2 * Copyright 2015 Freescale Semiconductor, Inc.
4 * SPDX-License-Identifier: GPL-2.0+
8 #include <fsl_validate.h>
9 #include <fsl_secboot_err.h>
14 #include <dm/uclass.h>
15 #include <u-boot/rsa-mod-exp.h>
17 #include <fsl_secboot_err.h>
18 #ifdef CONFIG_ARCH_LS1021A
19 #include <asm/arch/immap_ls102xa.h>
22 #define SHA256_BITS 256
23 #define SHA256_BYTES (256/8)
24 #define SHA256_NIBBLES (256/4)
25 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
27 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
28 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
29 ((key_len) == 2 * KEY_SIZE_BYTES))
30 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
31 /* Global data structure */
32 static struct fsl_secboot_glb glb
;
35 /* This array contains DER value for SHA-256 */
36 static const u8 hash_identifier
[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
37 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
41 static u8 hash_val
[SHA256_BYTES
];
43 #ifdef CONFIG_ESBC_HDR_LS
44 /* New Barker Code for LS ESBC Header */
45 static const u8 barker_code
[ESBC_BARKER_LEN
] = { 0x12, 0x19, 0x20, 0x01 };
47 static const u8 barker_code
[ESBC_BARKER_LEN
] = { 0x68, 0x39, 0x27, 0x81 };
50 void branch_to_self(void) __attribute__ ((noreturn
));
53 * This function will put core in infinite loop.
54 * This will be called when the ESBC can not proceed further due
55 * to some unknown errors.
57 void branch_to_self(void)
59 printf("Core is in infinite loop due to errors.\n");
64 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
65 static u32
check_ie(struct fsl_secboot_img_priv
*img
)
67 if (img
->hdr
.ie_flag
& IE_FLAG_MASK
)
73 /* This function returns the CSF Header Address of uboot
74 * For MPC85xx based platforms, the LAW mapping for NOR
75 * flash changes in uboot code. Hence the offset needs
76 * to be calculated and added to the new NOR flash base
79 #if defined(CONFIG_MPC85xx)
80 int get_csf_base_addr(u32
*csf_addr
, u32
*flash_base_addr
)
82 struct ccsr_gur __iomem
*gur
= (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR
);
83 u32 csf_hdr_addr
= in_be32(&gur
->scratchrw
[0]);
84 u32 csf_flash_offset
= csf_hdr_addr
& ~(CONFIG_SYS_PBI_FLASH_BASE
);
89 for (i
= 0; i
< CONFIG_SYS_MAX_FLASH_BANKS
; i
++) {
90 flash_addr
= flash_info
[i
].start
[0];
91 addr
= flash_info
[i
].start
[0] + csf_flash_offset
;
92 if (memcmp((u8
*)addr
, barker_code
, ESBC_BARKER_LEN
) == 0) {
93 debug("Barker found on addr %x\n", addr
);
103 *flash_base_addr
= flash_addr
;
108 /* For platforms like LS1020, correct flash address is present in
109 * the header. So the function reqturns flash base address as 0
111 int get_csf_base_addr(u32
*csf_addr
, u32
*flash_base_addr
)
113 struct ccsr_gur __iomem
*gur
= (void *)(CONFIG_SYS_FSL_GUTS_ADDR
);
114 u32 csf_hdr_addr
= in_be32(&gur
->scratchrw
[0]);
116 if (memcmp((u8
*)(uintptr_t)csf_hdr_addr
,
117 barker_code
, ESBC_BARKER_LEN
))
120 *csf_addr
= csf_hdr_addr
;
121 *flash_base_addr
= 0;
126 #if defined(CONFIG_ESBC_HDR_LS)
127 static int get_ie_info_addr(uintptr_t *ie_addr
)
129 struct ccsr_gur __iomem
*gur
= (void *)(CONFIG_SYS_FSL_GUTS_ADDR
);
130 /* For LS-CH3, the address of IE Table is
131 * stated in Scratch13 and scratch14 of DCFG.
132 * Bootrom validates this table while validating uboot.
