generic" feel. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-02-19 18:45:10 +00:00
#include <u-boot/hash-checksum.h>
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
#define IMAGE_MAX_HASHED_NODES 100
/**
* fit_region_make_list() - Make a list of image regions
*
* Given a list of fdt_regions, create a list of image_regions. This is a
* simple conversion routine since the FDT and image code use different
* structures.
*
* @fit: FIT image
* @fdt_regions: Pointer to FDT regions
* @count: Number of FDT regions
* @region: Pointer to image regions, which must hold @count records. If
* region is NULL, then (except for an SPL build) the array will be
* allocated.
* @return: Pointer to image regions
*/
struct image_region *fit_region_make_list(const void *fit,
struct fdt_region *fdt_regions,
int count,
struct image_region *region)
{
int i;
debug("Hash regions:\n");
debug("%10s %10s\n", "Offset", "Size");
/*
* Use malloc() except in SPL (to save code size). In SPL the caller
* must allocate the array.
*/
image: Remove some #ifdefs from image-fit and image-fit-sig Drop the #ifdefs which are easy to remove without refactoring. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-26 01:43:39 +00:00
if (!IS_ENABLED(CONFIG_SPL_BUILD) && !region)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
region = calloc(sizeof(*region), count);
if (!region)
return NULL;
for (i = 0; i < count; i++) {
debug("%10x %10x\n", fdt_regions[i].offset,
fdt_regions[i].size);
region[i].data = fit + fdt_regions[i].offset;
region[i].size = fdt_regions[i].size;
}
return region;
}
static int fit_image_setup_verify(struct image_sign_info *info,
const void *fit, int noffset,
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
const void *key_blob, int required_keynode,
char **err_msgp)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
image-fit: Make string of algo parameter constant Modifications would be invalid. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2022-01-14 09:21:17 +00:00
const char *algo_name;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
const char *padding_name;
image: Remove some #ifdefs from image-fit and image-fit-sig Drop the #ifdefs which are easy to remove without refactoring. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-09-26 01:43:39 +00:00
if (fdt_totalsize(fit) > CONFIG_VAL(FIT_SIGNATURE_MAX_SIZE)) {
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
*err_msgp = "Total size too large";
return 1;
}
if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
*err_msgp = "Can't get hash algo property";
return -1;
}
padding_name = fdt_getprop(fit, noffset, "padding", NULL);
if (!padding_name)
padding_name = RSA_DEFAULT_PADDING_NAME;
memset(info, '\0', sizeof(*info));
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
image.h: make image_sign_info.fit point to const The data blob apparently does not need to be modified through the fit field of the image_sign_info struct so make it point to const to avoid the need to cast away constness in functions that assign a pointer to const data to the field. fit_image_setup_verify already had to cast away constness as it assigned a const void * argument to the field. The cast can now be removed. Signed-off-by: Hannu Lounento <hannu.lounento@vaisala.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-10-18 05:49:03 +00:00
info->fit = fit;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
info->node_offset = noffset;
info->name = algo_name;
info->checksum = image_get_checksum_algo(algo_name);
info->crypto = image_get_crypto_algo(algo_name);
info->padding = image_get_padding_algo(padding_name);
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
info->fdt_blob = key_blob;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
info->required_keynode = required_keynode;
printf("%s:%s", algo_name, info->keyname);
if (!info->checksum || !info->crypto || !info->padding) {
*err_msgp = "Unknown signature algorithm";
return -1;
}
return 0;
}
int fit_image_check_sig(const void *fit, int noffset, const void *data,
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
size_t size, const void *key_blob, int required_keynode,
char **err_msgp)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
struct image_sign_info info;
struct image_region region;
uint8_t *fit_value;
int fit_value_len;
*err_msgp = NULL;
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
if (fit_image_setup_verify(&info, fit, noffset, key_blob,
required_keynode, err_msgp))
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
region.data = data;
region.size = size;
if (info.crypto->verify(&info, &region, 1, fit_value, fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
static int fit_image_verify_sig(const void *fit, int image_noffset,
const char *data, size_t size,
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
const void *key_blob, int key_offset)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
