Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-24 21:54:01 +00:00
Code Issues Projects Releases Packages Wiki Activity

lib: rsa: decouple rsa from FIT image verification

Browse source 
Introduce new configuration, CONFIG_RSA_VERIFY which will decouple building
RSA functions from FIT verification and allow for adding a RSA-based
signature verification for other file formats, in particular PE file
for UEFI secure boot.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
AKASHI Takahiro 2020-02-21 15:12:55 +09:00 committed by Tom Rini
parent d08b16edf8
commit b983cc2da0
11 changed files with 501 additions and 438 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Kconfig
View file

@ -354,6 +354,8 @@ config FIT_SIGNATURE
depends on DM depends on DM
select HASH select HASH
select RSA select RSA
select RSA_VERIFY
select IMAGE_SIGN_INFO
help help
This option enables signature verification of FIT uImages, This option enables signature verification of FIT uImages,
using a hash signed and verified using RSA. If using a hash signed and verified using RSA. If
@ -442,6 +444,8 @@ config SPL_FIT_SIGNATURE
depends on SPL_DM depends on SPL_DM
select SPL_FIT select SPL_FIT
select SPL_RSA select SPL_RSA
select SPL_RSA_VERIFY
select IMAGE_SIGN_INFO
config SPL_LOAD_FIT config SPL_LOAD_FIT
bool "Enable SPL loading U-Boot as a FIT (basic fitImage features)" bool "Enable SPL loading U-Boot as a FIT (basic fitImage features)"

7
common/Kconfig
View file

@ -1045,3 +1045,10 @@ config BLOBLIST_ADDR
endmenu endmenu
source "common/spl/Kconfig" source "common/spl/Kconfig"
config IMAGE_SIGN_INFO
bool
select SHA1
select SHA256
help
Enable image_sign_info helper functions.

3
common/Makefile
View file

@ -112,7 +112,8 @@ obj-$(CONFIG_ANDROID_BOOT_IMAGE) += image-android.o image-android-dt.o
obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += image-fdt.o obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += image-fdt.o
obj-$(CONFIG_$(SPL_TPL_)FIT) += image-fit.o obj-$(CONFIG_$(SPL_TPL_)FIT) += image-fit.o
obj-$(CONFIG_$(SPL_)MULTI_DTB_FIT) += boot_fit.o common_fit.o obj-$(CONFIG_$(SPL_)MULTI_DTB_FIT) += boot_fit.o common_fit.o
obj-$(CONFIG_$(SPL_TPL_)FIT_SIGNATURE) += image-sig.o obj-$(CONFIG_IMAGE_SIGN_INFO) += image-sig.o
obj-$(CONFIG_$(SPL_TPL_)FIT_SIGNATURE) += image-fit-sig.o
obj-$(CONFIG_$(SPL_TPL_)FIT_CIPHER) += image-cipher.o obj-$(CONFIG_$(SPL_TPL_)FIT_CIPHER) += image-cipher.o
obj-$(CONFIG_IO_TRACE) += iotrace.o obj-$(CONFIG_IO_TRACE) += iotrace.o
obj-y += memsize.o obj-y += memsize.o