134 *ie_addr
= in_le32(&gur
->scratchrw
[SCRATCH_IE_HIGH_ADR
- 1]);
135 *ie_addr
= *ie_addr
<< 32;
136 *ie_addr
|= in_le32(&gur
->scratchrw
[SCRATCH_IE_LOW_ADR
- 1]);
139 #else /* CONFIG_ESBC_HDR_LS */
140 static int get_ie_info_addr(uintptr_t *ie_addr
)
142 struct fsl_secboot_img_hdr
*hdr
;
143 struct fsl_secboot_sg_table
*sg_tbl
;
144 u32 flash_base_addr
, csf_addr
;
146 if (get_csf_base_addr(&csf_addr
, &flash_base_addr
))
149 hdr
= (struct fsl_secboot_img_hdr
*)(uintptr_t)csf_addr
;
151 /* For SoC's with Trust Architecture v1 with corenet bus
152 * the sg table field in CSF header has absolute address
153 * for sg table in memory. In other Trust Architecture,
154 * this field specifies the offset of sg table from the
155 * base address of CSF Header
157 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
158 sg_tbl
= (struct fsl_secboot_sg_table
*)
159 (((u32
)hdr
->psgtable
& ~(CONFIG_SYS_PBI_FLASH_BASE
)) +
162 sg_tbl
= (struct fsl_secboot_sg_table
*)(uintptr_t)(csf_addr
+
166 /* IE Key Table is the first entry in the SG Table */
167 #if defined(CONFIG_MPC85xx)
168 *ie_addr
= (uintptr_t)((sg_tbl
->src_addr
&
169 ~(CONFIG_SYS_PBI_FLASH_BASE
)) +
172 *ie_addr
= (uintptr_t)sg_tbl
->src_addr
;
175 debug("IE Table address is %lx\n", *ie_addr
);
178 #endif /* CONFIG_ESBC_HDR_LS */
181 #ifdef CONFIG_KEY_REVOCATION
182 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
183 static u32
check_srk(struct fsl_secboot_img_priv
*img
)
185 #ifdef CONFIG_ESBC_HDR_LS
186 /* In LS, No SRK Flag as SRK is always present if IE not present*/
187 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
188 return !check_ie(img
);
192 if (img
->hdr
.len_kr
.srk_table_flag
& SRK_FLAG
)
199 /* This function returns ospr's key_revoc values.*/
200 static u32
get_key_revoc(void)
202 struct ccsr_sfp_regs
*sfp_regs
= (void *)(CONFIG_SYS_SFP_ADDR
);
203 return (sfp_in32(&sfp_regs
->ospr
) & OSPR_KEY_REVOC_MASK
) >>
204 OSPR_KEY_REVOC_SHIFT
;
207 /* This function checks if selected key is revoked or not.*/
208 static u32
is_key_revoked(u32 keynum
, u32 rev_flag
)
210 if (keynum
== UNREVOCABLE_KEY
)
213 if ((u32
)(1 << (ALIGN_REVOC_KEY
- keynum
)) & rev_flag
)
219 /* It read validates srk_table key lengths.*/
220 static u32
read_validate_srk_tbl(struct fsl_secboot_img_priv
*img
)
223 u32 ret
, key_num
, key_revoc_flag
, size
;
224 struct fsl_secboot_img_hdr
*hdr
= &img
->hdr
;
225 void *esbc
= (u8
*)(uintptr_t)img
->ehdrloc
;
227 if ((hdr
->len_kr
.num_srk
== 0) ||
228 (hdr
->len_kr
.num_srk
> MAX_KEY_ENTRIES
))
229 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY
;
231 key_num
= hdr
->len_kr
.srk_sel
;
232 if (key_num
== 0 || key_num
> hdr
->len_kr
.num_srk
)
233 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM
;
235 /* Get revoc key from sfp */
236 key_revoc_flag
= get_key_revoc();
237 ret
= is_key_revoked(key_num
, key_revoc_flag
);
239 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED
;
241 size
= hdr
->len_kr
.num_srk
* sizeof(struct srk_table
);
243 memcpy(&img
->srk_tbl
, esbc
+ hdr
->srk_tbl_off
, size
);
245 for (i
= 0; i
< hdr
->len_kr
.num_srk
; i
++) {
246 if (!CHECK_KEY_LEN(img
->srk_tbl
[i
].key_len
))