int noffset;
char *err_msg = "";
int verified = 0;
int ret;
/* Process all hash subnodes of the component image node */
fdt_for_each_subnode(noffset, fit, image_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
fit: Don't allow verification of images with @ nodes When searching for a node called 'fred', any unit address appended to the name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This means that we cannot be sure that the node originally intended is the one that is used. Disallow use of nodes with unit addresses. Update the forge test also, since it uses @ addresses. CVE-2021-27138 Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-16 00:08:06 +00:00
/*
* We don't support this since libfdt considers names with the
* name root but different @ suffix to be equal
*/
if (strchr(name, '@')) {
err_msg = "Node name contains @";
goto error;
}
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
ret = fit_image_check_sig(fit, noffset, data, size,
key_blob, -1, &err_msg);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
return verified ? 0 : -EPERM;
error:
printf(" error!\n%s for '%s' hash node in '%s' image node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, image_noffset, NULL));
return -1;
}
int fit_image_verify_required_sigs(const void *fit, int image_noffset,
const char *data, size_t size,
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
const void *key_blob, int *no_sigsp)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
int verify_count = 0;
int noffset;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
int key_node;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
/* Work out what we need to verify */
*no_sigsp = 1;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
key_node = fdt_subnode_offset(key_blob, 0, FIT_SIG_NODENAME);
if (key_node < 0) {
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
debug("%s: No signature node found: %s\n", __func__,
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
fdt_strerror(key_node));
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return 0;
}
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
fdt_for_each_subnode(noffset, key_blob, key_node) {
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
const char *required;
int ret;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
required = fdt_getprop(key_blob, noffset, FIT_KEY_REQUIRED,
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
NULL);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (!required || strcmp(required, "image"))
continue;
ret = fit_image_verify_sig(fit, image_noffset, data, size,
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
key_blob, noffset);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (ret) {
printf("Failed to verify required signature '%s'\n",
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
fit_get_name(key_blob, noffset, NULL));
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return ret;
}
verify_count++;
}
if (verify_count)
*no_sigsp = 0;
return 0;
}
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
/**
* fit_config_check_sig() - Check the signature of a config
*
tools: Tidy up argument order in fit_config_check_sig() Put the parent node first in the parameters as this is more natural. Also add a comment to explain what is going on. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:09 +00:00
* Here we are looking at a particular signature that needs verification (here
* signature-1):
*
* configurations {
* default = "conf-1";
* conf-1 {
* kernel = "kernel-1";
* fdt = "fdt-1";
* signature-1 {
* algo = "sha1,rsa2048";
* value = <...conf 1 signature...>;
* };
* };
*
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
* @fit: FIT to check
tools: Tidy up argument order in fit_config_check_sig() Put the parent node first in the parameters as this is more natural. Also add a comment to explain what is going on. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:09 +00:00
* @noffset: Offset of the signature node being checked (e.g.
* /configurations/conf-1/signature-1)
* @conf_noffset: Offset of configuration node (e.g. /configurations/conf-1)
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
* @key_blob: Blob containing the keys to check against
tools: Tidy up argument order in fit_config_check_sig() Put the parent node first in the parameters as this is more natural. Also add a comment to explain what is going on. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:09 +00:00
* @required_keynode: Offset in @key_blob of the required key node,
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
* if any. If this is given, then the configuration wil not
* pass verification unless that key is used. If this is
* -1 then any signature will do.
* @err_msgp: In the event of an error, this will be pointed to a
* help error string to display to the user.
