1 /* 2 * Copyright (C) 2018 Marvell International Ltd. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 * https://spdx.org/licenses 6 */ 7 8 #include <stdlib.h> 9 #include <stdio.h> 10 #include <stdint.h> 11 #include <stddef.h> 12 #include <string.h> 13 #include <unistd.h> 14 #include <sys/stat.h> 15 #include <sys/time.h> 16 17 #ifdef CONFIG_MVEBU_SECURE_BOOT 18 #include <libconfig.h> /* for parsing config file */ 19 20 #if !defined(MBEDTLS_CONFIG_FILE) 21 #include "mbedtls/config.h" 22 #else 23 #include MBEDTLS_CONFIG_FILE 24 #endif 25 26 /* mbedTLS stuff */ 27 #if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \ 28 defined(MBEDTLS_SHA256_C) && \ 29 defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \ 30 defined(MBEDTLS_CTR_DRBG_C) 31 #include <mbedtls/error.h> 32 #include <mbedtls/entropy.h> 33 #include <mbedtls/ctr_drbg.h> 34 #include <mbedtls/md.h> 35 #include <mbedtls/pk.h> 36 #include <mbedtls/sha256.h> 37 #include <mbedtls/x509.h> 38 #else 39 #error "Bad mbedTLS configuration!" 40 #endif 41 #endif /* CONFIG_MVEBU_SECURE_BOOT */ 42 43 #define MAX_FILENAME 256 44 #define CSK_ARR_SZ 16 45 #define CSK_ARR_EMPTY_FILE "*" 46 #define AES_KEY_BIT_LEN 256 47 #define AES_KEY_BYTE_LEN (AES_KEY_BIT_LEN >> 3) 48 #define AES_BLOCK_SZ 16 49 #define RSA_SIGN_BYTE_LEN 256 50 #define MAX_RSA_DER_BYTE_LEN 524 51 /* Number of address pairs in control array */ 52 #define CP_CTRL_EL_ARRAY_SZ 32 53 54 #define VERSION_STRING "Marvell(C) doimage utility version 3.3" 55 56 /* A8K definitions */ 57 58 /* Extension header types */ 59 #define EXT_TYPE_SECURITY 0x1 60 #define EXT_TYPE_BINARY 0x2 61 62 #define MAIN_HDR_MAGIC 0xB105B002 63 64 /* PROLOG alignment considerations: 65 * 128B: To allow supporting XMODEM protocol. 66 * 8KB: To align the boot image to the largest NAND page size, and simplify 67 * the read operations from NAND. 68 * We choose the largest page size, in order to use a single image for all 69 * NAND page sizes. 70 */ 71 #define PROLOG_ALIGNMENT (8 << 10) 72 73 /* UART argument bitfield */ 74 #define UART_MODE_UNMODIFIED 0x0 75 #define UART_MODE_DISABLE 0x1 76 #define UART_MODE_UPDATE 0x2 77 78 typedef struct _main_header { 79 uint32_t magic; /* 0-3 */ 80 uint32_t prolog_size; /* 4-7 */ 81 uint32_t prolog_checksum; /* 8-11 */ 82 uint32_t boot_image_size; /* 12-15 */ 83 uint32_t boot_image_checksum; /* 16-19 */ 84 uint32_t rsrvd0; /* 20-23 */ 85 uint32_t load_addr; /* 24-27 */ 86 uint32_t exec_addr; /* 28-31 */ 87 uint8_t uart_cfg; /* 32 */ 88 uint8_t baudrate; /* 33 */ 89 uint8_t ext_count; /* 34 */ 90 uint8_t aux_flags; /* 35 */ 91 uint32_t io_arg_0; /* 36-39 */ 92 uint32_t io_arg_1; /* 40-43 */ 93 uint32_t io_arg_2; /* 43-47 */ 94 uint32_t io_arg_3; /* 48-51 */ 95 uint32_t rsrvd1; /* 52-55 */ 96 uint32_t rsrvd2; /* 56-59 */ 97 uint32_t rsrvd3; /* 60-63 */ 98 } header_t; 99 100 typedef struct _ext_header { 101 uint8_t type; 102 uint8_t offset; 103 uint16_t reserved; 104 uint32_t size; 105 } ext_header_t; 106 107 typedef struct _sec_entry { 108 uint8_t kak_key[MAX_RSA_DER_BYTE_LEN]; 109 uint32_t jtag_delay; 110 uint32_t box_id; 111 uint32_t flash_id; 112 uint32_t jtag_en; 113 uint32_t encrypt_en; 114 uint32_t efuse_dis; 115 uint8_t header_sign[RSA_SIGN_BYTE_LEN]; 116 uint8_t image_sign[RSA_SIGN_BYTE_LEN]; 117 uint8_t csk_keys[CSK_ARR_SZ][MAX_RSA_DER_BYTE_LEN]; 118 uint8_t csk_sign[RSA_SIGN_BYTE_LEN]; 119 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ]; 120 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ]; 121 } sec_entry_t; 122 123 /* A8K definitions end */ 124 125 /* UART argument bitfield */ 126 #define UART_MODE_UNMODIFIED 0x0 127 #define UART_MODE_DISABLE 0x1 128 #define UART_MODE_UPDATE 0x2 129 130 #define uart_set_mode(arg, mode) (arg |= (mode & 0x3)) 131 132 typedef struct _sec_options { 133 #ifdef CONFIG_MVEBU_SECURE_BOOT 134 char aes_key_file[MAX_FILENAME+1]; 135 char kak_key_file[MAX_FILENAME+1]; 136 char csk_key_file[CSK_ARR_SZ][MAX_FILENAME+1]; 137 uint32_t box_id; 138 uint32_t flash_id; 139 uint32_t jtag_delay; 140 uint8_t csk_index; 141 uint8_t jtag_enable; 142 uint8_t efuse_disable; 143 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ]; 144 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ]; 145 mbedtls_pk_context kak_pk; 146 mbedtls_pk_context csk_pk[CSK_ARR_SZ]; 147 uint8_t aes_key[AES_KEY_BYTE_LEN]; 148 uint8_t *encrypted_image; 149 uint32_t enc_image_sz; 150 #endif 151 } sec_options; 152 153 typedef struct _options { 154 char bin_ext_file[MAX_FILENAME+1]; 155 char sec_cfg_file[MAX_FILENAME+1]; 156 sec_options *sec_opts; 157 uint32_t load_addr; 158 uint32_t exec_addr; 159 uint32_t baudrate; 160 uint8_t disable_print; 161 int8_t key_index; /* For header signatures verification only */ 162 uint32_t nfc_io_args; 163 } options_t; 164 165 void usage_err(char *msg) 166 { 167 fprintf(stderr, "Error: %s\n", msg); 168 fprintf(stderr, "run 'doimage -h' to get usage information\n"); 169 exit(-1); 170 } 171 172 void usage(void) 173 { 174 printf("\n\n%s\n\n", VERSION_STRING); 175 printf("Usage: doimage [options] <input_file> [output_file]\n"); 176 printf("create bootrom image from u-boot and boot extensions\n\n"); 177 178 printf("Arguments\n"); 179 printf(" input_file name of boot image file.\n"); 180 printf(" if -p is used, name of the bootrom image file"); 181 printf(" to parse.\n"); 182 printf(" output_file name of output bootrom image file\n"); 183 184 printf("\nOptions\n"); 185 printf(" -s target SOC name. supports a8020,a7020\n"); 186 printf(" different SOCs may have different boot image\n"); 187 printf(" format so it's mandatory to know the target SOC\n"); 188 printf(" -i boot I/F name. supports nand, spi, nor\n"); 189 printf(" This affects certain parameters coded in the\n"); 190 printf(" image header\n"); 191 printf(" -l boot image load address. default is 0x0\n"); 192 printf(" -e boot image entry address. default is 0x0\n"); 193 printf(" -b binary extension image file.\n"); 194 printf(" This image is executed before the boot image.\n"); 195 printf(" This is typically used to initialize the memory "); 196 printf(" controller.\n"); 197 printf(" Currently supports only a single file.\n"); 198 #ifdef CONFIG_MVEBU_SECURE_BOOT 199 printf(" -c Make trusted boot image using parameters\n"); 200 printf(" from the configuration file.\n"); 201 #endif 202 printf(" -p Parse and display a pre-built boot image\n"); 203 #ifdef CONFIG_MVEBU_SECURE_BOOT 204 printf(" -k Key index for RSA signatures verification\n"); 205 printf(" when parsing the boot image\n"); 206 #endif 207 printf(" -m Disable prints of bootrom and binary extension\n"); 208 printf(" -u UART baudrate used for bootrom prints.