247 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN
;
250 img
->key_len
= img
->srk_tbl
[key_num
- 1].key_len
;
252 memcpy(&img
->img_key
, &(img
->srk_tbl
[key_num
- 1].pkey
),
259 #ifndef CONFIG_ESBC_HDR_LS
260 static u32
read_validate_single_key(struct fsl_secboot_img_priv
*img
)
262 struct fsl_secboot_img_hdr
*hdr
= &img
->hdr
;
263 void *esbc
= (u8
*)(uintptr_t)img
->ehdrloc
;
265 /* check key length */
266 if (!CHECK_KEY_LEN(hdr
->key_len
))
267 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN
;
269 memcpy(&img
->img_key
, esbc
+ hdr
->pkey
, hdr
->key_len
);
271 img
->key_len
= hdr
->key_len
;
275 #endif /* CONFIG_ESBC_HDR_LS */
277 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
279 static void install_ie_tbl(uintptr_t ie_tbl_addr
,
280 struct fsl_secboot_img_priv
*img
)
282 /* Copy IE tbl to Global Data */
283 memcpy(&glb
.ie_tbl
, (u8
*)ie_tbl_addr
, sizeof(struct ie_key_info
));
284 img
->ie_addr
= (uintptr_t)&glb
.ie_tbl
;
285 glb
.ie_addr
= img
->ie_addr
;
288 static u32
read_validate_ie_tbl(struct fsl_secboot_img_priv
*img
)
290 struct fsl_secboot_img_hdr
*hdr
= &img
->hdr
;
291 u32 ie_key_len
, ie_revoc_flag
, ie_num
;
292 struct ie_key_info
*ie_info
;
295 if (get_ie_info_addr(&img
->ie_addr
))
296 return ERROR_IE_TABLE_NOT_FOUND
;
298 install_ie_tbl(img
->ie_addr
, img
);
301 ie_info
= (struct ie_key_info
*)(uintptr_t)img
->ie_addr
;
302 if (ie_info
->num_keys
== 0 || ie_info
->num_keys
> 32)
303 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY
;
305 ie_num
= hdr
->ie_key_sel
;
306 if (ie_num
== 0 || ie_num
> ie_info
->num_keys
)
307 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM
;
309 ie_revoc_flag
= ie_info
->key_revok
;
310 if ((u32
)(1 << (ie_num
- 1)) & ie_revoc_flag
)
311 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED
;
313 ie_key_len
= ie_info
->ie_key_tbl
[ie_num
- 1].key_len
;
315 if (!CHECK_KEY_LEN(ie_key_len
))
316 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN
;
318 memcpy(&img
->img_key
, &(ie_info
->ie_key_tbl
[ie_num
- 1].pkey
),
321 img
->key_len
= ie_key_len
;
327 /* This function return length of public key.*/
328 static inline u32
get_key_len(struct fsl_secboot_img_priv
*img
)
334 * Handles the ESBC uboot client header verification failure.
335 * This function handles all the errors which might occur in the
336 * parsing and checking of ESBC uboot client header. It will also
337 * set the error bits in the SEC_MON.
339 static void fsl_secboot_header_verification_failure(void)
341 struct ccsr_sfp_regs
*sfp_regs
= (void *)(CONFIG_SYS_SFP_ADDR
);
343 /* 29th bit of OSPR is ITS */
344 u32 its
= sfp_in32(&sfp_regs
->ospr
) >> 2;
347 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL
);
349 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE
);
351 printf("Generating reset request\n");
352 do_reset(NULL
, 0, 0, NULL
);
353 /* If reset doesn't coocur, halt execution */
354 do_esbc_halt(NULL
, 0, 0, NULL
);
358 * Handles the ESBC uboot client image verification failure.
359 * This function handles all the errors which might occur in the
360 * public key hash comparison and signature verification of
361 * ESBC uboot client image. It will also
362 * set the error bits in the SEC_MON.