doc: replace @return by Return: Sphinx expects Return: and not @return to indicate a return value. find . -name '*.c' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; find . -name '*.h' -exec \ sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \; Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
2022-01-19 17:05:50 +00:00
* Return: 0 if all verified ok, <0 on error
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
*/
tools: Tidy up argument order in fit_config_check_sig() Put the parent node first in the parameters as this is more natural. Also add a comment to explain what is going on. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:09 +00:00
static int fit_config_check_sig(const void *fit, int noffset, int conf_noffset,
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
const void *key_blob, int required_keynode,
char **err_msgp)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
fit: Fix verification of images with external data The "-E" option to mkimage generates a FIT with external data using the data-size and data-offset properties which must both be ignored when verifying a signature. Add "data-offset" to the list of excluded properties for signature verification; since the line is now too long, re-format the list to one-per-line and make it static since the data is constant. Signed-off-by: John Keeping <john@metanate.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-04-20 18:19:44 +00:00
static char * const exc_prop[] = {
"data",
"data-size",
"data-position",
"data-offset"
};
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
const char *prop, *end, *name;
struct image_sign_info info;
const uint32_t *strings;
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
const char *config_name;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
uint8_t *fit_value;
int fit_value_len;
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
bool found_config;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
int max_regions;
int i, prop_len;
char path[200];
int count;
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
config_name = fit_get_name(fit, conf_noffset, NULL);
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, key_blob,
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
fit_get_name(fit, noffset, NULL),
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
fit_get_name(key_blob, required_keynode, NULL));
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
*err_msgp = NULL;
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
if (fit_image_setup_verify(&info, fit, noffset, key_blob,
required_keynode, err_msgp))
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
/* Count the number of strings in the property */
prop = fdt_getprop(fit, noffset, "hashed-nodes", &prop_len);
end = prop ? prop + prop_len : prop;
for (name = prop, count = 0; name < end; name++)
if (!*name)
count++;
if (!count) {
*err_msgp = "Can't get hashed-nodes property";
return -1;
}
if (prop && prop_len > 0 && prop[prop_len - 1] != '\0') {
*err_msgp = "hashed-nodes property must be null-terminated";
return -1;
}
/* Add a sanity check here since we are using the stack */
if (count > IMAGE_MAX_HASHED_NODES) {
*err_msgp = "Number of hashed nodes exceeds maximum";
return -1;
}
/* Create a list of node names from those strings */
char *node_inc[count];
debug("Hash nodes (%d):\n", count);
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
found_config = false;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) {
debug(" '%s'\n", name);
node_inc[i] = (char *)name;
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
if (!strncmp(FIT_CONFS_PATH, name, strlen(FIT_CONFS_PATH)) &&
name[sizeof(FIT_CONFS_PATH) - 1] == '/' &&
!strcmp(name + sizeof(FIT_CONFS_PATH), config_name)) {
debug(" (found config node %s)", config_name);
found_config = true;
}
}
if (!found_config) {
*err_msgp = "Selected config not in hashed nodes";
return -1;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
}
/*
* Each node can generate one region for each sub-node. Allow for
* 7 sub-nodes (hash-1, signature-1, etc.) and some extra.
*/
max_regions = 20 + count * 7;
struct fdt_region fdt_regions[max_regions];
/* Get a list of regions to hash */
count = fdt_find_regions(fit, node_inc, count,
exc_prop, ARRAY_SIZE(exc_prop),
fdt_regions, max_regions - 1,
path, sizeof(path), 0);
if (count < 0) {
*err_msgp = "Failed to hash configuration";
return -1;
}
if (count == 0) {
*err_msgp = "No data to hash";
return -1;
}
if (count >= max_regions - 1) {
*err_msgp = "Too many hash regions";
return -1;
}
/* Add the strings */
strings = fdt_getprop(fit, noffset, "hashed-strings", NULL);
if (strings) {
/*
* The strings region offset must be a static 0x0.
* This is set in tool/image-host.c
*/
fdt_regions[count].offset = fdt_off_dt_strings(fit);
fdt_regions[count].size = fdt32_to_cpu(strings[1]);
count++;
}
/* Allocate the region list on the stack */
struct image_region region[count];
fit_region_make_list(fit, fdt_regions, count, region);
if (info.crypto->verify(&info, region, count, fit_value,
fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
/**
* fit_config_verify_key() - Verify that a configuration is signed with a key
*
* Here we are looking at a particular configuration that needs verification:
*
* configurations {
* default = "conf-1";
* conf-1 {
* kernel = "kernel-1";
* fdt = "fdt-1";
* signature-1 {
* algo = "sha1,rsa2048";
* value = <...conf 1 signature...>;
* };
* };
*
* We must check each of the signature subnodes of conf-1. Hopefully one of them
* will match the key at key_offset.