417
common/image-fit-sig.c Normal file
View file

@ -0,0 +1,417 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright (c) 2013, Google Inc.
*/
#ifdef USE_HOSTCC
#include "mkimage.h"
#include <time.h>
#else
#include <common.h>
#include <malloc.h>
DECLARE_GLOBAL_DATA_PTR;
#endif /* !USE_HOSTCC*/
#include <image.h>
#include <u-boot/rsa.h>
#include <u-boot/rsa-checksum.h>
#define IMAGE_MAX_HASHED_NODES 100
#ifdef USE_HOSTCC
void *host_blob;
void image_set_host_blob(void *blob)
{
host_blob = blob;
}
void *image_get_host_blob(void)
{
return host_blob;
}
#endif
/**
* fit_region_make_list() - Make a list of image regions
*
* Given a list of fdt_regions, create a list of image_regions. This is a
* simple conversion routine since the FDT and image code use different
* structures.
*
* @fit: FIT image
* @fdt_regions: Pointer to FDT regions
* @count: Number of FDT regions
* @region: Pointer to image regions, which must hold @count records. If
* region is NULL, then (except for an SPL build) the array will be
* allocated.
* @return: Pointer to image regions
*/
struct image_region *fit_region_make_list(const void *fit,
struct fdt_region *fdt_regions,
int count,
struct image_region *region)
{
int i;
debug("Hash regions:\n");
debug("%10s %10s\n", "Offset", "Size");
/*
* Use malloc() except in SPL (to save code size). In SPL the caller
* must allocate the array.
*/
#ifndef CONFIG_SPL_BUILD
if (!region)
region = calloc(sizeof(*region), count);
#endif
if (!region)
return NULL;
for (i = 0; i < count; i++) {
debug("%10x %10x\n", fdt_regions[i].offset,
fdt_regions[i].size);
region[i].data = fit + fdt_regions[i].offset;
region[i].size = fdt_regions[i].size;
}
return region;
}
static int fit_image_setup_verify(struct image_sign_info *info,
const void *fit, int noffset,
int required_keynode, char **err_msgp)
{
char *algo_name;
const char *padding_name;
if (fdt_totalsize(fit) > CONFIG_FIT_SIGNATURE_MAX_SIZE) {
*err_msgp = "Total size too large";
return 1;
}
if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
*err_msgp = "Can't get hash algo property";
return -1;
}
padding_name = fdt_getprop(fit, noffset, "padding", NULL);
if (!padding_name)
padding_name = RSA_DEFAULT_PADDING_NAME;
memset(info, '\0', sizeof(*info));
info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
info->fit = (void *)fit;
info->node_offset = noffset;
info->name = algo_name;
info->checksum = image_get_checksum_algo(algo_name);
info->crypto = image_get_crypto_algo(algo_name);
info->padding = image_get_padding_algo(padding_name);
info->fdt_blob = gd_fdt_blob();
info->required_keynode = required_keynode;
printf("%s:%s", algo_name, info->keyname);
if (!info->checksum || !info->crypto || !info->padding) {
*err_msgp = "Unknown signature algorithm";
return -1;
}
return 0;
}
int fit_image_check_sig(const void *fit, int noffset, const void *data,
size_t size, int required_keynode, char **err_msgp)
{
struct image_sign_info info;
struct image_region region;
uint8_t *fit_value;
int fit_value_len;
*err_msgp = NULL;
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
err_msgp))
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
region.data = data;
region.size = size;
if (info.crypto->verify(&info, &region, 1, fit_value, fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
static int fit_image_verify_sig(const void *fit, int image_noffset,
const char *data, size_t size,
const void *sig_blob, int sig_offset)
{
int noffset;
char *err_msg = "";
int verified = 0;
int ret;
/* Process all hash subnodes of the component image node */
fdt_for_each_subnode(noffset, fit, image_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
ret = fit_image_check_sig(fit, noffset, data,
size, -1, &err_msg);
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
return verified ? 0 : -EPERM;
error:
printf(" error!\n%s for '%s' hash node in '%s' image node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, image_noffset, NULL));
return -1;
}
int fit_image_verify_required_sigs(const void *fit, int image_noffset,
const char *data, size_t size,
const void *sig_blob, int *no_sigsp)
{
int verify_count = 0;
int noffset;
int sig_node;
/* Work out what we need to verify */
*no_sigsp = 1;
sig_node = fdt_subnode_offset(sig_blob, 0, FIT_SIG_NODENAME);
if (sig_node < 0) {
debug("%s: No signature node found: %s\n", __func__,
fdt_strerror(sig_node));
return 0;
}
fdt_for_each_subnode(noffset, sig_blob, sig_node) {
const char *required;