\n"); 209 printf(" Must be multiple of 1200\n"); 210 printf(" -h Show this help message\n"); 211 printf(" IO-ROM NFC-NAND boot parameters:\n"); 212 printf(" -n NAND device block size in KB [Default is 64KB].\n"); 213 printf(" -t NAND cell technology (SLC [Default] or MLC)\n"); 214 215 exit(-1); 216 } 217 218 /* globals */ 219 static options_t opts = { 220 .bin_ext_file = "NA", 221 .sec_cfg_file = "NA", 222 .sec_opts = 0, 223 .load_addr = 0x0, 224 .exec_addr = 0x0, 225 .disable_print = 0, 226 .baudrate = 0, 227 .key_index = -1, 228 }; 229 230 int get_file_size(char *filename) 231 { 232 struct stat st; 233 234 if (stat(filename, &st) == 0) 235 return st.st_size; 236 237 return -1; 238 } 239 240 uint32_t checksum32(uint32_t *start, int len) 241 { 242 uint32_t sum = 0; 243 uint32_t *startp = start; 244 245 do { 246 sum += *startp; 247 startp++; 248 len -= 4; 249 } while (len > 0); 250 251 return sum; 252 } 253 254 /******************************************************************************* 255 * create_rsa_signature (memory buffer content) 256 * Create RSASSA-PSS/SHA-256 signature for memory buffer 257 * using RSA Private Key 258 * INPUT: 259 * pk_ctx Private Key context 260 * input memory buffer 261 * ilen buffer length 262 * pers personalization string for seeding the RNG. 263 * For instance a private key file name. 264 * OUTPUT: 265 * signature RSA-2048 signature 266 * RETURN: 267 * 0 on success 268 */ 269 #ifdef CONFIG_MVEBU_SECURE_BOOT 270 int create_rsa_signature(mbedtls_pk_context *pk_ctx, 271 const unsigned char *input, 272 size_t ilen, 273 const char *pers, 274 uint8_t *signature) 275 { 276 mbedtls_entropy_context entropy; 277 mbedtls_ctr_drbg_context ctr_drbg; 278 unsigned char hash[32]; 279 unsigned char buf[MBEDTLS_MPI_MAX_SIZE]; 280 int rval; 281 282 /* Not sure this is required, 283 * but it's safer to start with empty buffers 284 */ 285 memset(hash, 0, sizeof(hash)); 286 memset(buf, 0, sizeof(buf)); 287 288 mbedtls_ctr_drbg_init(&ctr_drbg); 289 mbedtls_entropy_init(&entropy); 290 291 /* Seed the random number generator */ 292 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, 293 (const unsigned char *)pers, strlen(pers)); 294 if (rval != 0) { 295 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval); 296 goto sign_exit; 297 } 298 299 /* The PK context should be already initialized. 300 * Set the padding type for this PK context 301 */ 302 mbedtls_rsa_set_padding(mbedtls_pk_rsa(*pk_ctx), 303 MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); 304 305 /* First compute the SHA256 hash for the input blob */ 306 mbedtls_sha256_ret(input, ilen, hash, 0); 307 308 /* Then calculate the hash signature */ 309 rval = mbedtls_rsa_rsassa_pss_sign(mbedtls_pk_rsa(*pk_ctx), 310 mbedtls_ctr_drbg_random, 311 &ctr_drbg, 312 MBEDTLS_RSA_PRIVATE, 313 MBEDTLS_MD_SHA256, 0, hash, buf); 314 if (rval != 0) { 315 fprintf(stderr, 316 "Failed to create RSA signature for %s. Error %d\n", 317 pers, rval); 318 goto sign_exit; 319 } 320 memcpy(signature, buf, 256); 321 322 sign_exit: 323 mbedtls_ctr_drbg_free(&ctr_drbg); 324 mbedtls_entropy_free(&entropy); 325 326 return rval; 327 } /* end of create_rsa_signature */ 328 329 /******************************************************************************* 330 * verify_rsa_signature (memory buffer content) 331 * Verify RSASSA-PSS/SHA-256 signature for memory buffer 332 * using RSA Public Key 333 * INPUT: 334 * pub_key Public Key buffer 335 * ilen Public Key buffer length 336 * input memory buffer 337 * ilen buffer length 338 * pers personalization string for seeding the RNG. 339 * signature RSA-2048 signature 340 * OUTPUT: 341 * none 342 * RETURN: 343 * 0 on success 344 */ 345 int verify_rsa_signature(const unsigned char *pub_key, 346 size_t klen, 347 const unsigned char *input, 348 size_t ilen, 349 const char *pers, 350 uint8_t *signature) 351 { 352 mbedtls_entropy_context entropy; 353 mbedtls_ctr_drbg_context ctr_drbg; 354 mbedtls_pk_context pk_ctx; 355 unsigned char hash[32]; 356 int rval; 357 unsigned char *pkey = (unsigned char *)pub_key; 358 359 /* Not sure this is required, 360 * but it's safer to start with empty buffer 361 */ 362 memset(hash, 0, sizeof(hash)); 363 364 mbedtls_pk_init(&pk_ctx); 365 mbedtls_ctr_drbg_init(&ctr_drbg); 366 mbedtls_entropy_init(&entropy); 367 368 /* Seed the random number generator */ 369 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, 370 (const unsigned char *)pers, strlen(pers)); 371 if (rval != 0) { 372 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval); 373 goto verify_exit; 374 } 375 376 /* Check ability to read the public key */ 377 rval = mbedtls_pk_parse_subpubkey(&pkey, pub_key + klen, &pk_ctx); 378 if (rval != 0) { 379 fprintf(stderr, " Failed in pk_parse_public_key (%#x)!\n", 380 rval); 381 goto verify_exit; 382 } 383 384 /* Set the padding type for the new PK context */ 385 mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk_ctx), 386 MBEDTLS_RSA_PKCS_V21, 387 MBEDTLS_MD_SHA256); 388 389 /* Compute the SHA256 hash for the input buffer */ 390 mbedtls_sha256_ret(input, ilen, hash, 0); 391 392 rval = mbedtls_rsa_rsassa_pss_verify(mbedtls_pk_rsa(pk_ctx), 393 mbedtls_ctr_drbg_random, 394 &ctr_drbg, 395 MBEDTLS_RSA_PUBLIC, 396 MBEDTLS_MD_SHA256, 0, 397 hash, signature); 398 if (rval != 0) 399 fprintf(stderr, "Failed to verify signature (%d)!\n", rval); 400 401 verify_exit: 402 403 mbedtls_pk_free(&pk_ctx); 404 mbedtls_ctr_drbg_free(&ctr_drbg); 405 mbedtls_entropy_free(&entropy); 406 return rval; 407 } /* end of verify_rsa_signature */ 408 409 /******************************************************************************* 410 * image_encrypt 411 * Encrypt image buffer using AES-256-CBC scheme. 