*
* @fit: FIT to check
* @conf_noffset: Offset of the configuration node to check (e.g.
* /configurations/conf-1)
* @key_blob: Blob containing the keys to check against
* @key_offset: Offset of the key to check within @key_blob
* @return 0 if OK, -EPERM if any signatures did not verify, or the
* configuration node has an invalid name
*/
static int fit_config_verify_key(const void *fit, int conf_noffset,
const void *key_blob, int key_offset)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
int noffset;
common: fit-sig: Fix error message in fit_config_verify_sig() In fit_config_verify_sig(), when no 'signature*' subnode exists in the configuration node, the fdt_for_each_subnode() loop is a no-op. Therefore, no error flags are set, and 'err_,sg' is not populated with an error string. This is incorrect behavior. Populate err_msg to indicate that no 'signature' is found, before entering the loop. The first call to fit_image_verify_sig() will override clear err_msg, or set it to a more specific message. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2021-01-11 14:46:58 +00:00
char *err_msg = "No 'signature' subnode found";
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
int verified = 0;
int ret;
/* Process all hash subnodes of the component conf node */
fdt_for_each_subnode(noffset, fit, conf_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
tools: Tidy up argument order in fit_config_check_sig() Put the parent node first in the parameters as this is more natural. Also add a comment to explain what is going on. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:09 +00:00
ret = fit_config_check_sig(fit, noffset, conf_noffset,
tools: Pass the key blob around At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:10 +00:00
key_blob, key_offset,
&err_msg);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
if (verified)
return 0;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
error:
printf(" error!\n%s for '%s' hash node in '%s' config node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, conf_noffset, NULL));
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
return -EPERM;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
}
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
/**
* fit_config_verify_required_keys() - verify any required signatures for config
*
* This looks through all the signatures we expect and verifies that at least
* all the required ones are valid signatures for the configuration
*
* @fit: FIT to check
* @conf_noffset: Offset of the configuration node to check (e.g.
* /configurations/conf-1)
* @key_blob: Blob containing the keys to check against
* @return 0 if OK, -EPERM if any signatures did not verify, or the
* configuration node has an invalid name
*/
static int fit_config_verify_required_keys(const void *fit, int conf_noffset,
const void *key_blob)
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
{
fit: Don't allow verification of images with @ nodes When searching for a node called 'fred', any unit address appended to the name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This means that we cannot be sure that the node originally intended is the one that is used. Disallow use of nodes with unit addresses. Update the forge test also, since it uses @ addresses. CVE-2021-27138 Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-16 00:08:06 +00:00
const char *name = fit_get_name(fit, conf_noffset, NULL);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
int noffset;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
int key_node;
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
int verified = 0;
int reqd_sigs = 0;
bool reqd_policy_all = true;
const char *reqd_mode;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
fit: Don't allow verification of images with @ nodes When searching for a node called 'fred', any unit address appended to the name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This means that we cannot be sure that the node originally intended is the one that is used. Disallow use of nodes with unit addresses. Update the forge test also, since it uses @ addresses. CVE-2021-27138 Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Bruce Monroe <bruce.monroe@intel.com> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com>
2021-02-16 00:08:06 +00:00
/*
* We don't support this since libfdt considers names with the
* name root but different @ suffix to be equal
*/
if (strchr(name, '@')) {
printf("Configuration node '%s' contains '@'\n", name);
return -EPERM;
}
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
/* Work out what we need to verify */
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
key_node = fdt_subnode_offset(key_blob, 0, FIT_SIG_NODENAME);
if (key_node < 0) {
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
debug("%s: No signature node found: %s\n", __func__,
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
fdt_strerror(key_node));
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return 0;
}
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
/* Get required-mode policy property from DTB */
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
reqd_mode = fdt_getprop(key_blob, key_node, "required-mode", NULL);
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
if (reqd_mode && !strcmp(reqd_mode, "any"))
reqd_policy_all = false;
debug("%s: required-mode policy set to '%s'\n", __func__,
reqd_policy_all ? "all" : "any");
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
/*
* The algorithm here is a little convoluted due to how we want it to
* work. Here we work through each of the signature nodes in the
* public-key area. These are in the U-Boot control devicetree. Each
* node was created by signing a configuration, so we check if it is
* 'required' and if so, request that it be verified.