int ret;
required = fdt_getprop(sig_blob, noffset, "required", NULL);
if (!required || strcmp(required, "image"))
continue;
ret = fit_image_verify_sig(fit, image_noffset, data, size,
sig_blob, noffset);
if (ret) {
printf("Failed to verify required signature '%s'\n",
fit_get_name(sig_blob, noffset, NULL));
return ret;
}
verify_count++;
}
if (verify_count)
*no_sigsp = 0;
return 0;
}
int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
char **err_msgp)
{
char * const exc_prop[] = {"data"};
const char *prop, *end, *name;
struct image_sign_info info;
const uint32_t *strings;
uint8_t *fit_value;
int fit_value_len;
int max_regions;
int i, prop_len;
char path[200];
int count;
debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(),
fit_get_name(fit, noffset, NULL),
fit_get_name(gd_fdt_blob(), required_keynode, NULL));
*err_msgp = NULL;
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
err_msgp))
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
/* Count the number of strings in the property */
prop = fdt_getprop(fit, noffset, "hashed-nodes", &prop_len);
end = prop ? prop + prop_len : prop;
for (name = prop, count = 0; name < end; name++)
if (!*name)
count++;
if (!count) {
*err_msgp = "Can't get hashed-nodes property";
return -1;
}
if (prop && prop_len > 0 && prop[prop_len - 1] != '\0') {
*err_msgp = "hashed-nodes property must be null-terminated";
return -1;
}
/* Add a sanity check here since we are using the stack */
if (count > IMAGE_MAX_HASHED_NODES) {
*err_msgp = "Number of hashed nodes exceeds maximum";
return -1;
}
/* Create a list of node names from those strings */
char *node_inc[count];
debug("Hash nodes (%d):\n", count);
for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) {
debug(" '%s'\n", name);
node_inc[i] = (char *)name;
}
/*
* Each node can generate one region for each sub-node. Allow for
* 7 sub-nodes (hash-1, signature-1, etc.) and some extra.
*/
max_regions = 20 + count * 7;
struct fdt_region fdt_regions[max_regions];
/* Get a list of regions to hash */
count = fdt_find_regions(fit, node_inc, count,
exc_prop, ARRAY_SIZE(exc_prop),
fdt_regions, max_regions - 1,
path, sizeof(path), 0);
if (count < 0) {
*err_msgp = "Failed to hash configuration";
return -1;
}
if (count == 0) {
*err_msgp = "No data to hash";
return -1;
}
if (count >= max_regions - 1) {
*err_msgp = "Too many hash regions";
return -1;
}
/* Add the strings */
strings = fdt_getprop(fit, noffset, "hashed-strings", NULL);
if (strings) {
/*
* The strings region offset must be a static 0x0.
* This is set in tool/image-host.c
*/
fdt_regions[count].offset = fdt_off_dt_strings(fit);
fdt_regions[count].size = fdt32_to_cpu(strings[1]);
count++;
}
/* Allocate the region list on the stack */
struct image_region region[count];
fit_region_make_list(fit, fdt_regions, count, region);
if (info.crypto->verify(&info, region, count, fit_value,
fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
static int fit_config_verify_sig(const void *fit, int conf_noffset,
const void *sig_blob, int sig_offset)
{
int noffset;
char *err_msg = "";
int verified = 0;
int ret;
/* Process all hash subnodes of the component conf node */
fdt_for_each_subnode(noffset, fit, conf_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
ret = fit_config_check_sig(fit, noffset, sig_offset,
&err_msg);
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
return verified ? 0 : -EPERM;
error:
printf(" error!\n%s for '%s' hash node in '%s' config node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, conf_noffset, NULL));
return -1;
}
int fit_config_verify_required_sigs(const void *fit, int conf_noffset,
const void *sig_blob)
{
int noffset;
int sig_node;
/* Work out what we need to verify */
sig_node = fdt_subnode_offset(sig_blob, 0, FIT_SIG_NODENAME);
if (sig_node < 0) {
debug("%s: No signature node found: %s\n", __func__,
fdt_strerror(sig_node));
return 0;
}
fdt_for_each_subnode(noffset, sig_blob, sig_node) {
const char *required;
int ret;
required = fdt_getprop(sig_blob, noffset, "required", NULL);
if (!required || strcmp(required, "conf"))
continue;
ret = fit_config_verify_sig(fit, conf_noffset, sig_blob,
noffset);
if (ret) {
printf("Failed to verify required signature '%s'\n",
fit_get_name(sig_blob, noffset, NULL));
return ret;
}
}
return 0;
}
int fit_config_verify(const void *fit, int conf_noffset)
{
return fit_config_verify_required_sigs(fit, conf_noffset,
gd_fdt_blob());
}