412 * The resulting image is saved into opts.sec_opts->encrypted_image 413 * and the adjusted image size into opts.sec_opts->enc_image_sz 414 * First AES_BLOCK_SZ bytes of the output image contain IV 415 * INPUT: 416 * buf Source buffer to encrypt 417 * blen Source buffer length 418 * OUTPUT: 419 * none 420 * RETURN: 421 * 0 on success 422 */ 423 int image_encrypt(uint8_t *buf, uint32_t blen) 424 { 425 struct timeval tv; 426 char *ptmp = (char *)&tv; 427 unsigned char digest[32]; 428 unsigned char IV[AES_BLOCK_SZ]; 429 int i, k; 430 mbedtls_aes_context aes_ctx; 431 int rval = -1; 432 uint8_t *test_img = 0; 433 434 if (AES_BLOCK_SZ > 32) { 435 fprintf(stderr, "Unsupported AES block size %d\n", 436 AES_BLOCK_SZ); 437 return rval; 438 } 439 440 mbedtls_aes_init(&aes_ctx); 441 memset(IV, 0, AES_BLOCK_SZ); 442 memset(digest, 0, 32); 443 444 /* Generate initialization vector and init the AES engine 445 * Use file name XOR current time and finally SHA-256 446 * [0...AES_BLOCK_SZ-1] 447 */ 448 k = strlen(opts.sec_opts->aes_key_file); 449 if (k > AES_BLOCK_SZ) 450 k = AES_BLOCK_SZ; 451 memcpy(IV, opts.sec_opts->aes_key_file, k); 452 gettimeofday(&tv, 0); 453 454 for (i = 0, k = 0; i < AES_BLOCK_SZ; i++, 455 k = (k+1) % sizeof(struct timeval)) 456 IV[i] ^= ptmp[k]; 457 458 /* compute SHA-256 digest of the results 459 * and use it as the init vector (IV) 460 */ 461 mbedtls_sha256_ret(IV, AES_BLOCK_SZ, digest, 0); 462 memcpy(IV, digest, AES_BLOCK_SZ); 463 mbedtls_aes_setkey_enc(&aes_ctx, opts.sec_opts->aes_key, 464 AES_KEY_BIT_LEN); 465 466 /* The output image has to include extra space for IV 467 * and to be aligned to the AES block size. 468 * The input image buffer has to be already aligned to AES_BLOCK_SZ 469 * and padded with zeroes 470 */ 471 opts.sec_opts->enc_image_sz = (blen + 2 * AES_BLOCK_SZ - 1) & 472 ~(AES_BLOCK_SZ - 1); 473 opts.sec_opts->encrypted_image = calloc(opts.sec_opts->enc_image_sz, 1); 474 if (opts.sec_opts->encrypted_image == 0) { 475 fprintf(stderr, "Failed to allocate encrypted image!\n"); 476 goto encrypt_exit; 477 } 478 479 /* Put IV into the output buffer next to the encrypted image 480 * Since the IV is modified by the encryption function, 481 * this should be done now 482 */ 483 memcpy(opts.sec_opts->encrypted_image + 484 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 485 IV, AES_BLOCK_SZ); 486 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, 487 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 488 IV, buf, opts.sec_opts->encrypted_image); 489 if (rval != 0) { 490 fprintf(stderr, "Failed to encrypt the image! Error %d\n", 491 rval); 492 goto encrypt_exit; 493 } 494 495 mbedtls_aes_free(&aes_ctx); 496 497 /* Try to decrypt the image and compare it with the original data */ 498 mbedtls_aes_init(&aes_ctx); 499 mbedtls_aes_setkey_dec(&aes_ctx, opts.sec_opts->aes_key, 500 AES_KEY_BIT_LEN); 501 502 test_img = calloc(opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 1); 503 if (test_img == 0) { 504 fprintf(stderr, "Failed to allocate test image!d\n"); 505 rval = -1; 506 goto encrypt_exit; 507 } 508 509 memcpy(IV, opts.sec_opts->encrypted_image + 510 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 511 AES_BLOCK_SZ); 512 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT, 513 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 514 IV, opts.sec_opts->encrypted_image, test_img); 515 if (rval != 0) { 516 fprintf(stderr, "Failed to decrypt the image! Error %d\n", 517 rval); 518 goto encrypt_exit; 519 } 520 521 for (i = 0; i < blen; i++) { 522 if (buf[i] != test_img[i]) { 523 fprintf(stderr, "Failed to compare the image after"); 524 fprintf(stderr, " decryption! Byte count is %d\n", i); 525 rval = -1; 526 goto encrypt_exit; 527 } 528 } 529 530 encrypt_exit: 531 532 mbedtls_aes_free(&aes_ctx); 533 if (test_img) 534 free(test_img); 535 536 return rval; 537 } /* end of image_encrypt */ 538 539 /******************************************************************************* 540 * verify_secure_header_signatures 541 * Verify CSK array, header and image signatures and print results 542 * INPUT: 543 * main_hdr Main header 544 * sec_ext Secure extension 545 * OUTPUT: 546 * none 547 * RETURN: 548 * 0 on success 549 */ 550 int verify_secure_header_signatures(header_t *main_hdr, sec_entry_t *sec_ext) 551 { 552 uint8_t *image = (uint8_t *)main_hdr + main_hdr->prolog_size; 553 uint8_t signature[RSA_SIGN_BYTE_LEN]; 554 int rval = -1; 555 556 /* Save headers signature and reset it in the secure header */ 557 memcpy(signature, sec_ext->header_sign, RSA_SIGN_BYTE_LEN); 558 memset(sec_ext->header_sign, 0, RSA_SIGN_BYTE_LEN); 559 560 fprintf(stdout, "\nCheck RSA Signatures\n"); 561 fprintf(stdout, "#########################\n"); 562 fprintf(stdout, "CSK Block Signature: "); 563 if (verify_rsa_signature(sec_ext->kak_key, 564 MAX_RSA_DER_BYTE_LEN, 565 &sec_ext->csk_keys[0][0], 566 sizeof(sec_ext->csk_keys), 567 "CSK Block Signature: ", 568 sec_ext->csk_sign) != 0) { 569 fprintf(stdout, "ERROR\n"); 570 goto ver_error; 571 } 572 fprintf(stdout, "OK\n"); 573 574 if (opts.key_index != -1) { 575 fprintf(stdout, "Image Signature: "); 576 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index], 577 MAX_RSA_DER_BYTE_LEN, 578 image, main_hdr->boot_image_size, 579 "Image Signature: ", 580 sec_ext->image_sign) != 0) { 581 fprintf(stdout, "ERROR\n"); 582 goto ver_error; 583 } 584 fprintf(stdout, "OK\n"); 585 586 fprintf(stdout, "Header Signature: "); 587 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index], 588 MAX_RSA_DER_BYTE_LEN, 589 (uint8_t *)main_hdr, 590 main_hdr->prolog_size, 591 "Header Signature: ", 592 signature) != 0) { 593 fprintf(stdout, "ERROR\n"); 594 goto ver_error; 595 } 596 fprintf(stdout, "OK\n"); 597 } else { 598 fprintf(stdout, "SKIP Image and Header Signatures"); 599 fprintf(stdout, " check (undefined key index)\n"); 600 } 601 602 rval = 0; 603 604 ver_error: 605 memcpy(sec_ext->header_sign, signature, RSA_SIGN_BYTE_LEN); 606 return rval; 607 } 608 609 /******************************************************************************* 610 * verify_and_copy_file_name_entry 611 * INPUT: 612 * element_name 613 * element 614 * OUTPUT: 615 * copy_to 616 * RETURN: 617 * 0 on success 618 */ 619 int verify_and_copy_file_name_entry(const char *element_name, 620 const char *element, char *copy_to) 621 { 622 int element_length = strlen(element); 623 624 if (element_length >= MAX_FILENAME) { 625 fprintf(stderr, "The file name %s for %s is too long (%d). ", 626 element, element_name, element_length); 627 fprintf(stderr, "Maximum allowed %d characters!\n", 628 MAX_FILENAME); 629 return -1; 630 } else if (element_length == 0) { 631 fprintf(stderr, "The file name for %s is empty!