]> git.ipfire.org Git - people/ms/u-boot.git/blob - board/freescale/common/fsl_validate.c
projects / people / ms / u-boot.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
armv8/ls1043ardb: add SECURE BOOT target for NOR
[people/ms/u-boot.git] / board / freescale / common / fsl_validate.c
1 /*
2 * Copyright 2015 Freescale Semiconductor, Inc.
3 *
4 * SPDX-License-Identifier: GPL-2.0+
5 */
6
7 #include <common.h>
8 #include <fsl_validate.h>
9 #include <fsl_secboot_err.h>
10 #include <fsl_sfp.h>
11 #include <fsl_sec.h>
12 #include <command.h>
13 #include <malloc.h>
14 #include <dm/uclass.h>
15 #include <u-boot/rsa-mod-exp.h>
16 #include <hash.h>
17 #include <fsl_secboot_err.h>
18 #ifdef CONFIG_LS102XA
19 #include <asm/arch/immap_ls102xa.h>
20 #endif
21
22 #define SHA256_BITS 256
23 #define SHA256_BYTES (256/8)
24 #define SHA256_NIBBLES (256/4)
25 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
26
27 /* This array contains DER value for SHA-256 */
28 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
29 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
30 0x04, 0x20
31 };
32
33 static u8 hash_val[SHA256_BYTES];
34 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
35
36 void branch_to_self(void) __attribute__ ((noreturn));
37
38 /*
39 * This function will put core in infinite loop.
40 * This will be called when the ESBC can not proceed further due
41 * to some unknown errors.
42 */
43 void branch_to_self(void)
44 {
45 printf("Core is in infinite loop due to errors.\n");
46 self:
47 goto self;
48 }
49
50 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
51 static u32 check_ie(struct fsl_secboot_img_priv *img)
52 {
53 if (img->hdr.ie_flag)
54 return 1;
55
56 return 0;
57 }
58
59 /* This function returns the CSF Header Address of uboot
60 * For MPC85xx based platforms, the LAW mapping for NOR
61 * flash changes in uboot code. Hence the offset needs
62 * to be calculated and added to the new NOR flash base
63 * address
64 */
65 #if defined(CONFIG_MPC85xx)
66 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
67 {
68 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
69 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
70 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
71 u32 flash_addr, addr;
72 int found = 0;
73 int i = 0;
74
75 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
76 flash_addr = flash_info[i].start[0];
77 addr = flash_info[i].start[0] + csf_flash_offset;
78 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
79 debug("Barker found on addr %x\n", addr);
80 found = 1;
81 break;
82 }
83 }
84
85 if (!found)
86 return -1;
87
88 *csf_addr = addr;
89 *flash_base_addr = flash_addr;
90
91 return 0;
92 }
93 #else
94 /* For platforms like LS1020, correct flash address is present in
95 * the header. So the function reqturns flash base address as 0
96 */
97 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
98 {
99 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
100 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
101
102 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
103 barker_code, ESBC_BARKER_LEN))
104 return -1;
105
106 *csf_addr = csf_hdr_addr;
107 *flash_base_addr = 0;
108 return 0;
109 }
110 #endif
111
112 static int get_ie_info_addr(u32 *ie_addr)
113 {
114 struct fsl_secboot_img_hdr *hdr;
115 struct fsl_secboot_sg_table *sg_tbl;
116 u32 flash_base_addr, csf_addr;
117
118 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
119 return -1;
120
121 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
122
123 /* For SoC's with Trust Architecture v1 with corenet bus
124 * the sg table field in CSF header has absolute address
125 * for sg table in memory. In other Trust Architecture,
126 * this field specifies the offset of sg table from the
127 * base address of CSF Header
128 */
129 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
130 sg_tbl = (struct fsl_secboot_sg_table *)
131 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
132 flash_base_addr);
133 #else
134 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
135 (u32)hdr->psgtable);
136 #endif
137
138 /* IE Key Table is the first entry in the SG Table */
