fsl_validate.c 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840
  1. /*
  2. * Copyright 2015 Freescale Semiconductor, Inc.
  3. *
  4. * SPDX-License-Identifier: GPL-2.0+
  5. */
  6. #include <common.h>
  7. #include <fsl_validate.h>
  8. #include <fsl_secboot_err.h>
  9. #include <fsl_sfp.h>
  10. #include <fsl_sec.h>
  11. #include <command.h>
  12. #include <malloc.h>
  13. #include <dm/uclass.h>
  14. #include <u-boot/rsa-mod-exp.h>
  15. #include <hash.h>
  16. #include <fsl_secboot_err.h>
  17. #ifndef CONFIG_MPC85xx
  18. #include <asm/arch/immap_ls102xa.h>
  19. #endif
  20. #define SHA256_BITS 256
  21. #define SHA256_BYTES (256/8)
  22. #define SHA256_NIBBLES (256/4)
  23. #define NUM_HEX_CHARS (sizeof(ulong) * 2)
  24. /* This array contains DER value for SHA-256 */
  25. static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
  26. 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
  27. 0x04, 0x20
  28. };
  29. static u8 hash_val[SHA256_BYTES];
  30. static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
  31. void branch_to_self(void) __attribute__ ((noreturn));
  32. /*
  33. * This function will put core in infinite loop.
  34. * This will be called when the ESBC can not proceed further due
  35. * to some unknown errors.
  36. */
  37. void branch_to_self(void)
  38. {
  39. printf("Core is in infinite loop due to errors.\n");
  40. self:
  41. goto self;
  42. }
  43. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  44. static u32 check_ie(struct fsl_secboot_img_priv *img)
  45. {
  46. if (img->hdr.ie_flag)
  47. return 1;
  48. return 0;
  49. }
  50. /* This function returns the CSF Header Address of uboot
  51. * For MPC85xx based platforms, the LAW mapping for NOR
  52. * flash changes in uboot code. Hence the offset needs
  53. * to be calculated and added to the new NOR flash base
  54. * address
  55. */
  56. #if defined(CONFIG_MPC85xx)
  57. int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
  58. {
  59. struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
  60. u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
  61. u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
  62. u32 flash_addr, addr;
  63. int found = 0;
  64. int i = 0;
  65. for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
  66. flash_addr = flash_info[i].start[0];
  67. addr = flash_info[i].start[0] + csf_flash_offset;
  68. if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
  69. debug("Barker found on addr %x\n", addr);
  70. found = 1;
  71. break;
  72. }
  73. }
  74. if (!found)
  75. return -1;
  76. *csf_addr = addr;
  77. *flash_base_addr = flash_addr;
  78. return 0;
  79. }
  80. #else
  81. /* For platforms like LS1020, correct flash address is present in
  82. * the header. So the function reqturns flash base address as 0
  83. */
  84. int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
  85. {
  86. struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
  87. u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
  88. if (memcmp((u8 *)csf_hdr_addr, barker_code, ESBC_BARKER_LEN))
  89. return -1;
  90. *csf_addr = csf_hdr_addr;
  91. *flash_base_addr = 0;
  92. return 0;
  93. }
  94. #endif
  95. static int get_ie_info_addr(u32 *ie_addr)
  96. {
  97. struct fsl_secboot_img_hdr *hdr;
  98. struct fsl_secboot_sg_table *sg_tbl;
  99. u32 flash_base_addr, csf_addr;
  100. if (get_csf_base_addr(&csf_addr, &flash_base_addr))
  101. return -1;
  102. hdr = (struct fsl_secboot_img_hdr *)csf_addr;
  103. /* For SoC's with Trust Architecture v1 with corenet bus
  104. * the sg table field in CSF header has absolute address
  105. * for sg table in memory. In other Trust Architecture,
  106. * this field specifies the offset of sg table from the
  107. * base address of CSF Header
  108. */
  109. #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
  110. sg_tbl = (struct fsl_secboot_sg_table *)
  111. (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
  112. flash_base_addr);
  113. #else
  114. sg_tbl = (struct fsl_secboot_sg_table *)(csf_addr +
  115. (u32)hdr->psgtable);
  116. #endif
  117. /* IE Key Table is the first entry in the SG Table */
  118. #if defined(CONFIG_MPC85xx)