\n", 632 element_name); 633 return -1; 634 } 635 memcpy(copy_to, element, element_length); 636 637 return 0; 638 } 639 640 /******************************************************************************* 641 * parse_sec_config_file 642 * Read the secure boot configuration from a file 643 * into internal structures 644 * INPUT: 645 * filename File name 646 * OUTPUT: 647 * none 648 * RETURN: 649 * 0 on success 650 */ 651 int parse_sec_config_file(char *filename) 652 { 653 config_t sec_cfg; 654 int array_sz, element, rval = -1; 655 const char *cfg_string; 656 int32_t cfg_int32; 657 const config_setting_t *csk_array, *control_array; 658 sec_options *sec_opt = 0; 659 660 config_init(&sec_cfg); 661 662 if (config_read_file(&sec_cfg, filename) != CONFIG_TRUE) { 663 fprintf(stderr, "Failed to read data from config file "); 664 fprintf(stderr, "%s\n\t%s at line %d\n", 665 filename, config_error_text(&sec_cfg), 666 config_error_line(&sec_cfg)); 667 goto exit_parse; 668 } 669 670 sec_opt = (sec_options *)calloc(sizeof(sec_options), 1); 671 if (sec_opt == 0) { 672 fprintf(stderr, 673 "Cannot allocate memory for secure boot options!\n"); 674 goto exit_parse; 675 } 676 677 /* KAK file name */ 678 if (config_lookup_string(&sec_cfg, "kak_key_file", 679 &cfg_string) != CONFIG_TRUE) { 680 fprintf(stderr, "The \"kak_key_file\" undefined!\n"); 681 goto exit_parse; 682 } 683 if (verify_and_copy_file_name_entry("kak_key_file", 684 cfg_string, sec_opt->kak_key_file)) 685 goto exit_parse; 686 687 688 /* AES file name - can be empty/undefined */ 689 if (config_lookup_string(&sec_cfg, "aes_key_file", 690 &cfg_string) == CONFIG_TRUE) { 691 if (verify_and_copy_file_name_entry("aes_key_file", 692 cfg_string, 693 sec_opt->aes_key_file)) 694 goto exit_parse; 695 } 696 697 /* CSK file names array */ 698 csk_array = config_lookup(&sec_cfg, "csk_key_file"); 699 if (csk_array == NULL) { 700 fprintf(stderr, "The \"csk_key_file\" undefined!\n"); 701 goto exit_parse; 702 } 703 array_sz = config_setting_length(csk_array); 704 if (array_sz > CSK_ARR_SZ) { 705 fprintf(stderr, "The \"csk_key_file\" array is too big! "); 706 fprintf(stderr, "Only first %d elements will be used\n", 707 CSK_ARR_SZ); 708 array_sz = CSK_ARR_SZ; 709 } else if (array_sz == 0) { 710 fprintf(stderr, "The \"csk_key_file\" array is empty!\n"); 711 goto exit_parse; 712 } 713 714 for (element = 0; element < array_sz; element++) { 715 cfg_string = config_setting_get_string_elem(csk_array, element); 716 if (verify_and_copy_file_name_entry( 717 "csk_key_file", cfg_string, 718 sec_opt->csk_key_file[element])) { 719 fprintf(stderr, "Bad csk_key_file[%d] entry!\n", 720 element); 721 goto exit_parse; 722 } 723 } 724 725 /* JTAG options */ 726 if (config_lookup_bool(&sec_cfg, "jtag.enable", 727 &cfg_int32) != CONFIG_TRUE) { 728 fprintf(stderr, "Error obtaining \"jtag.enable\" element. "); 729 fprintf(stderr, "Using default - FALSE\n"); 730 cfg_int32 = 0; 731 } 732 sec_opt->jtag_enable = cfg_int32; 733 734 if (config_lookup_int(&sec_cfg, "jtag.delay", 735 &cfg_int32) != CONFIG_TRUE) { 736 fprintf(stderr, "Error obtaining \"jtag.delay\" element. "); 737 fprintf(stderr, "Using default - 0us\n"); 738 cfg_int32 = 0; 739 } 740 sec_opt->jtag_delay = cfg_int32; 741 742 /* eFUSE option */ 743 if (config_lookup_bool(&sec_cfg, "efuse_disable", 744 &cfg_int32) != CONFIG_TRUE) { 745 fprintf(stderr, "Error obtaining \"efuse_disable\" element. "); 746 fprintf(stderr, "Using default - TRUE\n"); 747 cfg_int32 = 1; 748 } 749 sec_opt->efuse_disable = cfg_int32; 750 751 /* Box ID option */ 752 if (config_lookup_int(&sec_cfg, "box_id", &cfg_int32) != CONFIG_TRUE) { 753 fprintf(stderr, "Error obtaining \"box_id\" element. "); 754 fprintf(stderr, "Using default - 0x0\n"); 755 cfg_int32 = 0; 756 } 757 sec_opt->box_id = cfg_int32; 758 759 /* Flash ID option */ 760 if (config_lookup_int(&sec_cfg, "flash_id", 761 &cfg_int32) != CONFIG_TRUE) { 762 fprintf(stderr, "Error obtaining \"flash_id\" element. "); 763 fprintf(stderr, "Using default - 0x0\n"); 764 cfg_int32 = 0; 765 } 766 sec_opt->flash_id = cfg_int32; 767 768 /* CSK index option */ 769 if (config_lookup_int(&sec_cfg, "csk_key_index", 770 &cfg_int32) != CONFIG_TRUE) { 771 fprintf(stderr, "Error obtaining \"flash_id\" element. "); 772 fprintf(stderr, "Using default - 0x0\n"); 773 cfg_int32 = 0; 774 } 775 sec_opt->csk_index = cfg_int32; 776 777 /* Secure boot control array */ 778 control_array = config_lookup(&sec_cfg, "control"); 779 if (control_array != NULL) { 780 array_sz = config_setting_length(control_array); 781 if (array_sz == 0) 782 fprintf(stderr, "The \"control\" array is empty!\n"); 783 } else { 784 fprintf(stderr, "The \"control\" is undefined!\n"); 785 array_sz = 0; 786 } 787 788 for (element = 0; element < CP_CTRL_EL_ARRAY_SZ; element++) { 789 sec_opt->cp_ctrl_arr[element] = 790 config_setting_get_int_elem(control_array, element * 2); 791 sec_opt->cp_efuse_arr[element] = 792 config_setting_get_int_elem(control_array, 793 element * 2 + 1); 794 } 795 796 opts.sec_opts = sec_opt; 797 rval = 0; 798 799 exit_parse: 800 config_destroy(&sec_cfg); 801 if (sec_opt && (rval != 0)) 802 free(sec_opt); 803 return rval; 804 } /* end of parse_sec_config_file */ 805 806 int format_sec_ext(char *filename, FILE *out_fd) 807 { 808 ext_header_t header; 809 sec_entry_t sec_ext; 810 int index; 811 int written; 812 813 #define DER_BUF_SZ 1600 814 815 /* First, parse the configuration file */ 816 if (parse_sec_config_file(filename)) { 817 fprintf(stderr, 818 "failed parsing configuration file %s\n", filename); 819 return 1; 820 } 821 822 /* Everything except signatures can be created at this stage */ 823 header.type = EXT_TYPE_SECURITY; 824 header.offset = 0; 825 header.size = sizeof(sec_entry_t); 826 header.reserved = 0; 827 828 /* Bring up RSA context and read private keys from their files */ 829 for (index = 0; index < (CSK_ARR_SZ + 1); index++) { 830 /* for every private key file */ 831 mbedtls_pk_context *pk_ctx = (index == CSK_ARR_SZ) ? 832 &opts.sec_opts->kak_pk : 833 &opts.sec_opts->csk_pk[index]; 834 char *fname = (index == CSK_ARR_SZ) ? 835 opts.sec_opts->kak_key_file : 836 opts.sec_opts->csk_key_file[index]; 837 uint8_t *out_der_key = (index == CSK_ARR_SZ) ? 