139 #if defined(CONFIG_MPC85xx)
140 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
141 flash_base_addr;
142 #else
143 *ie_addr = sg_tbl->src_addr;
144 #endif
145
146 debug("IE Table address is %x\n", *ie_addr);
147 return 0;
148 }
149
150 #endif
151
152 #ifdef CONFIG_KEY_REVOCATION
153 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
154 static u32 check_srk(struct fsl_secboot_img_priv *img)
155 {
156 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
157 return 1;
158
159 return 0;
160 }
161
162 /* This function returns ospr's key_revoc values.*/
163 static u32 get_key_revoc(void)
164 {
165 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
166 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
167 OSPR_KEY_REVOC_SHIFT;
168 }
169
170 /* This function checks if selected key is revoked or not.*/
171 static u32 is_key_revoked(u32 keynum, u32 rev_flag)
172 {
173 if (keynum == UNREVOCABLE_KEY)
174 return 0;
175
176 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
177 return 1;
178
179 return 0;
180 }
181
182 /* It validates srk_table key lengths.*/
183 static u32 validate_srk_tbl(struct srk_table *tbl, u32 num_entries)
184 {
185 int i = 0;
186 for (i = 0; i < num_entries; i++) {
187 if (!((tbl[i].key_len == 2 * KEY_SIZE_BYTES/4) ||
188 (tbl[i].key_len == 2 * KEY_SIZE_BYTES/2) ||
189 (tbl[i].key_len == 2 * KEY_SIZE_BYTES)))
190 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
191 }
192 return 0;
193 }
194 #endif
195
196 /* This function return length of public key.*/
197 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
198 {
199 return img->key_len;
200 }
201
202 /*
203 * Handles the ESBC uboot client header verification failure.
204 * This function handles all the errors which might occur in the
205 * parsing and checking of ESBC uboot client header. It will also
206 * set the error bits in the SEC_MON.
207 */
208 static void fsl_secboot_header_verification_failure(void)
209 {
210 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
211 (CONFIG_SYS_SEC_MON_ADDR);
212 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
213 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
214
215 /* 29th bit of OSPR is ITS */
216 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
217
218 /*
219 * Read the SEC_MON status register
220 * Read SSM_ST field
221 */
222 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
223 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
224 if (its == 1)
225 change_sec_mon_state(HPSR_SSM_ST_TRUST,
226 HPSR_SSM_ST_SOFT_FAIL);
227 else
228 change_sec_mon_state(HPSR_SSM_ST_TRUST,
229 HPSR_SSM_ST_NON_SECURE);
230 }
231
232 printf("Generating reset request\n");
233 do_reset(NULL, 0, 0, NULL);
234 }
235
236 /*
237 * Handles the ESBC uboot client image verification failure.
238 * This function handles all the errors which might occur in the
239 * public key hash comparison and signature verification of
240 * ESBC uboot client image. It will also
241 * set the error bits in the SEC_MON.
242 */
243 static void fsl_secboot_image_verification_failure(void)
244 {
245 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
246 (CONFIG_SYS_SEC_MON_ADDR);
247 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
248 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
249
250 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
251
252 /*
253 * Read the SEC_MON status register
254 * Read SSM_ST field
255 */
256 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
257 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
258 if (its == 1) {
259 change_sec_mon_state(HPSR_SSM_ST_TRUST,
260 HPSR_SSM_ST_SOFT_FAIL);
261
262 printf("Generating reset request\n");
263 do_reset(NULL, 0, 0, NULL);
264 } else {
265 change_sec_mon_state(HPSR_SSM_ST_TRUST,
266 HPSR_SSM_ST_NON_SECURE);
267 }
268 }
269 }
270
271 static void fsl_secboot_bootscript_parse_failure(void)
272 {
273 fsl_secboot_header_verification_failure();
274 }
275
276 /*
277 * Handles the errors in esbc boot.
278 * This function handles all the errors which might occur in the
279 * esbc boot phase. It will call the appropriate api to log the
280 * errors and set the error bits in the SEC_MON.