364 static void fsl_secboot_image_verification_failure(void)
366 struct ccsr_sfp_regs
*sfp_regs
= (void *)(CONFIG_SYS_SFP_ADDR
);
368 u32 its
= (sfp_in32(&sfp_regs
->ospr
) & ITS_MASK
) >> ITS_BIT
;
371 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL
);
373 printf("Generating reset request\n");
374 do_reset(NULL
, 0, 0, NULL
);
375 /* If reset doesn't coocur, halt execution */
376 do_esbc_halt(NULL
, 0, 0, NULL
);
379 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE
);
383 static void fsl_secboot_bootscript_parse_failure(void)
385 fsl_secboot_header_verification_failure();
389 * Handles the errors in esbc boot.
390 * This function handles all the errors which might occur in the
391 * esbc boot phase. It will call the appropriate api to log the
392 * errors and set the error bits in the SEC_MON.
394 void fsl_secboot_handle_error(int error
)
396 #ifndef CONFIG_SPL_BUILD
397 const struct fsl_secboot_errcode
*e
;
399 for (e
= fsl_secboot_errcodes
; e
->errcode
!= ERROR_ESBC_CLIENT_MAX
;
401 if (e
->errcode
== error
)
402 printf("ERROR :: %x :: %s\n", error
, e
->name
);
405 printf("ERROR :: %x\n", error
);
408 /* If Boot Mode is secure, transition the SNVS state and issue
409 * reset based on type of failure and ITS setting.
410 * If Boot mode is non-secure, return from this function.
412 if (fsl_check_boot_mode_secure() == 0)
416 case ERROR_ESBC_CLIENT_HEADER_BARKER
:
417 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE
:
418 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN
:
419 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN
:
420 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN
:
421 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1
:
422 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2
:
423 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD
:
424 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP
:
425 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD
:
426 case ERROR_KEY_TABLE_NOT_FOUND
:
427 #ifdef CONFIG_KEY_REVOCATION
428 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED
:
429 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY
:
430 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM
:
431 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN
:
433 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
435 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED
:
436 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY
:
437 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM
:
438 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN
:
439 case ERROR_IE_TABLE_NOT_FOUND
:
441 fsl_secboot_header_verification_failure();
443 case ERROR_ESBC_SEC_RESET
:
444 case ERROR_ESBC_SEC_DEQ
:
445 case ERROR_ESBC_SEC_ENQ
:
446 case ERROR_ESBC_SEC_DEQ_TO
:
447 case ERROR_ESBC_SEC_JOBQ_STATUS
:
448 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY
:
449 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM
:
450 fsl_secboot_image_verification_failure();
452 case ERROR_ESBC_MISSING_BOOTM
:
453 fsl_secboot_bootscript_parse_failure();
455 case ERROR_ESBC_WRONG_CMD
:
462 static void fsl_secblk_handle_error(int error
)
465 case ERROR_ESBC_SEC_ENQ
:
466 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ
);
468 case ERROR_ESBC_SEC_DEQ
:
469 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ
);
471 case ERROR_ESBC_SEC_DEQ_TO
:
472 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO
);
475 printf("Job Queue Output status %x\n", error
);
476 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS
);
482 * Calculate hash of key obtained via offset present in ESBC uboot
483 * client hdr. This function calculates the hash of key which is obtained
484 * through offset present in ESBC uboot client header.
486 static int calc_img_key_hash(struct fsl_secboot_img_priv
*img
)
488 struct hash_algo
*algo
;
492 const char *algo_name
= "sha256";
494 /* Calculate hash of the esbc key */
495 ret
= hash_progressive_lookup_algo(algo_name
, &algo
);
499 ret
= algo
->hash_init(algo
, &ctx
);
503 /* Update hash for ESBC key */
504 #ifdef CONFIG_KEY_REVOCATION
505 if (check_srk(img
)) {
506 ret
= algo
->hash_update(algo
, ctx
,
507 (u8
*)(uintptr_t)(img
->ehdrloc
+ img
->hdr
.srk_tbl_off
),
508 img
->hdr
.len_kr
.num_srk
* sizeof(struct srk_table
), 1);
513 ret
= algo
->hash_update(algo
, ctx
,
514 img
->img_key
, img
->key_len
, 1);
518 /* Copy hash at destination buffer */
519 ret
= algo
->hash_finish(algo
, ctx
, hash_val
, algo
->digest_size
);
523 for (i
= 0; i
< SHA256_BYTES
; i
++)
524 img
->img_key_hash
[i
] = hash_val
[i
];
530 * Calculate hash of ESBC hdr and ESBC. This function calculates the
531 * single hash of ESBC header and ESBC image. If SG flag is on, all
532 * SG entries are also hashed alongwith the complete SG table.