  119. *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
  120. flash_base_addr;
  121. #else
  122. *ie_addr = sg_tbl->src_addr;
  123. #endif
  124. debug("IE Table address is %x\n", *ie_addr);
  125. return 0;
  126. }
  127. #endif
  128. #ifdef CONFIG_KEY_REVOCATION
  129. /* This function checks srk_table_flag in header and set/reset srk_flag.*/
  130. static u32 check_srk(struct fsl_secboot_img_priv *img)
  131. {
  132. if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
  133. return 1;
  134. return 0;
  135. }
  136. /* This function returns ospr's key_revoc values.*/
  137. static u32 get_key_revoc(void)
  138. {
  139. struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
  140. return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
  141. OSPR_KEY_REVOC_SHIFT;
  142. }
  143. /* This function checks if selected key is revoked or not.*/
  144. static u32 is_key_revoked(u32 keynum, u32 rev_flag)
  145. {
  146. if (keynum == UNREVOCABLE_KEY)
  147. return 0;
  148. if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
  149. return 1;
  150. return 0;
  151. }
  152. /* It validates srk_table key lengths.*/
  153. static u32 validate_srk_tbl(struct srk_table *tbl, u32 num_entries)
  154. {
  155. int i = 0;
  156. for (i = 0; i < num_entries; i++) {
  157. if (!((tbl[i].key_len == 2 * KEY_SIZE_BYTES/4) ||
  158. (tbl[i].key_len == 2 * KEY_SIZE_BYTES/2) ||
  159. (tbl[i].key_len == 2 * KEY_SIZE_BYTES)))
  160. return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
  161. }
  162. return 0;
  163. }
  164. #endif
  165. /* This function return length of public key.*/
  166. static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
  167. {
  168. return img->key_len;
  169. }
  170. /*
  171. * Handles the ESBC uboot client header verification failure.
  172. * This function handles all the errors which might occur in the
  173. * parsing and checking of ESBC uboot client header. It will also
  174. * set the error bits in the SEC_MON.
  175. */
  176. static void fsl_secboot_header_verification_failure(void)
  177. {
  178. struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
  179. (CONFIG_SYS_SEC_MON_ADDR);
  180. struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
  181. u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
  182. /* 29th bit of OSPR is ITS */
  183. u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
  184. /*
  185. * Read the SEC_MON status register
  186. * Read SSM_ST field
  187. */
  188. sts = sec_mon_in32(&sec_mon_regs->hp_stat);
  189. if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
  190. if (its == 1)
  191. change_sec_mon_state(HPSR_SSM_ST_TRUST,
  192. HPSR_SSM_ST_SOFT_FAIL);
  193. else
  194. change_sec_mon_state(HPSR_SSM_ST_TRUST,
  195. HPSR_SSM_ST_NON_SECURE);
  196. }
  197. printf("Generating reset request\n");
  198. do_reset(NULL, 0, 0, NULL);
  199. }
  200. /*
  201. * Handles the ESBC uboot client image verification failure.
  202. * This function handles all the errors which might occur in the
  203. * public key hash comparison and signature verification of
  204. * ESBC uboot client image. It will also
  205. * set the error bits in the SEC_MON.
  206. */
  207. static void fsl_secboot_image_verification_failure(void)
  208. {
  209. struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
  210. (CONFIG_SYS_SEC_MON_ADDR);
  211. struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
  212. u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
  213. u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
  214. /*
  215. * Read the SEC_MON status register
  216. * Read SSM_ST field
  217. */
  218. sts = sec_mon_in32(&sec_mon_regs->hp_stat);
  219. if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
  220. if (its == 1) {
  221. change_sec_mon_state(HPSR_SSM_ST_TRUST,
  222. HPSR_SSM_ST_SOFT_FAIL);
  223. printf("Generating reset request\n");
  224. do_reset(NULL, 0, 0, NULL);
  225. } else {
  226. change_sec_mon_state(HPSR_SSM_ST_TRUST,
  227. HPSR_SSM_ST_NON_SECURE);
  228. }
  229. }
  230. }
  231. static void fsl_secboot_bootscript_parse_failure(void)
  232. {
  233. fsl_secboot_header_verification_failure();
  234. }
  235. /*
  236. * Handles the errors in esbc boot.