281 */
282 void fsl_secboot_handle_error(int error)
283 {
284 const struct fsl_secboot_errcode *e;
285
286 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
287 e++) {
288 if (e->errcode == error)
289 printf("ERROR :: %x :: %s\n", error, e->name);
290 }
291
292 switch (error) {
293 case ERROR_ESBC_CLIENT_HEADER_BARKER:
294 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
295 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
296 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
297 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
298 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
299 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
300 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
301 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
302 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
303 #ifdef CONFIG_KEY_REVOCATION
304 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
305 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
306 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
307 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
308 #endif
309 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
310 /*@fallthrough@*/
311 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
312 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
313 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
314 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
315 case ERROR_IE_TABLE_NOT_FOUND:
316 #endif
317 fsl_secboot_header_verification_failure();
318 break;
319 case ERROR_ESBC_SEC_RESET:
320 case ERROR_ESBC_SEC_DEQ:
321 case ERROR_ESBC_SEC_ENQ:
322 case ERROR_ESBC_SEC_DEQ_TO:
323 case ERROR_ESBC_SEC_JOBQ_STATUS:
324 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
325 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
326 fsl_secboot_image_verification_failure();
327 break;
328 case ERROR_ESBC_MISSING_BOOTM:
329 fsl_secboot_bootscript_parse_failure();
330 break;
331 case ERROR_ESBC_WRONG_CMD:
332 default:
333 branch_to_self();
334 break;
335 }
336 }
337
338 static void fsl_secblk_handle_error(int error)
339 {
340 switch (error) {
341 case ERROR_ESBC_SEC_ENQ:
342 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
343 break;
344 case ERROR_ESBC_SEC_DEQ:
345 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
346 break;
347 case ERROR_ESBC_SEC_DEQ_TO:
348 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
349 break;
350 default:
351 printf("Job Queue Output status %x\n", error);
352 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
353 break;
354 }
355 }
356
357 /*
358 * Calculate hash of key obtained via offset present in ESBC uboot
359 * client hdr. This function calculates the hash of key which is obtained
360 * through offset present in ESBC uboot client header.
361 */
362 static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
363 {
364 struct hash_algo *algo;
365 void *ctx;
366 int i, srk = 0;
367 int ret = 0;
368 const char *algo_name = "sha256";
369
370 /* Calculate hash of the esbc key */
371 ret = hash_progressive_lookup_algo(algo_name, &algo);
372 if (ret)
373 return ret;
374
375 ret = algo->hash_init(algo, &ctx);
376 if (ret)
377 return ret;
378
379 /* Update hash for ESBC key */
380 #ifdef CONFIG_KEY_REVOCATION
381 if (check_srk(img)) {
382 ret = algo->hash_update(algo, ctx,
383 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
384 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
385 srk = 1;
386 }
387 #endif
388 if (!srk)
389 ret = algo->hash_update(algo, ctx,
390 img->img_key, img->key_len, 1);
391 if (ret)
392 return ret;
393
394 /* Copy hash at destination buffer */
395 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
396 if (ret)
397 return ret;
398
399 for (i = 0; i < SHA256_BYTES; i++)
400 img->img_key_hash[i] = hash_val[i];
401
402 return 0;
403 }
404
405 /*
406 * Calculate hash of ESBC hdr and ESBC. This function calculates the
407 * single hash of ESBC header and ESBC image. If SG flag is on, all
408 * SG entries are also hashed alongwith the complete SG table.
