mirror of
https://github.com/AsahiLinux/u-boot
synced 2024-09-20 14:41:58 +00:00
tools: Pass the key blob around
At present we rely on the key blob being in the global_data fdt_blob pointer. This is true in U-Boot but not with tools. For clarity, pass the parameter around. Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass
parent
2ad90b3953
commit
99f844ba3a
4 changed files with 45 additions and 24 deletions
|
|
@ -65,7 +65,8 @@ struct image_region *fit_region_make_list(const void *fit,
|
|||
|
||||
static int fit_image_setup_verify(struct image_sign_info *info,
|
||||
const void *fit, int noffset,
|
||||
int required_keynode, char **err_msgp)
|
||||
const void *key_blob, int required_keynode,
|
||||
char **err_msgp)
|
||||
{
|
||||
const char *algo_name;
|
||||
const char *padding_name;
|
||||
|
|
@ -91,7 +92,7 @@ static int fit_image_setup_verify(struct image_sign_info *info,
|
|||
info->checksum = image_get_checksum_algo(algo_name);
|
||||
info->crypto = image_get_crypto_algo(algo_name);
|
||||
info->padding = image_get_padding_algo(padding_name);
|
||||
info->fdt_blob = gd_fdt_blob();
|
||||
info->fdt_blob = key_blob;
|
||||
info->required_keynode = required_keynode;
|
||||
printf("%s:%s", algo_name, info->keyname);
|
||||
|
||||
|
|
@ -104,7 +105,8 @@ static int fit_image_setup_verify(struct image_sign_info *info,
|
|||
}
|
||||
|
||||
int fit_image_check_sig(const void *fit, int noffset, const void *data,
|
||||
size_t size, int required_keynode, char **err_msgp)
|
||||
size_t size, const void *key_blob, int required_keynode,
|
||||
char **err_msgp)
|
||||
{
|
||||
struct image_sign_info info;
|
||||
struct image_region region;
|
||||
|
|
@ -112,8 +114,8 @@ int fit_image_check_sig(const void *fit, int noffset, const void *data,
|
|||
int fit_value_len;
|
||||
|
||||
*err_msgp = NULL;
|
||||
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
|
||||
err_msgp))
|
||||
if (fit_image_setup_verify(&info, fit, noffset, key_blob,
|
||||
required_keynode, err_msgp))
|
||||
return -1;
|
||||
|
||||
if (fit_image_hash_get_value(fit, noffset, &fit_value,
|
||||
|
|
@ -156,8 +158,8 @@ static int fit_image_verify_sig(const void *fit, int image_noffset,
|
|||
}
|
||||
if (!strncmp(name, FIT_SIG_NODENAME,
|
||||
strlen(FIT_SIG_NODENAME))) {
|
||||
ret = fit_image_check_sig(fit, noffset, data,
|
||||
size, -1, &err_msg);
|
||||
ret = fit_image_check_sig(fit, noffset, data, size,
|
||||
key_blob, -1, &err_msg);
|
||||
if (ret) {
|
||||
puts("- ");
|
||||
} else {
|
||||
|
|
@ -244,6 +246,7 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
|||
* @noffset: Offset of the signature node being checked (e.g.
|
||||
* /configurations/conf-1/signature-1)
|
||||
* @conf_noffset: Offset of configuration node (e.g. /configurations/conf-1)
|
||||
* @key_blob: Blob containing the keys to check against
|
||||
* @required_keynode: Offset in @key_blob of the required key node,
|
||||
* if any. If this is given, then the configuration wil not
|
||||
* pass verification unless that key is used. If this is
|
||||
|
|
@ -253,7 +256,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
|||
* Return: 0 if all verified ok, <0 on error
|
||||
*/
|
||||
static int fit_config_check_sig(const void *fit, int noffset, int conf_noffset,
|
||||
int required_keynode, char **err_msgp)
|
||||
const void *key_blob, int required_keynode,
|
||||
char **err_msgp)
|
||||
{
|
||||
static char * const exc_prop[] = {
|
||||
"data",
|
||||
|
|
@ -275,12 +279,12 @@ static int fit_config_check_sig(const void *fit, int noffset, int conf_noffset,
|
|||
int count;
|
||||
|
||||
config_name = fit_get_name(fit, conf_noffset, NULL);
|
||||
debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(),
|
||||
debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, key_blob,
|
||||
fit_get_name(fit, noffset, NULL),
|
||||
fit_get_name(gd_fdt_blob(), required_keynode, NULL));
|
||||
fit_get_name(key_blob, required_keynode, NULL));
|
||||
*err_msgp = NULL;
|
||||
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
|
||||
err_msgp))
|
||||
if (fit_image_setup_verify(&info, fit, noffset, key_blob,
|
||||
required_keynode, err_msgp))
|
||||
return -1;
|
||||
|
||||
if (fit_image_hash_get_value(fit, noffset, &fit_value,
|
||||
|
|
@ -423,7 +427,8 @@ static int fit_config_verify_key(const void *fit, int conf_noffset,
|
|||
if (!strncmp(name, FIT_SIG_NODENAME,
|
||||
strlen(FIT_SIG_NODENAME))) {
|
||||
ret = fit_config_check_sig(fit, noffset, conf_noffset,
|
||||
key_offset, &err_msg);
|
||||
key_blob, key_offset,
|
||||
&err_msg);
|
||||
if (ret) {
|
||||
puts("- ");
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -1309,7 +1309,8 @@ static int fit_image_check_hash(const void *fit, int noffset, const void *data,
|
|||
}
|
||||
|
||||
int fit_image_verify_with_data(const void *fit, int image_noffset,