  237. * This function handles all the errors which might occur in the
  238. * esbc boot phase. It will call the appropriate api to log the
  239. * errors and set the error bits in the SEC_MON.
  240. */
  241. void fsl_secboot_handle_error(int error)
  242. {
  243. const struct fsl_secboot_errcode *e;
  244. for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
  245. e++) {
  246. if (e->errcode == error)
  247. printf("ERROR :: %x :: %s\n", error, e->name);
  248. }
  249. switch (error) {
  250. case ERROR_ESBC_CLIENT_HEADER_BARKER:
  251. case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
  252. case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
  253. case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
  254. case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
  255. case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
  256. case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
  257. case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
  258. case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
  259. case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
  260. #ifdef CONFIG_KEY_REVOCATION
  261. case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
  262. case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
  263. case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
  264. case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
  265. #endif
  266. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  267. /*@fallthrough@*/
  268. case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
  269. case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
  270. case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
  271. case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
  272. case ERROR_IE_TABLE_NOT_FOUND:
  273. #endif
  274. fsl_secboot_header_verification_failure();
  275. break;
  276. case ERROR_ESBC_SEC_RESET:
  277. case ERROR_ESBC_SEC_DEQ:
  278. case ERROR_ESBC_SEC_ENQ:
  279. case ERROR_ESBC_SEC_DEQ_TO:
  280. case ERROR_ESBC_SEC_JOBQ_STATUS:
  281. case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
  282. case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
  283. fsl_secboot_image_verification_failure();
  284. break;
  285. case ERROR_ESBC_MISSING_BOOTM:
  286. fsl_secboot_bootscript_parse_failure();
  287. break;
  288. case ERROR_ESBC_WRONG_CMD:
  289. default:
  290. branch_to_self();
  291. break;
  292. }
  293. }
  294. static void fsl_secblk_handle_error(int error)
  295. {
  296. switch (error) {
  297. case ERROR_ESBC_SEC_ENQ:
  298. fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
  299. break;
  300. case ERROR_ESBC_SEC_DEQ:
  301. fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
  302. break;
  303. case ERROR_ESBC_SEC_DEQ_TO:
  304. fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
  305. break;
  306. default:
  307. printf("Job Queue Output status %x\n", error);
  308. fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
  309. break;
  310. }
  311. }
  312. /*
  313. * Calculate hash of key obtained via offset present in ESBC uboot
  314. * client hdr. This function calculates the hash of key which is obtained
  315. * through offset present in ESBC uboot client header.
  316. */
  317. static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
  318. {
  319. struct hash_algo *algo;
  320. void *ctx;
  321. int i, srk = 0;
  322. int ret = 0;
  323. const char *algo_name = "sha256";
  324. /* Calculate hash of the esbc key */
  325. ret = hash_progressive_lookup_algo(algo_name, &algo);
  326. if (ret)
  327. return ret;
  328. ret = algo->hash_init(algo, &ctx);
  329. if (ret)
  330. return ret;
  331. /* Update hash for ESBC key */
  332. #ifdef CONFIG_KEY_REVOCATION
  333. if (check_srk(img)) {
  334. ret = algo->hash_update(algo, ctx,
  335. (u8 *)(img->ehdrloc + img->hdr.srk_tbl_off),
  336. img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
  337. srk = 1;
  338. }
  339. #endif
  340. if (!srk)
  341. ret = algo->hash_update(algo, ctx,
  342. img->img_key, img->key_len, 1);
  343. if (ret)
  344. return ret;
  345. /* Copy hash at destination buffer */
  346. ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
  347. if (ret)
  348. return ret;
  349. for (i = 0; i < SHA256_BYTES; i++)
  350. img->img_key_hash[i] = hash_val[i];
  351. return 0;
  352. }
  353. /*
  354. * Calculate hash of ESBC hdr and ESBC. This function calculates the
  355. * single hash of ESBC header and ESBC image. If SG flag is on, all
  356. * SG entries are also hashed alongwith the complete SG table.