409 */
410 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
411 {
412 struct hash_algo *algo;
413 void *ctx;
414 int ret = 0;
415 int key_hash = 0;
416 const char *algo_name = "sha256";
417
418 /* Calculate the hash of the ESBC */
419 ret = hash_progressive_lookup_algo(algo_name, &algo);
420 if (ret)
421 return ret;
422
423 ret = algo->hash_init(algo, &ctx);
424 /* Copy hash at destination buffer */
425 if (ret)
426 return ret;
427
428 /* Update hash for CSF Header */
429 ret = algo->hash_update(algo, ctx,
430 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
431 if (ret)
432 return ret;
433
434 /* Update the hash with that of srk table if srk flag is 1
435 * If IE Table is selected, key is not added in the hash
436 * If neither srk table nor IE key table available, add key
437 * from header in the hash calculation
438 */
439 #ifdef CONFIG_KEY_REVOCATION
440 if (check_srk(img)) {
441 ret = algo->hash_update(algo, ctx,
442 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
443 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
444 key_hash = 1;
445 }
446 #endif
447 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
448 if (!key_hash && check_ie(img))
449 key_hash = 1;
450 #endif
451 if (!key_hash)
452 ret = algo->hash_update(algo, ctx,
453 img->img_key, img->hdr.key_len, 0);
454 if (ret)
455 return ret;
456
457 /* Update hash for actual Image */
458 #ifdef CONFIG_ESBC_ADDR_64BIT
459 ret = algo->hash_update(algo, ctx,
460 (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1);
461 #else
462 ret = algo->hash_update(algo, ctx,
463 (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1);
464 #endif
465 if (ret)
466 return ret;
467
468 /* Copy hash at destination buffer */
469 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
470 if (ret)
471 return ret;
472
473 return 0;
474 }
475
476 /*
477 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
478 * pointers for padding, DER value and hash. And finally, constructs EM'
479 * which includes hash of complete CSF header and ESBC image. If SG flag
480 * is on, hash of SG table and entries is also included.
481 */
482 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
483 {
484 /*
485 * RSA PKCSv1.5 encoding format for encoded message is below
486 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
487 * PS is Padding String
488 * DER is DER value for SHA-256
489 * Hash is SHA-256 hash
490 * *********************************************************
491 * representative points to first byte of EM initially and is
492 * filled with 0x0
493 * representative is incremented by 1 and second byte is filled
494 * with 0x1
495 * padding points to third byte of EM
496 * digest points to full length of EM - 32 bytes
497 * hash_id (DER value) points to 19 bytes before pDigest
498 * separator is one byte which separates padding and DER
499 */
500
501 size_t len;
502 u8 *representative;
503 u8 *padding, *digest;
504 u8 *hash_id, *separator;
505 int i;
506
507 len = (get_key_len(img) / 2) - 1;
508 representative = img->img_encoded_hash_second;
509 representative[0] = 0;
510 representative[1] = 1; /* block type 1 */
511
512 padding = &representative[2];
513 digest = &representative[1] + len - 32;
514 hash_id = digest - sizeof(hash_identifier);
515 separator = hash_id - 1;
516
517 /* fill padding area pointed by padding with 0xff */
518 memset(padding, 0xff, separator - padding);
519
520 /* fill byte pointed by separator */
521 *separator = 0;
522
523 /* fill SHA-256 DER value pointed by HashId */
524 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
525
526 /* fill hash pointed by Digest */
527 for (i = 0; i < SHA256_BYTES; i++)
528 digest[i] = hash_val[i];
529 }
530
531 /*
532 * Reads and validates the ESBC client header.
533 * This function reads key and signature from the ESBC client header.
534 * If Scatter/Gather flag is on, lengths and offsets of images
535 * present as SG entries are also read. This function also checks
536 * whether the header is valid or not.