6
common/image-fit.c
View file

@ -1269,7 +1269,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
int ret; int ret;
/* Verify all required signatures */ /* Verify all required signatures */
if (IMAGE_ENABLE_VERIFY && if (FIT_IMAGE_ENABLE_VERIFY &&
fit_image_verify_required_sigs(fit, image_noffset, data, size, fit_image_verify_required_sigs(fit, image_noffset, data, size,
gd_fdt_blob(), &verify_all)) { gd_fdt_blob(), &verify_all)) {
err_msg = "Unable to verify required signature"; err_msg = "Unable to verify required signature";
@ -1291,7 +1291,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
&err_msg)) &err_msg))
goto error; goto error;
puts("+ "); puts("+ ");
} else if (IMAGE_ENABLE_VERIFY && verify_all && } else if (FIT_IMAGE_ENABLE_VERIFY && verify_all &&
!strncmp(name, FIT_SIG_NODENAME, !strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) { strlen(FIT_SIG_NODENAME))) {
ret = fit_image_check_sig(fit, noffset, data, ret = fit_image_check_sig(fit, noffset, data,
@ -1949,7 +1949,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
if (image_type == IH_TYPE_KERNEL) if (image_type == IH_TYPE_KERNEL)
images->fit_uname_cfg = fit_base_uname_config; images->fit_uname_cfg = fit_base_uname_config;
if (IMAGE_ENABLE_VERIFY && images->verify) { if (FIT_IMAGE_ENABLE_VERIFY && images->verify) {
puts(" Verifying Hash Integrity ... "); puts(" Verifying Hash Integrity ... ");
if (fit_config_verify(fit, cfg_noffset)) { if (fit_config_verify(fit, cfg_noffset)) {
puts("Bad Data Hash\n"); puts("Bad Data Hash\n");