  357. */
  358. static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
  359. {
  360. struct hash_algo *algo;
  361. void *ctx;
  362. int ret = 0;
  363. int key_hash = 0;
  364. const char *algo_name = "sha256";
  365. /* Calculate the hash of the ESBC */
  366. ret = hash_progressive_lookup_algo(algo_name, &algo);
  367. if (ret)
  368. return ret;
  369. ret = algo->hash_init(algo, &ctx);
  370. /* Copy hash at destination buffer */
  371. if (ret)
  372. return ret;
  373. /* Update hash for CSF Header */
  374. ret = algo->hash_update(algo, ctx,
  375. (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
  376. if (ret)
  377. return ret;
  378. /* Update the hash with that of srk table if srk flag is 1
  379. * If IE Table is selected, key is not added in the hash
  380. * If neither srk table nor IE key table available, add key
  381. * from header in the hash calculation
  382. */
  383. #ifdef CONFIG_KEY_REVOCATION
  384. if (check_srk(img)) {
  385. ret = algo->hash_update(algo, ctx,
  386. (u8 *)(img->ehdrloc + img->hdr.srk_tbl_off),
  387. img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
  388. key_hash = 1;
  389. }
  390. #endif
  391. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  392. if (!key_hash && check_ie(img))
  393. key_hash = 1;
  394. #endif
  395. if (!key_hash)
  396. ret = algo->hash_update(algo, ctx,
  397. img->img_key, img->hdr.key_len, 0);
  398. if (ret)
  399. return ret;
  400. /* Update hash for actual Image */
  401. ret = algo->hash_update(algo, ctx,
  402. (u8 *)img->hdr.pimg, img->hdr.img_size, 1);
  403. if (ret)
  404. return ret;
  405. /* Copy hash at destination buffer */
  406. ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
  407. if (ret)
  408. return ret;
  409. return 0;
  410. }
  411. /*
  412. * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
  413. * pointers for padding, DER value and hash. And finally, constructs EM'
  414. * which includes hash of complete CSF header and ESBC image. If SG flag
  415. * is on, hash of SG table and entries is also included.
  416. */
  417. static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
  418. {
  419. /*
  420. * RSA PKCSv1.5 encoding format for encoded message is below
  421. * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
  422. * PS is Padding String
  423. * DER is DER value for SHA-256
  424. * Hash is SHA-256 hash
  425. * *********************************************************
  426. * representative points to first byte of EM initially and is
  427. * filled with 0x0
  428. * representative is incremented by 1 and second byte is filled
  429. * with 0x1
  430. * padding points to third byte of EM
  431. * digest points to full length of EM - 32 bytes
  432. * hash_id (DER value) points to 19 bytes before pDigest
  433. * separator is one byte which separates padding and DER
  434. */
  435. size_t len;
  436. u8 *representative;
  437. u8 *padding, *digest;
  438. u8 *hash_id, *separator;
  439. int i;
  440. len = (get_key_len(img) / 2) - 1;
  441. representative = img->img_encoded_hash_second;
  442. representative[0] = 0;
  443. representative[1] = 1; /* block type 1 */
  444. padding = &representative[2];
  445. digest = &representative[1] + len - 32;
  446. hash_id = digest - sizeof(hash_identifier);
  447. separator = hash_id - 1;
  448. /* fill padding area pointed by padding with 0xff */
  449. memset(padding, 0xff, separator - padding);
  450. /* fill byte pointed by separator */
  451. *separator = 0;
  452. /* fill SHA-256 DER value pointed by HashId */
  453. memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
  454. /* fill hash pointed by Digest */
  455. for (i = 0; i < SHA256_BYTES; i++)
  456. digest[i] = hash_val[i];
  457. }
  458. /*
  459. * Reads and validates the ESBC client header.
  460. * This function reads key and signature from the ESBC client header.
  461. * If Scatter/Gather flag is on, lengths and offsets of images
  462. * present as SG entries are also read. This function also checks
  463. * whether the header is valid or not.