537 */
538 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
539 {
540 char buf[20];
541 struct fsl_secboot_img_hdr *hdr = &img->hdr;
542 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
543 u8 *k, *s;
544 #ifdef CONFIG_KEY_REVOCATION
545 u32 ret;
546 u32 key_num, key_revoc_flag, size;
547 #endif
548 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
549 struct ie_key_info *ie_info;
550 u32 ie_num, ie_revoc_flag, ie_key_len;
551 #endif
552 int key_found = 0;
553
554 /* check barker code */
555 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
556 return ERROR_ESBC_CLIENT_HEADER_BARKER;
557
558 #ifdef CONFIG_ESBC_ADDR_64BIT
559 sprintf(buf, "%llx", hdr->pimg64);
560 #else
561 sprintf(buf, "%x", hdr->pimg);
562 #endif
563 setenv("img_addr", buf);
564
565 if (!hdr->img_size)
566 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
567
568 /* Key checking*/
569 #ifdef CONFIG_KEY_REVOCATION
570 if (check_srk(img)) {
571 if ((hdr->len_kr.num_srk == 0) ||
572 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
573 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
574
575 key_num = hdr->len_kr.srk_sel;
576 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
577 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
578
579 /* Get revoc key from sfp */
580 key_revoc_flag = get_key_revoc();
581 ret = is_key_revoked(key_num, key_revoc_flag);
582 if (ret)
583 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
584
585 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
586
587 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
588
589 ret = validate_srk_tbl(img->srk_tbl, hdr->len_kr.num_srk);
590
591 if (ret != 0)
592 return ret;
593
594 img->key_len = img->srk_tbl[key_num - 1].key_len;
595
596 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
597 img->key_len);
598
599 key_found = 1;
600 }
601 #endif
602
603 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
604 if (!key_found && check_ie(img)) {
605 if (get_ie_info_addr(&img->ie_addr))
606 return ERROR_IE_TABLE_NOT_FOUND;
607 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
608 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
609 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
610
611 ie_num = hdr->ie_key_sel;
612 if (ie_num == 0 || ie_num > ie_info->num_keys)
613 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
614
615 ie_revoc_flag = ie_info->key_revok;
616 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
617 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
618
619 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
620
621 if (!((ie_key_len == 2 * KEY_SIZE_BYTES / 4) ||
622 (ie_key_len == 2 * KEY_SIZE_BYTES / 2) ||
623 (ie_key_len == 2 * KEY_SIZE_BYTES)))
624 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
625
626 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
627 ie_key_len);
628
629 img->key_len = ie_key_len;
630 key_found = 1;
631 }
632 #endif
633
634 if (key_found == 0) {
635 /* check key length */
636 if (!((hdr->key_len == 2 * KEY_SIZE_BYTES / 4) ||
637 (hdr->key_len == 2 * KEY_SIZE_BYTES / 2) ||
638 (hdr->key_len == 2 * KEY_SIZE_BYTES)))
639 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
640
641 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
642
643 img->key_len = hdr->key_len;
644
645 key_found = 1;
646 }
647
648 /* check signaure */
649 if (get_key_len(img) == 2 * hdr->sign_len) {
650 /* check signature length */
651 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
652 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
653 (hdr->sign_len == KEY_SIZE_BYTES)))
654 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
655 } else {
656 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
657 }
658
659 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
660
661 /* No SG support */
662 if (hdr->sg_flag)
663 return ERROR_ESBC_CLIENT_HEADER_SG;
664
665 /* modulus most significant bit should be set */
666 k = (u8 *)&img->img_key;
667
668 if ((k[0] & 0x80) == 0)
669 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
670
671 /* modulus value should be odd */
672 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
673 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
674
675 /* Check signature value < modulus value */
676 s = (u8 *)&img->img_sign;
677
678 if (!(memcmp(s, k, hdr->sign_len) < 0))