|
||||
const void *data, size_t size)
|
||||
const void *key_blob, const void *data,
|
||||
size_t size)
|
||||
{
|
||||
int noffset = 0;
|
||||
char *err_msg = "";
|
||||
|
|
@ -1319,7 +1320,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
|
|||
/* Verify all required signatures */
|
||||
if (FIT_IMAGE_ENABLE_VERIFY &&
|
||||
fit_image_verify_required_sigs(fit, image_noffset, data, size,
|
||||
gd_fdt_blob(), &verify_all)) {
|
||||
key_blob, &verify_all)) {
|
||||
err_msg = "Unable to verify required signature";
|
||||
goto error;
|
||||
}
|
||||
|
|
@ -1342,8 +1343,8 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
|
|||
} else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
|
||||
!strncmp(name, FIT_SIG_NODENAME,
|
||||
strlen(FIT_SIG_NODENAME))) {
|
||||
ret = fit_image_check_sig(fit, noffset, data,
|
||||
size, -1, &err_msg);
|
||||
ret = fit_image_check_sig(fit, noffset, data, size,
|
||||
gd_fdt_blob(), -1, &err_msg);
|
||||
|
||||
/*
|
||||
* Show an indication on failure, but do not return
|
||||
|
|
@ -1406,7 +1407,8 @@ int fit_image_verify(const void *fit, int image_noffset)
|
|||
goto err;
|
||||
}
|
||||
|
||||
return fit_image_verify_with_data(fit, image_noffset, data, size);
|
||||
return fit_image_verify_with_data(fit, image_noffset, gd_fdt_blob(),
|
||||
data, size);
|
||||
|
||||
err:
|
||||
printf("error!\n%s in '%s' image node\n", err_msg,
|
||||
|
|
|
|||
|
|
@ -321,7 +321,8 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector,
|
|||
if (CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
|
||||
printf("## Checking hash(es) for Image %s ... ",
|
||||
fit_get_name(fit, node, NULL));
|
||||
if (!fit_image_verify_with_data(fit, node, src, length))
|
||||
if (!fit_image_verify_with_data(fit, node, gd_fdt_blob(), src,
|
||||
length))
|
||||
return -EPERM;
|
||||
puts("OK\n");
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1048,8 +1048,19 @@ int fit_add_verification_data(const char *keydir, const char *keyfile,
|
|||
int require_keys, const char *engine_id,
|
||||
const char *cmdname, const char *algo_name);
|
||||
|
||||
/**
|
||||
* fit_image_verify_with_data() - Verify an image with given data
|
||||
*
|
||||
* @fit: Pointer to the FIT format image header
|
||||
* @image_offset: Offset in @fit of image to verify
|
||||
* @key_blob: FDT containing public keys
|
||||
* @data: Image data to verify
|
||||
* @size: Size of image data
|
||||
*/
|
||||
int fit_image_verify_with_data(const void *fit, int image_noffset,
|
||||
const void *data, size_t size);
|
||||
const void *key_blob, const void *data,
|
||||
size_t size);
|
||||
|
||||
int fit_image_verify(const void *fit, int noffset);
|
||||
int fit_config_verify(const void *fit, int conf_noffset);
|
||||
int fit_all_image_verify(const void *fit);
|
||||
|
|
@ -1297,7 +1308,7 @@ struct padding_algo *image_get_padding_algo(const char *name);
|
|||
* @image_noffset: Offset of image node to check
|
||||
* @data: Image data to check
|
||||
* @size: Size of image data
|
||||
* @sig_blob: FDT containing public keys
|
||||
* @key_blob: FDT containing public keys
|
||||
* @no_sigsp: Returns 1 if no signatures were required, and
|
||||
* therefore nothing was checked. The caller may wish
|
||||
* to fall back to other mechanisms, or refuse to
|
||||
|
|
@ -1305,7 +1316,7 @@ struct padding_algo *image_get_padding_algo(const char *name);
|
|||
* Return: 0 if all verified ok, <0 on error
|
||||
*/
|
||||
int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
||||
const char *data, size_t size, const void *sig_blob,
|
||||
const char *data, size_t size, const void *key_blob,
|
||||
int *no_sigsp);
|
||||
|
||||
/**
|
||||
|
|
@ -1315,7 +1326,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
|||
* @noffset: Offset of signature node to check
|
||||
* @data: Image data to check
|
||||
* @size: Size of image data
|
||||
* @required_keynode: Offset in the control FDT of the required key node,
|
||||
* @keyblob: Key blob to check (typically the control FDT)
|
||||
* @required_keynode: Offset in the keyblob of the required key node,
|
||||
* if any. If this is given, then the image wil not
|
||||
* pass verification unless that key is used. If this is
|
||||
* -1 then any signature will do.
|
||||
|
|
@ -1324,7 +1336,8 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
|||
* Return: 0 if all verified ok, <0 on error
|
||||
*/
|
||||
int fit_image_check_sig(const void *fit, int noffset, const void *data,
|
||||
size_t size, int required_keynode, char **err_msgp);
|
||||
size_t size, const void *key_blob, int required_keynode,
|
||||
char **err_msgp);
|
||||
|
||||
int fit_image_decrypt_data(const void *fit,
|
||||
int image_noffset, int cipher_noffset,
|
||||
|
|
|
|||
Loading…
Reference in a new issue