  464. */
  465. static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
  466. {
  467. char buf[20];
  468. struct fsl_secboot_img_hdr *hdr = &img->hdr;
  469. void *esbc = (u8 *)img->ehdrloc;
  470. u8 *k, *s;
  471. #ifdef CONFIG_KEY_REVOCATION
  472. u32 ret;
  473. u32 key_num, key_revoc_flag, size;
  474. #endif
  475. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  476. struct ie_key_info *ie_info;
  477. u32 ie_num, ie_revoc_flag, ie_key_len;
  478. #endif
  479. int key_found = 0;
  480. /* check barker code */
  481. if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
  482. return ERROR_ESBC_CLIENT_HEADER_BARKER;
  483. sprintf(buf, "%x", hdr->pimg);
  484. setenv("img_addr", buf);
  485. if (!hdr->img_size)
  486. return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
  487. /* Key checking*/
  488. #ifdef CONFIG_KEY_REVOCATION
  489. if (check_srk(img)) {
  490. if ((hdr->len_kr.num_srk == 0) ||
  491. (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
  492. return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
  493. key_num = hdr->len_kr.srk_sel;
  494. if (key_num == 0 || key_num > hdr->len_kr.num_srk)
  495. return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
  496. /* Get revoc key from sfp */
  497. key_revoc_flag = get_key_revoc();
  498. ret = is_key_revoked(key_num, key_revoc_flag);
  499. if (ret)
  500. return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
  501. size = hdr->len_kr.num_srk * sizeof(struct srk_table);
  502. memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
  503. ret = validate_srk_tbl(img->srk_tbl, hdr->len_kr.num_srk);
  504. if (ret != 0)
  505. return ret;
  506. img->key_len = img->srk_tbl[key_num - 1].key_len;
  507. memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
  508. img->key_len);
  509. key_found = 1;
  510. }
  511. #endif
  512. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  513. if (!key_found && check_ie(img)) {
  514. if (get_ie_info_addr(&img->ie_addr))
  515. return ERROR_IE_TABLE_NOT_FOUND;
  516. ie_info = (struct ie_key_info *)img->ie_addr;
  517. if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
  518. return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
  519. ie_num = hdr->ie_key_sel;
  520. if (ie_num == 0 || ie_num > ie_info->num_keys)
  521. return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
  522. ie_revoc_flag = ie_info->key_revok;
  523. if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
  524. return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
  525. ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
  526. if (!((ie_key_len == 2 * KEY_SIZE_BYTES / 4) ||
  527. (ie_key_len == 2 * KEY_SIZE_BYTES / 2) ||
  528. (ie_key_len == 2 * KEY_SIZE_BYTES)))
  529. return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
  530. memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
  531. ie_key_len);
  532. img->key_len = ie_key_len;
  533. key_found = 1;
  534. }
  535. #endif
  536. if (key_found == 0) {
  537. /* check key length */
  538. if (!((hdr->key_len == 2 * KEY_SIZE_BYTES / 4) ||
  539. (hdr->key_len == 2 * KEY_SIZE_BYTES / 2) ||
  540. (hdr->key_len == 2 * KEY_SIZE_BYTES)))
  541. return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
  542. memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
  543. img->key_len = hdr->key_len;
  544. key_found = 1;
  545. }
  546. /* check signaure */
  547. if (get_key_len(img) == 2 * hdr->sign_len) {
  548. /* check signature length */
  549. if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
  550. (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
  551. (hdr->sign_len == KEY_SIZE_BYTES)))
  552. return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
  553. } else {
  554. return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
  555. }
  556. memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
  557. /* No SG support */
  558. if (hdr->sg_flag)
  559. return ERROR_ESBC_CLIENT_HEADER_SG;
  560. /* modulus most significant bit should be set */
  561. k = (u8 *)&img->img_key;
  562. if ((k[0] & 0x80) == 0)
  563. return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
  564. /* modulus value should be odd */
  565. if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
  566. return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
  567. /* Check signature value < modulus value */
  568. s = (u8 *)&img->img_sign;
  569. if (!(memcmp(s, k, hdr->sign_len) < 0))
  570. return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