679 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
680
681 return ESBC_VALID_HDR;
682 }
683
684 static inline int str2longbe(const char *p, ulong *num)
685 {
686 char *endptr;
687 ulong tmp;
688
689 if (!p) {
690 return 0;
691 } else {
692 tmp = simple_strtoul(p, &endptr, 16);
693 if (sizeof(ulong) == 4)
694 *num = cpu_to_be32(tmp);
695 else
696 *num = cpu_to_be64(tmp);
697 }
698
699 return *p != '\0' && *endptr == '\0';
700 }
701
702 int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
703 char * const argv[])
704 {
705 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
706 ulong hash[SHA256_BYTES/sizeof(ulong)];
707 char hash_str[NUM_HEX_CHARS + 1];
708 ulong addr = simple_strtoul(argv[1], NULL, 16);
709 struct fsl_secboot_img_priv *img;
710 struct fsl_secboot_img_hdr *hdr;
711 void *esbc;
712 int ret, i, hash_cmd = 0;
713 u32 srk_hash[8];
714 uint32_t key_len;
715 struct key_prop prop;
716 #if !defined(USE_HOSTCC)
717 struct udevice *mod_exp_dev;
718 #endif
719
720 if (argc == 3) {
721 char *cp = argv[2];
722 int i = 0;
723
724 if (*cp == '0' && *(cp + 1) == 'x')
725 cp += 2;
726
727 /* The input string expected is in hex, where
728 * each 4 bits would be represented by a hex
729 * sha256 hash is 256 bits long, which would mean
730 * num of characters = 256 / 4
731 */
732 if (strlen(cp) != SHA256_NIBBLES) {
733 printf("%s is not a 256 bits hex string as expected\n",
734 argv[2]);
735 return -1;
736 }
737
738 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
739 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
740 NUM_HEX_CHARS);
741 hash_str[NUM_HEX_CHARS] = '\0';
742 if (!str2longbe(hash_str, &hash[i])) {
743 printf("%s is not a 256 bits hex string ",
744 argv[2]);
745 return -1;
746 }
747 }
748
749 hash_cmd = 1;
750 }
751
752 img = malloc(sizeof(struct fsl_secboot_img_priv));
753
754 if (!img)
755 return -1;
756
757 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
758
759 hdr = &img->hdr;
760 img->ehdrloc = addr;
761 esbc = (u8 *)(uintptr_t)img->ehdrloc;
762
763 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
764
765 /* read and validate esbc header */
766 ret = read_validate_esbc_client_header(img);
767
768 if (ret != ESBC_VALID_HDR) {
769 fsl_secboot_handle_error(ret);
770 goto exit;
771 }
772
773 /* SRKH present in SFP */
774 for (i = 0; i < NUM_SRKH_REGS; i++)
775 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
776
777 /*
778 * Calculate hash of key obtained via offset present in
779 * ESBC uboot client hdr
780 */
781 ret = calc_img_key_hash(img);
782 if (ret) {
783 fsl_secblk_handle_error(ret);
784 goto exit;
785 }
786
787 /* Compare hash obtained above with SRK hash present in SFP */
788 if (hash_cmd)
789 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
790 else
791 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
792
793 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
794 if (!hash_cmd && check_ie(img))
795 ret = 0;
796 #endif
797
798 if (ret != 0) {
799 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
800 goto exit;
801 }
802
803 ret = calc_esbchdr_esbc_hash(img);
804 if (ret) {
805 fsl_secblk_handle_error(ret);
806 goto exit;
807 }
808
809 /* Construct encoded hash EM' wrt PKCSv1.5 */
810 construct_img_encoded_hash_second(img);
811
812 /* Fill prop structure for public key */
813 memset(&prop, 0, sizeof(struct key_prop));
814 key_len = get_key_len(img) / 2;
815 prop.modulus = img->img_key;
816 prop.public_exponent = img->img_key + key_len;
817 prop.num_bits = key_len * 8;
818 prop.exp_len = key_len;
819
820 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
821 if (ret) {
822 printf("RSA: Can't find Modular Exp implementation\n");
823 return -EINVAL;
824 }
825
826 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
827 &prop, img->img_encoded_hash);
828 if (ret) {
829 fsl_secblk_handle_error(ret);
830 goto exit;
831 }
832
833 /*
834 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
835 * memcmp returns zero on success
836 * memcmp returns non-zero on failure
837 */
838 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
839 img->hdr.sign_len);
840
841 if (ret) {
842 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_EM);
843 goto exit;
844 }
845
846 printf("esbc_validate command successful\n");
847
848 exit:
849 return 0;
850 }
"Das U-Boot" Source Tree