838 sec_ext.kak_key : 839 sec_ext.csk_keys[index]; 840 size_t output_len; 841 unsigned char output_buf[DER_BUF_SZ]; 842 unsigned char *der_buf_start; 843 844 /* Handle invalid/reserved file names */ 845 if (strncmp(CSK_ARR_EMPTY_FILE, fname, 846 strlen(CSK_ARR_EMPTY_FILE)) == 0) { 847 if (opts.sec_opts->csk_index == index) { 848 fprintf(stderr, 849 "CSK file with index %d cannot be %s\n", 850 index, CSK_ARR_EMPTY_FILE); 851 return 1; 852 } else if (index == CSK_ARR_SZ) { 853 fprintf(stderr, "KAK file name cannot be %s\n", 854 CSK_ARR_EMPTY_FILE); 855 return 1; 856 } 857 /* this key will be empty in CSK array */ 858 continue; 859 } 860 861 mbedtls_pk_init(pk_ctx); 862 /* Read the private RSA key into the context 863 * and verify it (no password) 864 */ 865 if (mbedtls_pk_parse_keyfile(pk_ctx, fname, "") != 0) { 866 fprintf(stderr, 867 "Cannot read RSA private key file %s\n", fname); 868 return 1; 869 } 870 871 /* Create a public key out of private one 872 * and store it in DER format 873 */ 874 output_len = mbedtls_pk_write_pubkey_der(pk_ctx, 875 output_buf, 876 DER_BUF_SZ); 877 if (output_len < 0) { 878 fprintf(stderr, 879 "Failed to create DER coded PUB key (%s)\n", 880 fname); 881 return 1; 882 } 883 884 /* Data in the output buffer is aligned to the buffer end */ 885 der_buf_start = output_buf + sizeof(output_buf) - output_len; 886 /* In the header DER data is aligned 887 * to the start of appropriate field 888 */ 889 bzero(out_der_key, MAX_RSA_DER_BYTE_LEN); 890 memcpy(out_der_key, der_buf_start, output_len); 891 892 } /* for every private key file */ 893 894 /* The CSK block signature can be created here */ 895 if (create_rsa_signature(&opts.sec_opts->kak_pk, 896 &sec_ext.csk_keys[0][0], 897 sizeof(sec_ext.csk_keys), 898 opts.sec_opts->csk_key_file[ 899 opts.sec_opts->csk_index], 900 sec_ext.csk_sign) != 0) { 901 fprintf(stderr, "Failed to sign CSK keys block!\n"); 902 return 1; 903 } 904 905 /* Check that everything is correct */ 906 if (verify_rsa_signature(sec_ext.kak_key, 907 MAX_RSA_DER_BYTE_LEN, 908 &sec_ext.csk_keys[0][0], 909 sizeof(sec_ext.csk_keys), 910 opts.sec_opts->kak_key_file, 911 sec_ext.csk_sign) != 0) { 912 fprintf(stderr, "Failed to verify CSK keys block signature!\n"); 913 return 1; 914 } 915 916 /* AES encryption stuff */ 917 if (strlen(opts.sec_opts->aes_key_file) != 0) { 918 FILE *in_fd; 919 920 in_fd = fopen(opts.sec_opts->aes_key_file, "rb"); 921 if (in_fd == NULL) { 922 fprintf(stderr, "Failed to open AES key file %s\n", 923 opts.sec_opts->aes_key_file); 924 return 1; 925 } 926 927 /* Read the AES key in ASCII format byte by byte */ 928 for (index = 0; index < AES_KEY_BYTE_LEN; index++) { 929 if (fscanf(in_fd, "%02hhx", 930 opts.sec_opts->aes_key + index) != 1) { 931 fprintf(stderr, 932 "Failed to read AES key byte %d ", 933 index); 934 fprintf(stderr, 935 "from file %s\n", 936 opts.sec_opts->aes_key_file); 937 fclose(in_fd); 938 return 1; 939 } 940 } 941 fclose(in_fd); 942 sec_ext.encrypt_en = 1; 943 } else { 944 sec_ext.encrypt_en = 0; 945 } 946 947 /* Fill the rest of the trusted boot extension fields */ 948 sec_ext.box_id = opts.sec_opts->box_id; 949 sec_ext.flash_id = opts.sec_opts->flash_id; 950 sec_ext.efuse_dis = opts.sec_opts->efuse_disable; 951 sec_ext.jtag_delay = opts.sec_opts->jtag_delay; 952 sec_ext.jtag_en = opts.sec_opts->jtag_enable; 953 954 memcpy(sec_ext.cp_ctrl_arr, 955 opts.sec_opts->cp_ctrl_arr, 956 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ); 957 memcpy(sec_ext.cp_efuse_arr, 958 opts.sec_opts->cp_efuse_arr, 959 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ); 960 961 /* Write the resulting extension to file 962 * (image and header signature fields are still empty) 963 */ 964 965 /* Write extension header */ 966 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd); 967 if (written != 1) { 968 fprintf(stderr, 969 "Failed to write SEC extension header to the file\n"); 970 return 1; 971 } 972 /* Write extension body */ 973 written = fwrite(&sec_ext, sizeof(sec_entry_t), 1, out_fd); 974 if (written != 1) { 975 fprintf(stderr, 976 "Failed to write SEC extension body to the file\n"); 977 return 1; 978 } 979 980 return 0; 981 } 982 983 /******************************************************************************* 984 * finalize_secure_ext 985 * Make final changes to secure extension - calculate image and header 986 * signatures and encrypt the image if needed. 987 * The main header checksum and image size fields updated accordingly 988 * INPUT: 989 * header Main header 990 * prolog_buf the entire prolog buffer 991 * prolog_size prolog buffer length 992 * image_buf buffer containing the input binary image 993 * image_size image buffer size. 994 * OUTPUT: 995 * none 996 * RETURN: 997 * 0 on success 998 */ 999 int finalize_secure_ext(header_t *header, 1000 uint8_t *prolog_buf, uint32_t prolog_size, 1001 uint8_t *image_buf, int image_size) 1002 { 1003 int cur_ext, offset; 1004 uint8_t *final_image = image_buf; 1005 uint32_t final_image_sz = image_size; 1006 uint8_t hdr_sign[RSA_SIGN_BYTE_LEN]; 1007 sec_entry_t *sec_ext = 0; 1008 1009 /* Find the Trusted Boot Header between available extensions */ 1010 for (cur_ext = 0, offset = sizeof(header_t); 1011 cur_ext < header->ext_count; cur_ext++) { 1012 ext_header_t *ext_hdr = (ext_header_t *)(prolog_buf + offset); 1013 1014 if (ext_hdr->type == EXT_TYPE_SECURITY) { 1015 sec_ext = (sec_entry_t *)(prolog_buf + offset + 1016 sizeof(ext_header_t) + ext_hdr->offset); 1017 break; 1018 } 1019 1020 offset += sizeof(ext_header_t); 1021 /* If offset is Zero, the extension follows its header */ 1022 if (ext_hdr->offset == 0) 1023 offset += ext_hdr->size; 1024 } 1025 1026 if (sec_ext == 0) { 1027 fprintf(stderr, "Error: No Trusted Boot extension found!\n"); 1028 return -1; 1029 } 1030 1031 if (sec_ext->encrypt_en) { 1032 /* Encrypt the image if needed */ 1033 fprintf(stdout, "Encrypting the image...\n"); 1034 1035 if (image_encrypt(image_buf, image_size) != 0) { 1036 fprintf(stderr, "Failed to encrypt the image!\n"); 1037 return -1; 1038 } 1039 1040 /* Image size and checksum should be updated after encryption. 1041 * This way the image could be verified by the BootROM 1042 * before decryption. 1043 */ 1044 final_image = opts.sec_opts->encrypted_image; 1045 final_image_sz = opts.sec_opts->enc_image_sz; 1046 1047 header->boot_image_size = final_image_sz; 1048 header->boot_image_checksum = 1049 checksum32((uint32_t *)final_image, final_image_sz); 1050 } /* AES encryption */ 1051 1052 /* Create the image signature first, since it will be later 1053 * signed along with the header signature 1054 */ 1055 if (create_rsa_signature(&opts.sec_opts->csk_pk[ 1056 opts.sec_opts->csk_index], 1057 final_image, final_image_sz, 1058 opts.sec_opts->csk_key_file[ 1059 opts.sec_opts->csk_index], 1060 sec_ext->image_sign) != 0) { 1061 fprintf(stderr, "Failed to sign image!\n"); 1062 return -1; 1063 } 1064 /* Check that the image signature is correct */ 1065 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index], 1066 MAX_RSA_DER_BYTE_LEN, 1067 final_image, final_image_sz, 1068 opts.sec_opts->csk_key_file[ 1069 opts.sec_opts->csk_index], 1070 sec_ext->image_sign) != 0) { 1071 fprintf(stderr, "Failed to verify image signature!