  571. return ESBC_VALID_HDR;
  572. }
  573. static inline int str2longbe(const char *p, ulong *num)
  574. {
  575. char *endptr;
  576. ulong tmp;
  577. if (!p) {
  578. return 0;
  579. } else {
  580. tmp = simple_strtoul(p, &endptr, 16);
  581. if (sizeof(ulong) == 4)
  582. *num = cpu_to_be32(tmp);
  583. else
  584. *num = cpu_to_be64(tmp);
  585. }
  586. return *p != '\0' && *endptr == '\0';
  587. }
  588. int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
  589. char * const argv[])
  590. {
  591. struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
  592. ulong hash[SHA256_BYTES/sizeof(ulong)];
  593. char hash_str[NUM_HEX_CHARS + 1];
  594. ulong addr = simple_strtoul(argv[1], NULL, 16);
  595. struct fsl_secboot_img_priv *img;
  596. struct fsl_secboot_img_hdr *hdr;
  597. void *esbc;
  598. int ret, i, hash_cmd = 0;
  599. u32 srk_hash[8];
  600. uint32_t key_len;
  601. struct key_prop prop;
  602. #if !defined(USE_HOSTCC)
  603. struct udevice *mod_exp_dev;
  604. #endif
  605. if (argc == 3) {
  606. char *cp = argv[2];
  607. int i = 0;
  608. if (*cp == '0' && *(cp + 1) == 'x')
  609. cp += 2;
  610. /* The input string expected is in hex, where
  611. * each 4 bits would be represented by a hex
  612. * sha256 hash is 256 bits long, which would mean
  613. * num of characters = 256 / 4
  614. */
  615. if (strlen(cp) != SHA256_NIBBLES) {
  616. printf("%s is not a 256 bits hex string as expected\n",
  617. argv[2]);
  618. return -1;
  619. }
  620. for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
  621. strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
  622. NUM_HEX_CHARS);
  623. hash_str[NUM_HEX_CHARS] = '\0';
  624. if (!str2longbe(hash_str, &hash[i])) {
  625. printf("%s is not a 256 bits hex string ",
  626. argv[2]);
  627. return -1;
  628. }
  629. }
  630. hash_cmd = 1;
  631. }
  632. img = malloc(sizeof(struct fsl_secboot_img_priv));
  633. if (!img)
  634. return -1;
  635. memset(img, 0, sizeof(struct fsl_secboot_img_priv));
  636. hdr = &img->hdr;
  637. img->ehdrloc = addr;
  638. esbc = (u8 *)img->ehdrloc;
  639. memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
  640. /* read and validate esbc header */
  641. ret = read_validate_esbc_client_header(img);
  642. if (ret != ESBC_VALID_HDR) {
  643. fsl_secboot_handle_error(ret);
  644. goto exit;
  645. }
  646. /* SRKH present in SFP */
  647. for (i = 0; i < NUM_SRKH_REGS; i++)
  648. srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
  649. /*
  650. * Calculate hash of key obtained via offset present in
  651. * ESBC uboot client hdr
  652. */
  653. ret = calc_img_key_hash(img);
  654. if (ret) {
  655. fsl_secblk_handle_error(ret);
  656. goto exit;
  657. }
  658. /* Compare hash obtained above with SRK hash present in SFP */
  659. if (hash_cmd)
  660. ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
  661. else
  662. ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
  663. #if defined(CONFIG_FSL_ISBC_KEY_EXT)
  664. if (!hash_cmd && check_ie(img))
  665. ret = 0;
  666. #endif
  667. if (ret != 0) {
  668. fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
  669. goto exit;
  670. }
  671. ret = calc_esbchdr_esbc_hash(img);
  672. if (ret) {
  673. fsl_secblk_handle_error(ret);
  674. goto exit;
  675. }
  676. /* Construct encoded hash EM' wrt PKCSv1.5 */
  677. construct_img_encoded_hash_second(img);
  678. /* Fill prop structure for public key */
  679. memset(&prop, 0, sizeof(struct key_prop));
  680. key_len = get_key_len(img) / 2;
  681. prop.modulus = img->img_key;
  682. prop.public_exponent = img->img_key + key_len;
  683. prop.num_bits = key_len * 8;
  684. prop.exp_len = key_len;
  685. ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
  686. if (ret) {
  687. printf("RSA: Can't find Modular Exp implementation\n");
  688. return -EINVAL;
  689. }
  690. ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
  691. &prop, img->img_encoded_hash);
  692. if (ret) {
  693. fsl_secblk_handle_error(ret);
  694. goto exit;
  695. }
  696. /*
  697. * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
  698. * memcmp returns zero on success
  699. * memcmp returns non-zero on failure
  700. */
  701. ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
  702. img->hdr.sign_len);
  703. if (ret) {
  704. fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_EM);
  705. goto exit;
  706. }
  707. printf("esbc_validate command successful\n");
  708. exit:
  709. return 0;
  710. }