534 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv
*img
)
536 struct hash_algo
*algo
;
540 const char *algo_name
= "sha256";
542 /* Calculate the hash of the ESBC */
543 ret
= hash_progressive_lookup_algo(algo_name
, &algo
);
547 ret
= algo
->hash_init(algo
, &ctx
);
548 /* Copy hash at destination buffer */
552 /* Update hash for CSF Header */
553 ret
= algo
->hash_update(algo
, ctx
,
554 (u8
*)&img
->hdr
, sizeof(struct fsl_secboot_img_hdr
), 0);
558 /* Update the hash with that of srk table if srk flag is 1
559 * If IE Table is selected, key is not added in the hash
560 * If neither srk table nor IE key table available, add key
561 * from header in the hash calculation
563 #ifdef CONFIG_KEY_REVOCATION
564 if (check_srk(img
)) {
565 ret
= algo
->hash_update(algo
, ctx
,
566 (u8
*)(uintptr_t)(img
->ehdrloc
+ img
->hdr
.srk_tbl_off
),
567 img
->hdr
.len_kr
.num_srk
* sizeof(struct srk_table
), 0);
571 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
572 if (!key_hash
&& check_ie(img
))
575 #ifndef CONFIG_ESBC_HDR_LS
576 /* No single key support in LS ESBC header */
578 ret
= algo
->hash_update(algo
, ctx
,
579 img
->img_key
, img
->hdr
.key_len
, 0);
586 return ERROR_KEY_TABLE_NOT_FOUND
;
588 /* Update hash for actual Image */
589 ret
= algo
->hash_update(algo
, ctx
,
590 (u8
*)(*(img
->img_addr_ptr
)), img
->img_size
, 1);
594 /* Copy hash at destination buffer */
595 ret
= algo
->hash_finish(algo
, ctx
, hash_val
, algo
->digest_size
);
603 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
604 * pointers for padding, DER value and hash. And finally, constructs EM'
605 * which includes hash of complete CSF header and ESBC image. If SG flag
606 * is on, hash of SG table and entries is also included.
608 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv
*img
)
611 * RSA PKCSv1.5 encoding format for encoded message is below
612 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
613 * PS is Padding String
614 * DER is DER value for SHA-256
615 * Hash is SHA-256 hash
616 * *********************************************************
617 * representative points to first byte of EM initially and is
619 * representative is incremented by 1 and second byte is filled
621 * padding points to third byte of EM
622 * digest points to full length of EM - 32 bytes
623 * hash_id (DER value) points to 19 bytes before pDigest
624 * separator is one byte which separates padding and DER
629 u8
*padding
, *digest
;
630 u8
*hash_id
, *separator
;
633 len
= (get_key_len(img
) / 2) - 1;
634 representative
= img
->img_encoded_hash_second
;
635 representative
[0] = 0;
636 representative
[1] = 1; /* block type 1 */
638 padding
= &representative
[2];
639 digest
= &representative
[1] + len
- 32;
640 hash_id
= digest
- sizeof(hash_identifier
);
641 separator
= hash_id
- 1;
643 /* fill padding area pointed by padding with 0xff */
644 memset(padding
, 0xff, separator
- padding
);
646 /* fill byte pointed by separator */
649 /* fill SHA-256 DER value pointed by HashId */
650 memcpy(hash_id
, hash_identifier
, sizeof(hash_identifier
));
652 /* fill hash pointed by Digest */
653 for (i
= 0; i
< SHA256_BYTES
; i
++)
654 digest
[i
] = hash_val
[i
];
658 * Reads and validates the ESBC client header.
659 * This function reads key and signature from the ESBC client header.
660 * If Scatter/Gather flag is on, lengths and offsets of images
661 * present as SG entries are also read. This function also checks
662 * whether the header is valid or not.