\n"); 1072 return -1; 1073 } 1074 1075 /* Sign the headers and all the extensions block 1076 * when the header signature field is empty 1077 */ 1078 if (create_rsa_signature(&opts.sec_opts->csk_pk[ 1079 opts.sec_opts->csk_index], 1080 prolog_buf, prolog_size, 1081 opts.sec_opts->csk_key_file[ 1082 opts.sec_opts->csk_index], 1083 hdr_sign) != 0) { 1084 fprintf(stderr, "Failed to sign header!\n"); 1085 return -1; 1086 } 1087 /* Check that the header signature is correct */ 1088 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index], 1089 MAX_RSA_DER_BYTE_LEN, 1090 prolog_buf, prolog_size, 1091 opts.sec_opts->csk_key_file[ 1092 opts.sec_opts->csk_index], 1093 hdr_sign) != 0) { 1094 fprintf(stderr, "Failed to verify header signature!\n"); 1095 return -1; 1096 } 1097 1098 /* Finally, copy the header signature into the trusted boot extension */ 1099 memcpy(sec_ext->header_sign, hdr_sign, RSA_SIGN_BYTE_LEN); 1100 1101 return 0; 1102 } 1103 1104 #endif /* CONFIG_MVEBU_SECURE_BOOT */ 1105 1106 1107 #define FMT_HEX 0 1108 #define FMT_DEC 1 1109 #define FMT_BIN 2 1110 #define FMT_NONE 3 1111 1112 void do_print_field(unsigned int value, char *name, 1113 int start, int size, int format) 1114 { 1115 fprintf(stdout, "[0x%05x : 0x%05x] %-26s", 1116 start, start + size - 1, name); 1117 1118 switch (format) { 1119 case FMT_HEX: 1120 printf("0x%x\n", value); 1121 break; 1122 case FMT_DEC: 1123 printf("%d\n", value); 1124 break; 1125 default: 1126 printf("\n"); 1127 break; 1128 } 1129 } 1130 1131 #define print_field(st, type, field, hex, base) \ 1132 do_print_field((int)st->field, #field, \ 1133 base + offsetof(type, field), sizeof(st->field), hex) 1134 1135 int print_header(uint8_t *buf, int base) 1136 { 1137 header_t *main_hdr; 1138 1139 main_hdr = (header_t *)buf; 1140 1141 fprintf(stdout, "########### Header ##############\n"); 1142 print_field(main_hdr, header_t, magic, FMT_HEX, base); 1143 print_field(main_hdr, header_t, prolog_size, FMT_DEC, base); 1144 print_field(main_hdr, header_t, prolog_checksum, FMT_HEX, base); 1145 print_field(main_hdr, header_t, boot_image_size, FMT_DEC, base); 1146 print_field(main_hdr, header_t, boot_image_checksum, FMT_HEX, base); 1147 print_field(main_hdr, header_t, rsrvd0, FMT_HEX, base); 1148 print_field(main_hdr, header_t, load_addr, FMT_HEX, base); 1149 print_field(main_hdr, header_t, exec_addr, FMT_HEX, base); 1150 print_field(main_hdr, header_t, uart_cfg, FMT_HEX, base); 1151 print_field(main_hdr, header_t, baudrate, FMT_HEX, base); 1152 print_field(main_hdr, header_t, ext_count, FMT_DEC, base); 1153 print_field(main_hdr, header_t, aux_flags, FMT_HEX, base); 1154 print_field(main_hdr, header_t, io_arg_0, FMT_HEX, base); 1155 print_field(main_hdr, header_t, io_arg_1, FMT_HEX, base); 1156 print_field(main_hdr, header_t, io_arg_2, FMT_HEX, base); 1157 print_field(main_hdr, header_t, io_arg_3, FMT_HEX, base); 1158 print_field(main_hdr, header_t, rsrvd1, FMT_HEX, base); 1159 print_field(main_hdr, header_t, rsrvd2, FMT_HEX, base); 1160 print_field(main_hdr, header_t, rsrvd3, FMT_HEX, base); 1161 1162 return sizeof(header_t); 1163 } 1164 1165 int print_ext_hdr(ext_header_t *ext_hdr, int base) 1166 { 1167 print_field(ext_hdr, ext_header_t, type, FMT_HEX, base); 1168 print_field(ext_hdr, ext_header_t, offset, FMT_HEX, base); 1169 print_field(ext_hdr, ext_header_t, reserved, FMT_HEX, base); 1170 print_field(ext_hdr, ext_header_t, size, FMT_DEC, base); 1171 1172 return base + sizeof(ext_header_t); 1173 } 1174 1175 void print_sec_ext(ext_header_t *ext_hdr, int base) 1176 { 1177 sec_entry_t *sec_entry; 1178 uint32_t new_base; 1179 1180 fprintf(stdout, "\n########### Secure extension ###########\n"); 1181 1182 new_base = print_ext_hdr(ext_hdr, base); 1183 1184 sec_entry = (sec_entry_t *)(ext_hdr + 1); 1185 1186 do_print_field(0, "KAK key", new_base, MAX_RSA_DER_BYTE_LEN, FMT_NONE); 1187 new_base += MAX_RSA_DER_BYTE_LEN; 1188 print_field(sec_entry, sec_entry_t, jtag_delay, FMT_DEC, base); 1189 print_field(sec_entry, sec_entry_t, box_id, FMT_HEX, base); 1190 print_field(sec_entry, sec_entry_t, flash_id, FMT_HEX, base); 1191 print_field(sec_entry, sec_entry_t, encrypt_en, FMT_DEC, base); 1192 print_field(sec_entry, sec_entry_t, efuse_dis, FMT_DEC, base); 1193 new_base += 6 * sizeof(uint32_t); 1194 do_print_field(0, "header signature", 1195 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE); 1196 new_base += RSA_SIGN_BYTE_LEN; 1197 do_print_field(0, "image signature", 1198 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE); 1199 new_base += RSA_SIGN_BYTE_LEN; 1200 do_print_field(0, "CSK keys", new_base, 1201 CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN, FMT_NONE); 1202 new_base += CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN; 1203 do_print_field(0, "CSK block signature", 1204 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE); 1205 new_base += RSA_SIGN_BYTE_LEN; 1206 do_print_field(0, "control", new_base, 1207 CP_CTRL_EL_ARRAY_SZ * 2, FMT_NONE); 1208 1209 } 1210 1211 void print_bin_ext(ext_header_t *ext_hdr, int base) 1212 { 1213 fprintf(stdout, "\n########### Binary extension ###########\n"); 1214 base = print_ext_hdr(ext_hdr, base); 1215 do_print_field(0, "binary image", base, ext_hdr->size, FMT_NONE); 1216 } 1217 1218 int print_extension(void *buf, int base, int count, int ext_size) 1219 { 1220 ext_header_t *ext_hdr = buf; 1221 int pad = ext_size; 1222 int curr_size; 1223 1224 while (count--) { 1225 if (ext_hdr->type == EXT_TYPE_BINARY) 1226 print_bin_ext(ext_hdr, base); 1227 else if (ext_hdr->type == EXT_TYPE_SECURITY) 1228 print_sec_ext(ext_hdr, base); 1229 1230 curr_size = sizeof(ext_header_t) + ext_hdr->size; 1231 base += curr_size; 1232 pad -= curr_size; 1233 ext_hdr = (ext_header_t *)((uintptr_t)ext_hdr + curr_size); 1234 } 1235 1236 if (pad) 1237 do_print_field(0, "padding", base, pad, FMT_NONE); 1238 1239 return ext_size; 1240 } 1241 1242 int parse_image(uint8_t *buf, int size) 1243 { 1244 int base = 0; 1245 int ret = 1; 1246 header_t *main_hdr; 1247 uint32_t checksum, prolog_checksum; 1248 1249 1250 fprintf(stdout, 1251 "################### Prolog Start ######################\n\n"); 1252 main_hdr = (header_t *)buf; 1253 base += print_header(buf, base); 1254 1255 if (main_hdr->ext_count) 1256 base += print_extension(buf + base, base, 1257 main_hdr->ext_count, 1258 main_hdr->prolog_size - 1259 sizeof(header_t)); 1260 1261 if (base < main_hdr->prolog_size) { 1262 fprintf(stdout, "\n########### Padding ##############\n"); 1263 do_print_field(0, "prolog padding", 1264 base, main_hdr->prolog_size - base, FMT_HEX); 1265 base = main_hdr->prolog_size; 1266 } 1267 fprintf(stdout, 1268 "\n################### Prolog End ######################\n"); 1269 1270 fprintf(stdout, 1271 "\n################### Boot image ######################\n"); 1272 1273 do_print_field(0, "boot image", base, size - base - 4, FMT_NONE); 1274 1275 fprintf(stdout, 1276 "################### Image end ########################\n"); 1277 1278 /* Check sanity for certain values */ 1279 printf("\nChecking values:\n"); 1280 1281 if (main_hdr->magic == MAIN_HDR_MAGIC) { 1282 fprintf(stdout, "Headers magic: OK!