*/
fdt_for_each_subnode(noffset, key_blob, key_node) {
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
const char *required;
int ret;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
required = fdt_getprop(key_blob, noffset, FIT_KEY_REQUIRED,
Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQQbPNTMvXmYlBPRwx7KSWXLKUoMIQUCXoxw9wAKCRDKSWXLKUoM IbQxAKCK23yTy4FoN8oTGTYsbmLOA9kVUQCbBx8lg4nBeA8ihSaAnY+HMDF37YI= =Lg54 -----END PGP SIGNATURE----- Merge tag 'xilinx-for-v2020.07' of https://gitlab.denx.de/u-boot/custodians/u-boot-microblaze into next Xilinx changes for v2020.07 common: - Align ENV_FAT_INTERFACE - Fix MAC address source print log - Improve based autodetection code xilinx: - Enable netconsole Microblaze: - Setup default ENV_OFFSET/ENV_SECT_SIZE Zynq: - Multiple DT updates/fixes - Use DEVICE_TREE environment variable for DTB selection - Switch to single zynq configuration - Enable NOR flash via DM - Minor SPL print removal - Enable i2c mux driver ZynqMP: - Print multiboot register - Enable cache commands in mini mtest - Multiple DT updates/fixes - Fix firmware probing when driver is not enabled - Specify 3rd backup RAM boot mode in SPL - Add SPL support for zcu102 v1.1 and zcu111 revA - Redesign debug uart enabling and psu_init delay - Enable full u-boot run from EL3 - Enable u-boot.itb generation without ATF with U-Boot in EL3 Versal: - Enable distro default - Enable others SPI flashes - Enable systems without DDR Drivers: - Gem: - Flush memory after freeing - Handle mdio bus separately - Watchdog: - Get rid of unused global data pointer - Enable window watchdog timer - Serial: - Change reinitialization logic in zynq serial driver Signed-off-by: Tom Rini <trini@konsulko.com>
2020-04-07 15:58:44 +00:00
NULL);
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
if (!required || strcmp(required, "conf"))
continue;
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
reqd_sigs++;
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
ret = fit_config_verify_key(fit, conf_noffset, key_blob,
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
noffset);
if (ret) {
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
if (reqd_policy_all) {
printf("Failed to verify required signature '%s'\n",
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
fit_get_name(key_blob, noffset, NULL));
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
return ret;
}
} else {
verified++;
if (!reqd_policy_all)
break;
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
}
}
vboot: add DTB policy for supporting multiple required conf keys Currently FIT image must be signed by all required conf keys. This means Verified Boot fails if there is a signature verification failure using any required key in U-Boot DTB. This patch introduces a new policy in DTB that can be set to any required conf key. This means if verified boot passes with one of the required keys, U-Boot will continue the OS hand off. There were prior attempts to address this: https://lists.denx.de/pipermail/u-boot/2019-April/366047.html The above patch was failing "make tests". https://lists.denx.de/pipermail/u-boot/2020-January/396629.html Signed-off-by: Thirupathaiah Annapureddy <thiruan@linux.microsoft.com> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-08-17 06:01:09 +00:00
if (reqd_sigs && !verified) {
printf("Failed to verify 'any' of the required signature(s)\n");
return -EPERM;
}
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
return 0;
}
int fit_config_verify(const void *fit, int conf_noffset)
{
tools: Avoid confusion between keys and signatures We should be consistent in using the term 'signature' to describe a value added to sign something and 'key' to describe the key that can be used to verify the signature. Tidy up the code to stick to this. Add some comments to fit_config_verify_key() and its callers while we are here. Signed-off-by: Simon Glass <sjg@chromium.org>
2021-11-12 19:28:08 +00:00
return fit_config_verify_required_keys(fit, conf_noffset,
lib: rsa: decouple rsa from FIT image verification Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building RSA functions from FIT verification and allow for adding a RSA-based signature verification for other file formats, in particular PE file for UEFI secure boot. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
2020-02-21 06:12:55 +00:00
gd_fdt_blob());
}
Reference in a new issue Copy permalink