664 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv
*img
)
666 struct fsl_secboot_img_hdr
*hdr
= &img
->hdr
;
667 void *esbc
= (u8
*)(uintptr_t)img
->ehdrloc
;
673 /* check barker code */
674 if (memcmp(hdr
->barker
, barker_code
, ESBC_BARKER_LEN
))
675 return ERROR_ESBC_CLIENT_HEADER_BARKER
;
677 /* If Image Address is not passed as argument to function,
678 * then Address and Size must be read from the Header.
680 if (*(img
->img_addr_ptr
) == 0) {
681 #ifdef CONFIG_ESBC_ADDR_64BIT
682 *(img
->img_addr_ptr
) = hdr
->pimg64
;
684 *(img
->img_addr_ptr
) = hdr
->pimg
;
689 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE
;
691 img
->img_size
= hdr
->img_size
;
694 #ifdef CONFIG_KEY_REVOCATION
695 if (check_srk(img
)) {
696 ret
= read_validate_srk_tbl(img
);
703 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
704 if (!key_found
&& check_ie(img
)) {
705 ret
= read_validate_ie_tbl(img
);
711 #ifndef CONFIG_ESBC_HDR_LS
712 /* Single Key Feature not available in LS ESBC Header */
713 if (key_found
== 0) {
714 ret
= read_validate_single_key(img
);
721 return ERROR_KEY_TABLE_NOT_FOUND
;
724 if (get_key_len(img
) == 2 * hdr
->sign_len
) {
725 /* check signature length */
726 if (!((hdr
->sign_len
== KEY_SIZE_BYTES
/ 4) ||
727 (hdr
->sign_len
== KEY_SIZE_BYTES
/ 2) ||
728 (hdr
->sign_len
== KEY_SIZE_BYTES
)))
729 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN
;
731 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN
;
734 memcpy(&img
->img_sign
, esbc
+ hdr
->psign
, hdr
->sign_len
);
735 /* No SG support in LS-CH3 */
736 #ifndef CONFIG_ESBC_HDR_LS
739 return ERROR_ESBC_CLIENT_HEADER_SG
;
742 /* modulus most significant bit should be set */
743 k
= (u8
*)&img
->img_key
;
745 if ((k
[0] & 0x80) == 0)
746 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1
;
748 /* modulus value should be odd */
749 if ((k
[get_key_len(img
) / 2 - 1] & 0x1) == 0)
750 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2
;
752 /* Check signature value < modulus value */
753 s
= (u8
*)&img
->img_sign
;
755 if (!(memcmp(s
, k
, hdr
->sign_len
) < 0))
756 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD
;
758 return ESBC_VALID_HDR
;
761 static inline int str2longbe(const char *p
, ulong
*num
)
769 tmp
= simple_strtoul(p
, &endptr
, 16);
770 if (sizeof(ulong
) == 4)
771 *num
= cpu_to_be32(tmp
);
773 *num
= cpu_to_be64(tmp
);
776 return *p
!= '\0' && *endptr
== '\0';
778 /* Function to calculate the ESBC Image Hash
779 * and hash from Digital signature.
780 * The Two hash's are compared to yield the
781 * result of signature validation.
783 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv
*img
)
787 struct key_prop prop
;
788 #if !defined(USE_HOSTCC)
789 struct udevice
*mod_exp_dev
;
791 ret
= calc_esbchdr_esbc_hash(img
);
795 /* Construct encoded hash EM' wrt PKCSv1.5 */
796 construct_img_encoded_hash_second(img
);
798 /* Fill prop structure for public key */
799 memset(&prop
, 0, sizeof(struct key_prop
));
800 key_len
= get_key_len(img
) / 2;
801 prop
.modulus
= img
->img_key
;
802 prop
.public_exponent
= img
->img_key
+ key_len
;
803 prop
.num_bits
= key_len
* 8;
804 prop
.exp_len
= key_len
;
806 ret
= uclass_get_device(UCLASS_MOD_EXP
, 0, &mod_exp_dev
);
808 printf("RSA: Can't find Modular Exp implementation\n");
812 ret
= rsa_mod_exp(mod_exp_dev
, img
->img_sign
, img
->hdr
.sign_len
,
813 &prop
, img
->img_encoded_hash
);
818 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
819 * memcmp returns zero on success
820 * memcmp returns non-zero on failure
822 ret
= memcmp(&img
->img_encoded_hash_second
, &img
->img_encoded_hash
,
826 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM
;
830 /* Function to initialize img priv and global data structure
832 static int secboot_init(struct fsl_secboot_img_priv
**img_ptr
)
834 *img_ptr
= malloc(sizeof(struct fsl_secboot_img_priv
));
836 struct fsl_secboot_img_priv
*img
= *img_ptr
;
840 memset(img
, 0, sizeof(struct fsl_secboot_img_priv
));
842 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
844 img
->ie_addr
= glb
.ie_addr
;
850 /* haddr - Address of the header of image to be validated.