\n"); 1283 } else { 1284 fprintf(stderr, 1285 "\n****** ERROR: HEADER MAGIC 0x%08x != 0x%08x\n", 1286 main_hdr->magic, MAIN_HDR_MAGIC); 1287 goto error; 1288 } 1289 1290 /* headers checksum */ 1291 /* clear the checksum field in header to calculate checksum */ 1292 prolog_checksum = main_hdr->prolog_checksum; 1293 main_hdr->prolog_checksum = 0; 1294 checksum = checksum32((uint32_t *)buf, main_hdr->prolog_size); 1295 1296 if (checksum == prolog_checksum) { 1297 fprintf(stdout, "Headers checksum: OK!\n"); 1298 } else { 1299 fprintf(stderr, 1300 "\n***** ERROR: BAD HEADER CHECKSUM 0x%08x != 0x%08x\n", 1301 checksum, prolog_checksum); 1302 goto error; 1303 } 1304 1305 /* boot image checksum */ 1306 checksum = checksum32((uint32_t *)(buf + main_hdr->prolog_size), 1307 main_hdr->boot_image_size); 1308 if (checksum == main_hdr->boot_image_checksum) { 1309 fprintf(stdout, "Image checksum: OK!\n"); 1310 } else { 1311 fprintf(stderr, 1312 "\n****** ERROR: BAD IMAGE CHECKSUM 0x%08x != 0x%08x\n", 1313 checksum, main_hdr->boot_image_checksum); 1314 goto error; 1315 } 1316 1317 #ifdef CONFIG_MVEBU_SECURE_BOOT 1318 /* RSA signatures */ 1319 if (main_hdr->ext_count) { 1320 uint8_t ext_num = main_hdr->ext_count; 1321 ext_header_t *ext_hdr = (ext_header_t *)(main_hdr + 1); 1322 unsigned char hash[32]; 1323 int i; 1324 1325 while (ext_num--) { 1326 if (ext_hdr->type == EXT_TYPE_SECURITY) { 1327 sec_entry_t *sec_entry = 1328 (sec_entry_t *)(ext_hdr + 1); 1329 1330 ret = verify_secure_header_signatures( 1331 main_hdr, sec_entry); 1332 if (ret != 0) { 1333 fprintf(stderr, 1334 "\n****** FAILED TO VERIFY "); 1335 fprintf(stderr, 1336 "RSA SIGNATURES ********\n"); 1337 goto error; 1338 } 1339 1340 mbedtls_sha256_ret(sec_entry->kak_key, 1341 MAX_RSA_DER_BYTE_LEN, hash, 0); 1342 fprintf(stdout, 1343 ">>>>>>>>>> KAK KEY HASH >>>>>>>>>>\n"); 1344 fprintf(stdout, "SHA256: "); 1345 for (i = 0; i < 32; i++) 1346 fprintf(stdout, "%02X", hash[i]); 1347 1348 fprintf(stdout, 1349 "\n<<<<<<<<< KAK KEY HASH <<<<<<<<<\n"); 1350 1351 break; 1352 } 1353 ext_hdr = 1354 (ext_header_t *)((uint8_t *)(ext_hdr + 1) + 1355 ext_hdr->size); 1356 } 1357 } 1358 #endif 1359 1360 ret = 0; 1361 error: 1362 return ret; 1363 } 1364 1365 int format_bin_ext(char *filename, FILE *out_fd) 1366 { 1367 ext_header_t header; 1368 FILE *in_fd; 1369 int size, written; 1370 int aligned_size, pad_bytes; 1371 char c; 1372 1373 in_fd = fopen(filename, "rb"); 1374 if (in_fd == NULL) { 1375 fprintf(stderr, "failed to open bin extension file %s\n", 1376 filename); 1377 return 1; 1378 } 1379 1380 size = get_file_size(filename); 1381 if (size <= 0) { 1382 fprintf(stderr, "bin extension file size is bad\n"); 1383 return 1; 1384 } 1385 1386 /* Align extension size to 8 bytes */ 1387 aligned_size = (size + 7) & (~7); 1388 pad_bytes = aligned_size - size; 1389 1390 header.type = EXT_TYPE_BINARY; 1391 header.offset = 0; 1392 header.size = aligned_size; 1393 header.reserved = 0; 1394 1395 /* Write header */ 1396 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd); 1397 if (written != 1) { 1398 fprintf(stderr, "failed writing header to extension file\n"); 1399 return 1; 1400 } 1401 1402 /* Write image */ 1403 while (size--) { 1404 c = getc(in_fd); 1405 fputc(c, out_fd); 1406 } 1407 1408 while (pad_bytes--) 1409 fputc(0, out_fd); 1410 1411 fclose(in_fd); 1412 1413 return 0; 1414 } 1415 1416 /* **************************************** 1417 * 1418 * Write all extensions (binary, secure 1419 * extensions) to file 1420 * 1421 * ****************************************/ 1422 1423 int format_extensions(char *ext_filename) 1424 { 1425 FILE *out_fd; 1426 int ret = 0; 1427 1428 out_fd = fopen(ext_filename, "wb"); 1429 if (out_fd == NULL) { 1430 fprintf(stderr, "failed to open extension output file %s", 1431 ext_filename); 1432 return 1; 1433 } 1434 1435 if (strncmp(opts.bin_ext_file, "NA", MAX_FILENAME)) { 1436 if (format_bin_ext(opts.bin_ext_file, out_fd)) { 1437 ret = 1; 1438 goto error; 1439 } 1440 } 1441 #ifdef CONFIG_MVEBU_SECURE_BOOT 1442 if (strncmp(opts.sec_cfg_file, "NA", MAX_FILENAME)) { 1443 if (format_sec_ext(opts.sec_cfg_file, out_fd)) { 1444 ret = 1; 1445 goto error; 1446 } 1447 } 1448 #endif 1449 1450 error: 1451 fflush(out_fd); 1452 fclose(out_fd); 1453 return ret; 1454 } 1455 1456 void update_uart(header_t *header) 1457 { 1458 header->uart_cfg = 0; 1459 header->baudrate = 0; 1460 1461 if (opts.disable_print) 1462 uart_set_mode(header->uart_cfg, UART_MODE_DISABLE); 1463 1464 if (opts.baudrate) 1465 header->baudrate = (opts.baudrate / 1200); 1466 } 1467 1468 /* **************************************** 1469 * 1470 * Write the image prolog, i.e. 1471 * main header and extensions, to file 1472 * 1473 * ****************************************/ 1474 1475 int write_prolog(int ext_cnt, char *ext_filename, 1476 uint8_t *image_buf, int image_size, FILE *out_fd) 1477 { 1478 header_t *header; 1479 int main_hdr_size = sizeof(header_t); 1480 int prolog_size = main_hdr_size; 1481 FILE *ext_fd; 1482 char *buf; 1483 int written, read; 1484 int ret = 1; 1485 1486 1487 if (ext_cnt) 1488 prolog_size += get_file_size(ext_filename); 1489 1490 prolog_size = ((prolog_size + PROLOG_ALIGNMENT) & 1491 (~(PROLOG_ALIGNMENT-1))); 1492 1493 /* Allocate a zeroed buffer to zero the padding bytes */ 1494 buf = calloc(prolog_size, 1); 1495 if (buf == NULL) { 1496 fprintf(stderr, "Error: failed allocating checksum buffer\n"); 1497 return 1; 1498 } 1499 1500 header = (header_t *)buf; 1501 header->magic = MAIN_HDR_MAGIC; 1502 header->prolog_size = prolog_size; 1503 header->load_addr = opts.load_addr; 1504 header->exec_addr = opts.exec_addr; 1505 header->io_arg_0 = opts.nfc_io_args; 1506 header->ext_count = ext_cnt; 1507 header->aux_flags = 0; 1508 header->boot_image_size = (image_size + 3) & (~0x3); 1509 header->boot_image_checksum = checksum32((uint32_t *)image_buf, 1510 image_size); 1511 1512 update_uart(header); 1513 1514 /* Populate buffer with main header and extensions */ 1515 if (ext_cnt) { 1516 ext_fd = fopen(ext_filename, "rb"); 1517 if (ext_fd == NULL) { 1518 fprintf(stderr, 1519 "Error: failed to open extensions file\n"); 1520 goto error; 1521 } 1522 1523 read = fread(&buf[main_hdr_size], 1524 get_file_size(ext_filename), 1, ext_fd); 1525 if (read != 1) { 1526 fprintf(stderr, 1527 "Error: failed to open extensions file\n"); 1528 goto error; 1529 } 1530 1531 #ifdef CONFIG_MVEBU_SECURE_BOOT 1532 /* Secure boot mode? */ 1533 if (opts.sec_opts != 0) { 1534 ret = finalize_secure_ext(header, (uint8_t *)buf, 1535 prolog_size, image_buf, 1536 image_size); 1537 if (ret != 0) { 1538 fprintf(stderr, "Error: failed to handle "); 1539 fprintf(stderr, "secure extension!