396
common/image-sig.c
View file

@ -17,18 +17,6 @@ DECLARE_GLOBAL_DATA_PTR;
#define IMAGE_MAX_HASHED_NODES 100 #define IMAGE_MAX_HASHED_NODES 100
#ifdef USE_HOSTCC
void *host_blob;
void image_set_host_blob(void *blob)
{
host_blob = blob;
}
void *image_get_host_blob(void)
{
return host_blob;
}
#endif
struct checksum_algo checksum_algos[] = { struct checksum_algo checksum_algos[] = {
{ {
.name = "sha1", .name = "sha1",
@ -162,387 +150,3 @@ struct padding_algo *image_get_padding_algo(const char *name)
return NULL; return NULL;
} }
/**
* fit_region_make_list() - Make a list of image regions
*
* Given a list of fdt_regions, create a list of image_regions. This is a
* simple conversion routine since the FDT and image code use different
* structures.
*
* @fit: FIT image
* @fdt_regions: Pointer to FDT regions
* @count: Number of FDT regions
* @region: Pointer to image regions, which must hold @count records. If
* region is NULL, then (except for an SPL build) the array will be
* allocated.
* @return: Pointer to image regions
*/
struct image_region *fit_region_make_list(const void *fit,
struct fdt_region *fdt_regions, int count,
struct image_region *region)
{
int i;
debug("Hash regions:\n");
debug("%10s %10s\n", "Offset", "Size");
/*
* Use malloc() except in SPL (to save code size). In SPL the caller
* must allocate the array.
*/
#ifndef CONFIG_SPL_BUILD
if (!region)
region = calloc(sizeof(*region), count);
#endif
if (!region)
return NULL;
for (i = 0; i < count; i++) {
debug("%10x %10x\n", fdt_regions[i].offset,
fdt_regions[i].size);
region[i].data = fit + fdt_regions[i].offset;
region[i].size = fdt_regions[i].size;
}
return region;
}
static int fit_image_setup_verify(struct image_sign_info *info,
const void *fit, int noffset, int required_keynode,
char **err_msgp)
{
char *algo_name;
const char *padding_name;
if (fdt_totalsize(fit) > CONFIG_FIT_SIGNATURE_MAX_SIZE) {
*err_msgp = "Total size too large";
return 1;
}
if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
*err_msgp = "Can't get hash algo property";
return -1;
}
padding_name = fdt_getprop(fit, noffset, "padding", NULL);
if (!padding_name)
padding_name = RSA_DEFAULT_PADDING_NAME;
memset(info, '\0', sizeof(*info));
info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
info->fit = (void *)fit;
info->node_offset = noffset;
info->name = algo_name;
info->checksum = image_get_checksum_algo(algo_name);
info->crypto = image_get_crypto_algo(algo_name);
info->padding = image_get_padding_algo(padding_name);
info->fdt_blob = gd_fdt_blob();
info->required_keynode = required_keynode;
printf("%s:%s", algo_name, info->keyname);
if (!info->checksum || !info->crypto || !info->padding) {
*err_msgp = "Unknown signature algorithm";
return -1;
}
return 0;
}
int fit_image_check_sig(const void *fit, int noffset, const void *data,
size_t size, int required_keynode, char **err_msgp)
{
struct image_sign_info info;
struct image_region region;
uint8_t *fit_value;
int fit_value_len;
*err_msgp = NULL;
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
err_msgp))
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
region.data = data;
region.size = size;
if (info.crypto->verify(&info, &region, 1, fit_value, fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
static int fit_image_verify_sig(const void *fit, int image_noffset,
const char *data, size_t size, const void *sig_blob,
int sig_offset)
{
int noffset;
char *err_msg = "";
int verified = 0;
int ret;
/* Process all hash subnodes of the component image node */
fdt_for_each_subnode(noffset, fit, image_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
ret = fit_image_check_sig(fit, noffset, data,
size, -1, &err_msg);
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
return verified ? 0 : -EPERM;
error:
printf(" error!\n%s for '%s' hash node in '%s' image node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, image_noffset, NULL));
return -1;
}
int fit_image_verify_required_sigs(const void *fit, int image_noffset,
const char *data, size_t size, const void *sig_blob,
int *no_sigsp)
{
int verify_count = 0;
int noffset;
int sig_node;
/* Work out what we need to verify */
*no_sigsp = 1;
sig_node = fdt_subnode_offset(sig_blob, 0, FIT_SIG_NODENAME);
if (sig_node < 0) {
debug("%s: No signature node found: %s\n", __func__,
fdt_strerror(sig_node));
return 0;
}
fdt_for_each_subnode(noffset, sig_blob, sig_node) {
const char *required;
int ret;
required = fdt_getprop(sig_blob, noffset, "required", NULL);
if (!required || strcmp(required, "image"))
continue;
ret = fit_image_verify_sig(fit, image_noffset, data, size,