851 * arg_hash_str - Option hash string. If provided, this
852 * overrides the key hash in the SFP fuses.
853 * img_addr_ptr - Optional pointer to address of image to be validated.
854 * If non zero addr, this overrides the addr of image in header,
855 * otherwise updated to image addr in header.
856 * Acts as both input and output of function.
857 * This pointer shouldn't be NULL.
859 int fsl_secboot_validate(uintptr_t haddr
, char *arg_hash_str
,
860 uintptr_t *img_addr_ptr
)
862 struct ccsr_sfp_regs
*sfp_regs
= (void *)(CONFIG_SYS_SFP_ADDR
);
863 ulong hash
[SHA256_BYTES
/sizeof(ulong
)];
864 char hash_str
[NUM_HEX_CHARS
+ 1];
865 struct fsl_secboot_img_priv
*img
;
866 struct fsl_secboot_img_hdr
*hdr
;
868 int ret
, i
, hash_cmd
= 0;
871 if (arg_hash_str
!= NULL
) {
872 const char *cp
= arg_hash_str
;
875 if (*cp
== '0' && *(cp
+ 1) == 'x')
878 /* The input string expected is in hex, where
879 * each 4 bits would be represented by a hex
880 * sha256 hash is 256 bits long, which would mean
881 * num of characters = 256 / 4
883 if (strlen(cp
) != SHA256_NIBBLES
) {
884 printf("%s is not a 256 bits hex string as expected\n",
889 for (i
= 0; i
< sizeof(hash
)/sizeof(ulong
); i
++) {
890 strncpy(hash_str
, cp
+ (i
* NUM_HEX_CHARS
),
892 hash_str
[NUM_HEX_CHARS
] = '\0';
893 if (!str2longbe(hash_str
, &hash
[i
])) {
894 printf("%s is not a 256 bits hex string ",
903 ret
= secboot_init(&img
);
907 /* Update the information in Private Struct */
909 img
->ehdrloc
= haddr
;
910 img
->img_addr_ptr
= img_addr_ptr
;
911 esbc
= (u8
*)img
->ehdrloc
;
913 memcpy(hdr
, esbc
, sizeof(struct fsl_secboot_img_hdr
));
915 /* read and validate esbc header */
916 ret
= read_validate_esbc_client_header(img
);
918 if (ret
!= ESBC_VALID_HDR
) {
919 fsl_secboot_handle_error(ret
);
923 /* SRKH present in SFP */
924 for (i
= 0; i
< NUM_SRKH_REGS
; i
++)
925 srk_hash
[i
] = srk_in32(&sfp_regs
->srk_hash
[i
]);
928 * Calculate hash of key obtained via offset present in
929 * ESBC uboot client hdr
931 ret
= calc_img_key_hash(img
);
933 fsl_secblk_handle_error(ret
);
937 /* Compare hash obtained above with SRK hash present in SFP */
939 ret
= memcmp(&hash
, &img
->img_key_hash
, SHA256_BYTES
);
941 ret
= memcmp(srk_hash
, img
->img_key_hash
, SHA256_BYTES
);
943 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
944 if (!hash_cmd
&& check_ie(img
))
949 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY
);
953 ret
= calculate_cmp_img_sig(img
);
955 fsl_secboot_handle_error(ret
);
960 /* Free Img as it was malloc'ed*/