\n"); 1540 goto error; 1541 } 1542 } /* secure boot mode */ 1543 #endif 1544 } 1545 1546 /* Update the total prolog checksum */ 1547 header->prolog_checksum = checksum32((uint32_t *)buf, prolog_size); 1548 1549 /* Now spill everything to output file */ 1550 written = fwrite(buf, prolog_size, 1, out_fd); 1551 if (written != 1) { 1552 fprintf(stderr, 1553 "Error: failed to write prolog to output file\n"); 1554 goto error; 1555 } 1556 1557 ret = 0; 1558 1559 error: 1560 free(buf); 1561 return ret; 1562 } 1563 1564 int write_boot_image(uint8_t *buf, uint32_t image_size, FILE *out_fd) 1565 { 1566 int written; 1567 1568 written = fwrite(buf, image_size, 1, out_fd); 1569 if (written != 1) { 1570 fprintf(stderr, "Error: Failed to write boot image\n"); 1571 goto error; 1572 } 1573 1574 return 0; 1575 error: 1576 return 1; 1577 } 1578 1579 int main(int argc, char *argv[]) 1580 { 1581 char in_file[MAX_FILENAME+1] = { 0 }; 1582 char out_file[MAX_FILENAME+1] = { 0 }; 1583 char ext_file[MAX_FILENAME+1] = { 0 }; 1584 FILE *in_fd = NULL; 1585 FILE *out_fd = NULL; 1586 int parse = 0; 1587 int ext_cnt = 0; 1588 int opt; 1589 int ret = 0; 1590 int image_size, file_size; 1591 uint8_t *image_buf = NULL; 1592 int read; 1593 size_t len; 1594 uint32_t nand_block_size_kb, mlc_nand; 1595 1596 /* Create temporary file for building extensions 1597 * Use process ID for allowing multiple parallel runs 1598 */ 1599 snprintf(ext_file, MAX_FILENAME, "/tmp/ext_file-%x", getpid()); 1600 1601 while ((opt = getopt(argc, argv, "hpms:i:l:e:a:b:u:n:t:c:k:")) != -1) { 1602 switch (opt) { 1603 case 'h': 1604 usage(); 1605 break; 1606 case 'l': 1607 opts.load_addr = strtoul(optarg, NULL, 0); 1608 break; 1609 case 'e': 1610 opts.exec_addr = strtoul(optarg, NULL, 0); 1611 break; 1612 case 'm': 1613 opts.disable_print = 1; 1614 break; 1615 case 'u': 1616 opts.baudrate = strtoul(optarg, NULL, 0); 1617 break; 1618 case 'b': 1619 strncpy(opts.bin_ext_file, optarg, MAX_FILENAME); 1620 ext_cnt++; 1621 break; 1622 case 'p': 1623 parse = 1; 1624 break; 1625 case 'n': 1626 nand_block_size_kb = strtoul(optarg, NULL, 0); 1627 opts.nfc_io_args |= (nand_block_size_kb / 64); 1628 break; 1629 case 't': 1630 mlc_nand = 0; 1631 if (!strncmp("MLC", optarg, 3)) 1632 mlc_nand = 1; 1633 opts.nfc_io_args |= (mlc_nand << 8); 1634 break; 1635 #ifdef CONFIG_MVEBU_SECURE_BOOT 1636 case 'c': /* SEC extension */ 1637 strncpy(opts.sec_cfg_file, optarg, MAX_FILENAME); 1638 ext_cnt++; 1639 break; 1640 case 'k': 1641 opts.key_index = strtoul(optarg, NULL, 0); 1642 break; 1643 #endif 1644 default: /* '?' */ 1645 usage_err("Unknown argument"); 1646 exit(EXIT_FAILURE); 1647 } 1648 } 1649 1650 /* Check validity of inputes */ 1651 if (opts.load_addr % 8) 1652 usage_err("Load address must be 8 bytes aligned"); 1653 1654 if (opts.baudrate % 1200) 1655 usage_err("Baudrate must be a multiple of 1200"); 1656 1657 /* The remaining arguments are the input 1658 * and potentially output file 1659 */ 1660 /* Input file must exist so exit if not */ 1661 if (optind >= argc) 1662 usage_err("missing input file name"); 1663 1664 len = strlen(argv[optind]); 1665 if (len > MAX_FILENAME) 1666 usage_err("file name too long"); 1667 memcpy(in_file, argv[optind], len); 1668 optind++; 1669 1670 /* Output file must exist in non parse mode */ 1671 if (optind < argc) { 1672 len = strlen(argv[optind]); 1673 if (len > MAX_FILENAME) 1674 usage_err("file name too long"); 1675 memcpy(out_file, argv[optind], len); 1676 } else if (!parse) 1677 usage_err("missing output file name"); 1678 1679 /* open the input file */ 1680 in_fd = fopen(in_file, "rb"); 1681 if (in_fd == NULL) { 1682 printf("Error: Failed to open input file %s\n", in_file); 1683 goto main_exit; 1684 } 1685 1686 /* Read the input file to buffer 1687 * Always align the image to 16 byte boundary 1688 */ 1689 file_size = get_file_size(in_file); 1690 image_size = (file_size + AES_BLOCK_SZ - 1) & ~(AES_BLOCK_SZ - 1); 1691 image_buf = calloc(image_size, 1); 1692 if (image_buf == NULL) { 1693 fprintf(stderr, "Error: failed allocating input buffer\n"); 1694 return 1; 1695 } 1696 1697 read = fread(image_buf, file_size, 1, in_fd); 1698 if (read != 1) { 1699 fprintf(stderr, "Error: failed to read input file\n"); 1700 goto main_exit; 1701 } 1702 1703 /* Parse the input image and leave */ 1704 if (parse) { 1705 if (opts.key_index >= CSK_ARR_SZ) { 1706 fprintf(stderr, 1707 "Wrong key IDX value. Valid values 0 - %d\n", 1708 CSK_ARR_SZ - 1); 1709 goto main_exit; 1710 } 1711 ret = parse_image(image_buf, image_size); 1712 goto main_exit; 1713 } 1714 1715 /* Create a blob file from all extensions */ 1716 if (ext_cnt) { 1717 ret = format_extensions(ext_file); 1718 if (ret) 1719 goto main_exit; 1720 } 1721 1722 out_fd = fopen(out_file, "wb"); 1723 if (out_fd == NULL) { 1724 fprintf(stderr, 1725 "Error: Failed to open output file %s\n", out_file); 1726 goto main_exit; 1727 } 1728 1729 ret = write_prolog(ext_cnt, ext_file, image_buf, image_size, out_fd); 1730 if (ret) 1731 goto main_exit; 1732 1733 #ifdef CONFIG_MVEBU_SECURE_BOOT 1734 if (opts.sec_opts && (opts.sec_opts->encrypted_image != 0) && 1735 (opts.sec_opts->enc_image_sz != 0)) { 1736 ret = write_boot_image(opts.sec_opts->encrypted_image, 1737 opts.sec_opts->enc_image_sz, out_fd); 1738 } else 1739 #endif 1740 ret = write_boot_image(image_buf, image_size, out_fd); 1741 if (ret) 1742 goto main_exit; 1743 1744 main_exit: 1745 if (in_fd) 1746 fclose(in_fd); 1747 1748 if (out_fd) 1749 fclose(out_fd); 1750 1751 if (image_buf) 1752 free(image_buf); 1753 1754 unlink(ext_file); 1755 1756 #ifdef CONFIG_MVEBU_SECURE_BOOT 1757 if (opts.sec_opts) { 1758 if (opts.sec_opts->encrypted_image) 1759 free(opts.sec_opts->encrypted_image); 1760 free(opts.sec_opts); 1761 } 1762 #endif 1763 exit(ret); 1764 } 1765