sig_blob, noffset);
if (ret) {
printf("Failed to verify required signature '%s'\n",
fit_get_name(sig_blob, noffset, NULL));
return ret;
}
verify_count++;
}
if (verify_count)
*no_sigsp = 0;
return 0;
}
int fit_config_check_sig(const void *fit, int noffset, int required_keynode,
char **err_msgp)
{
char * const exc_prop[] = {"data"};
const char *prop, *end, *name;
struct image_sign_info info;
const uint32_t *strings;
uint8_t *fit_value;
int fit_value_len;
int max_regions;
int i, prop_len;
char path[200];
int count;
debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(),
fit_get_name(fit, noffset, NULL),
fit_get_name(gd_fdt_blob(), required_keynode, NULL));
*err_msgp = NULL;
if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
err_msgp))
return -1;
if (fit_image_hash_get_value(fit, noffset, &fit_value,
&fit_value_len)) {
*err_msgp = "Can't get hash value property";
return -1;
}
/* Count the number of strings in the property */
prop = fdt_getprop(fit, noffset, "hashed-nodes", &prop_len);
end = prop ? prop + prop_len : prop;
for (name = prop, count = 0; name < end; name++)
if (!*name)
count++;
if (!count) {
*err_msgp = "Can't get hashed-nodes property";
return -1;
}
if (prop && prop_len > 0 && prop[prop_len - 1] != '\0') {
*err_msgp = "hashed-nodes property must be null-terminated";
return -1;
}
/* Add a sanity check here since we are using the stack */
if (count > IMAGE_MAX_HASHED_NODES) {
*err_msgp = "Number of hashed nodes exceeds maximum";
return -1;
}
/* Create a list of node names from those strings */
char *node_inc[count];
debug("Hash nodes (%d):\n", count);
for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) {
debug(" '%s'\n", name);
node_inc[i] = (char *)name;
}
/*
* Each node can generate one region for each sub-node. Allow for
* 7 sub-nodes (hash-1, signature-1, etc.) and some extra.
*/
max_regions = 20 + count * 7;
struct fdt_region fdt_regions[max_regions];
/* Get a list of regions to hash */
count = fdt_find_regions(fit, node_inc, count,
exc_prop, ARRAY_SIZE(exc_prop),
fdt_regions, max_regions - 1,
path, sizeof(path), 0);
if (count < 0) {
*err_msgp = "Failed to hash configuration";
return -1;
}
if (count == 0) {
*err_msgp = "No data to hash";
return -1;
}
if (count >= max_regions - 1) {
*err_msgp = "Too many hash regions";
return -1;
}
/* Add the strings */
strings = fdt_getprop(fit, noffset, "hashed-strings", NULL);
if (strings) {
/*
* The strings region offset must be a static 0x0.
* This is set in tool/image-host.c
*/
fdt_regions[count].offset = fdt_off_dt_strings(fit);
fdt_regions[count].size = fdt32_to_cpu(strings[1]);
count++;
}
/* Allocate the region list on the stack */
struct image_region region[count];
fit_region_make_list(fit, fdt_regions, count, region);
if (info.crypto->verify(&info, region, count, fit_value,
fit_value_len)) {
*err_msgp = "Verification failed";
return -1;
}
return 0;
}
static int fit_config_verify_sig(const void *fit, int conf_noffset,
const void *sig_blob, int sig_offset)
{
int noffset;
char *err_msg = "";
int verified = 0;
int ret;
/* Process all hash subnodes of the component conf node */
fdt_for_each_subnode(noffset, fit, conf_noffset) {
const char *name = fit_get_name(fit, noffset, NULL);
if (!strncmp(name, FIT_SIG_NODENAME,
strlen(FIT_SIG_NODENAME))) {
ret = fit_config_check_sig(fit, noffset, sig_offset,
&err_msg);
if (ret) {
puts("- ");
} else {
puts("+ ");
verified = 1;
break;
}
}
}
if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
err_msg = "Corrupted or truncated tree";
goto error;
}
return verified ? 0 : -EPERM;
error:
printf(" error!\n%s for '%s' hash node in '%s' config node\n",
err_msg, fit_get_name(fit, noffset, NULL),
fit_get_name(fit, conf_noffset, NULL));
return -1;
}
int fit_config_verify_required_sigs(const void *fit, int conf_noffset,
const void *sig_blob)
{
int noffset;
int sig_node;
/* Work out what we need to verify */
sig_node = fdt_subnode_offset(sig_blob, 0, FIT_SIG_NODENAME);
if (sig_node < 0) {
debug("%s: No signature node found: %s\n", __func__,
fdt_strerror(sig_node));
return 0;
}
fdt_for_each_subnode(noffset, sig_blob, sig_node) {
const char *required;
int ret;
required = fdt_getprop(sig_blob, noffset, "required", NULL);
if (!required || strcmp(required, "conf"))
continue;
ret = fit_config_verify_sig(fit, conf_noffset, sig_blob,
noffset);
if (ret) {
printf("Failed to verify required signature '%s'\n",
fit_get_name(sig_blob, noffset, NULL));
return ret;
}
}
return 0;
}
int fit_config_verify(const void *fit, int conf_noffset)
{
return fit_config_verify_required_sigs(fit, conf_noffset,
gd_fdt_blob());
}

14
include/image.h
View file

@ -1114,6 +1114,7 @@ int fit_conf_get_prop_node(const void *fit, int noffset,
int fit_check_ramdisk(const void *fit, int os_noffset, int fit_check_ramdisk(const void *fit, int os_noffset,
uint8_t arch, int verify); uint8_t arch, int verify);
#endif /* IMAGE_ENABLE_FIT */
int calculate_hash(const void *data, int data_len, const char *algo, int calculate_hash(const void *data, int data_len, const char *algo,
uint8_t *value, int *value_len); uint8_t *value, int *value_len);
@ -1126,16 +1127,20 @@ int calculate_hash(const void *data, int data_len, const char *algo,
# if defined(CONFIG_FIT_SIGNATURE) # if defined(CONFIG_FIT_SIGNATURE)
# define IMAGE_ENABLE_SIGN 1 # define IMAGE_ENABLE_SIGN 1
# define IMAGE_ENABLE_VERIFY 1 # define IMAGE_ENABLE_VERIFY 1
# define FIT_IMAGE_ENABLE_VERIFY 1
# include <openssl/evp.h> # include <openssl/evp.h>
# else # else
# define IMAGE_ENABLE_SIGN 0 # define IMAGE_ENABLE_SIGN 0
# define IMAGE_ENABLE_VERIFY 0 # define IMAGE_ENABLE_VERIFY 0
# define FIT_IMAGE_ENABLE_VERIFY 0
# endif # endif
#else #else
# define IMAGE_ENABLE_SIGN 0 # define IMAGE_ENABLE_SIGN 0
# define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE) # define IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(RSA_VERIFY)
# define FIT_IMAGE_ENABLE_VERIFY CONFIG_IS_ENABLED(FIT_SIGNATURE)
#endif #endif
#if IMAGE_ENABLE_FIT
#ifdef USE_HOSTCC #ifdef USE_HOSTCC
void *image_get_host_blob(void); void *image_get_host_blob(void);
void image_set_host_blob(void *host_blob); void image_set_host_blob(void *host_blob);
@ -1149,6 +1154,7 @@ void image_set_host_blob(void *host_blob);
#else #else
#define IMAGE_ENABLE_BEST_MATCH 0 #define IMAGE_ENABLE_BEST_MATCH 0
#endif #endif
#endif /* IMAGE_ENABLE_FIT */
/* Information passed to the signing routines */ /* Information passed to the signing routines */
struct image_sign_info { struct image_sign_info {
@ -1166,16 +1172,12 @@ struct image_sign_info {
const char *engine_id; /* Engine to use for signing */ const char *engine_id; /* Engine to use for signing */
}; };
#endif /* Allow struct image_region to always be defined for rsa.h */
/* A part of an image, used for hashing */ /* A part of an image, used for hashing */
struct image_region { struct image_region {
const void *data; const void *data;
int size; int size;
}; };
#if IMAGE_ENABLE_FIT
#if IMAGE_ENABLE_VERIFY #if IMAGE_ENABLE_VERIFY
# include <u-boot/rsa-checksum.h> # include <u-boot/rsa-checksum.h>
#endif #endif
@ -1276,6 +1278,8 @@ struct crypto_algo *image_get_crypto_algo(const char *full_name);
*/ */
struct padding_algo *image_get_padding_algo(const char *name); struct padding_algo *image_get_padding_algo(const char *name);
#if IMAGE_ENABLE_FIT
/** /**
* fit_image_verify_required_sigs() - Verify signatures marked as 'required' * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
* *

10
lib/rsa/Kconfig
View file

@ -18,6 +18,16 @@ if RSA
config SPL_RSA config SPL_RSA
bool "Use RSA Library within SPL" bool "Use RSA Library within SPL"
config SPL_RSA_VERIFY
bool
help
Add RSA signature verification support in SPL.
config RSA_VERIFY
bool
help
Add RSA signature verification support.
config RSA_SOFTWARE_EXP config RSA_SOFTWARE_EXP
bool "Enable driver for RSA Modular Exponentiation in software" bool "Enable driver for RSA Modular Exponentiation in software"
depends on DM depends on DM

2
lib/rsa/Makefile
View file

@ -5,5 +5,5 @@
# (C) Copyright 2000-2007 # (C) Copyright 2000-2007
# Wolfgang Denk, DENX Software Engineering, wd@denx.de. # Wolfgang Denk, DENX Software Engineering, wd@denx.de.
obj-$(CONFIG_$(SPL_)FIT_SIGNATURE) += rsa-verify.o rsa-checksum.o obj-$(CONFIG_$(SPL_)RSA_VERIFY) += rsa-verify.o rsa-checksum.o
obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o obj-$(CONFIG_RSA_SOFTWARE_EXP) += rsa-mod-exp.o

78
lib/rsa/rsa-verify.c
View file

@ -271,6 +271,7 @@ out:
} }
#endif #endif
#if CONFIG_IS_ENABLED(FIT_SIGNATURE)
/** /**
* rsa_verify_key() - Verify a signature against some data using RSA Key * rsa_verify_key() - Verify a signature against some data using RSA Key
* *
@ -342,7 +343,9 @@ static int rsa_verify_key(struct image_sign_info *info,
return 0; return 0;
} }
#endif
#if CONFIG_IS_ENABLED(FIT_SIGNATURE)
/** /**
* rsa_verify_with_keynode() - Verify a signature against some data using * rsa_verify_with_keynode() - Verify a signature against some data using
* information in node with prperties of RSA Key like modulus, exponent etc. * information in node with prperties of RSA Key like modulus, exponent etc.
@ -396,18 +399,22 @@ static int rsa_verify_with_keynode(struct image_sign_info *info,
return ret; return ret;
} }
#else
static int rsa_verify_with_keynode(struct image_sign_info *info,
const void *hash, uint8_t *sig,
uint sig_len, int node)
{
return -EACCES;
}
#endif
int rsa_verify(struct image_sign_info *info, int rsa_verify(struct image_sign_info *info,
const struct image_region region[], int region_count, const struct image_region region[], int region_count,
uint8_t *sig, uint sig_len) uint8_t *sig, uint sig_len)
{ {
const void *blob = info->fdt_blob;
/* Reserve memory for maximum checksum-length */ /* Reserve memory for maximum checksum-length */
uint8_t hash[info->crypto->key_len]; uint8_t hash[info->crypto->key_len];
int ndepth, noffset; int ret = -EACCES;
int sig_node, node;
char name[100];
int ret;
/* /*
* Verify that the checksum-length does not exceed the * Verify that the checksum-length does not exceed the
@ -420,12 +427,6 @@ int rsa_verify(struct image_sign_info *info,
return -EINVAL; return -EINVAL;
} }
sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME);
if (sig_node < 0) {
debug("%s: No signature node found\n", __func__);
return -ENOENT;
}
/* Calculate checksum with checksum-algorithm */ /* Calculate checksum with checksum-algorithm */
ret = info->checksum->calculate(info->checksum->name, ret = info->checksum->calculate(info->checksum->name,
region, region_count, hash); region, region_count, hash);
@ -434,29 +435,44 @@ int rsa_verify(struct image_sign_info *info,
return -EINVAL; return -EINVAL;
} }
/* See if we must use a particular key */ if (CONFIG_IS_ENABLED(FIT_SIGNATURE)) {
if (info->required_keynode != -1) { const void *blob = info->fdt_blob;
ret = rsa_verify_with_keynode(info, hash, sig, sig_len, int ndepth, noffset;
info->required_keynode); int sig_node, node;
return ret; char name[100];
}
/* Look for a key that matches our hint */ sig_node = fdt_subnode_offset(blob, 0, FIT_SIG_NODENAME);
snprintf(name, sizeof(name), "key-%s", info->keyname); if (sig_node < 0) {
node = fdt_subnode_offset(blob, sig_node, name); debug("%s: No signature node found\n", __func__);
ret = rsa_verify_with_keynode(info, hash, sig, sig_len, node); return -ENOENT;
if (!ret) }
return ret;
/* No luck, so try each of the keys in turn */ /* See if we must use a particular key */
for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node, &ndepth); if (info->required_keynode != -1) {
(noffset >= 0) && (ndepth > 0);
noffset = fdt_next_node(info->fit, noffset, &ndepth)) {
if (ndepth == 1 && noffset != node) {
ret = rsa_verify_with_keynode(info, hash, sig, sig_len, ret = rsa_verify_with_keynode(info, hash, sig, sig_len,
noffset); info->required_keynode);
if (!ret) return ret;
break; }
/* Look for a key that matches our hint */
snprintf(name, sizeof(name), "key-%s", info->keyname);
node = fdt_subnode_offset(blob, sig_node, name);
ret = rsa_verify_with_keynode(info, hash, sig, sig_len, node);
if (!ret)
return ret;
/* No luck, so try each of the keys in turn */
for (ndepth = 0, noffset = fdt_next_node(info->fit, sig_node,
&ndepth);
(noffset >= 0) && (ndepth > 0);
noffset = fdt_next_node(info->fit, noffset, &ndepth)) {
if (ndepth == 1 && noffset != node) {
ret = rsa_verify_with_keynode(info, hash,
sig, sig_len,
noffset);
if (!ret)
break;
}
} }
} }

2
tools/Makefile
View file

@ -58,7 +58,7 @@ hostprogs-$(CONFIG_FIT_SIGNATURE) += fit_info fit_check_sign
hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include hostprogs-$(CONFIG_CMD_BOOTEFI_SELFTEST) += file2include
FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o FIT_OBJS-$(CONFIG_FIT) := fit_common.o fit_image.o image-host.o common/image-fit.o
FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o FIT_SIG_OBJS-$(CONFIG_FIT_SIGNATURE) := common/image-sig.o common/image-fit-sig.o
FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o FIT_CIPHER_OBJS-$(CONFIG_FIT_CIPHER) := common/image-cipher.o
# The following files are synced with upstream DTC. # The following files are synced with upstream DTC.