1 /* 2 * Copyright 2015 Freescale Semiconductor, Inc. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <fsl_validate.h> 9 #include <fsl_secboot_err.h> 10 #include <fsl_sfp.h> 11 #include <fsl_sec.h> 12 #include <command.h> 13 #include <malloc.h> 14 #include <dm/uclass.h> 15 #include <u-boot/rsa-mod-exp.h> 16 #include <hash.h> 17 #include <fsl_secboot_err.h> 18 #ifdef CONFIG_LS102XA 19 #include <asm/arch/immap_ls102xa.h> 20 #endif 21 22 #define SHA256_BITS 256 23 #define SHA256_BYTES (256/8) 24 #define SHA256_NIBBLES (256/4) 25 #define NUM_HEX_CHARS (sizeof(ulong) * 2) 26 27 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \ 28 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \ 29 ((key_len) == 2 * KEY_SIZE_BYTES)) 30 31 /* This array contains DER value for SHA-256 */ 32 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 33 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 34 0x04, 0x20 35 }; 36 37 static u8 hash_val[SHA256_BYTES]; 38 39 #ifdef CONFIG_ESBC_HDR_LS 40 /* New Barker Code for LS ESBC Header */ 41 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 }; 42 #else 43 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 }; 44 #endif 45 46 void branch_to_self(void) __attribute__ ((noreturn)); 47 48 /* 49 * This function will put core in infinite loop. 50 * This will be called when the ESBC can not proceed further due 51 * to some unknown errors. 52 */ 53 void branch_to_self(void) 54 { 55 printf("Core is in infinite loop due to errors.\n"); 56 self: 57 goto self; 58 } 59 60 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 61 static u32 check_ie(struct fsl_secboot_img_priv *img) 62 { 63 if (img->hdr.ie_flag) 64 return 1; 65 66 return 0; 67 } 68 69 /* This function returns the CSF Header Address of uboot 70 * For MPC85xx based platforms, the LAW mapping for NOR 71 * flash changes in uboot code. Hence the offset needs 72 * to be calculated and added to the new NOR flash base 73 * address 74 */ 75 #if defined(CONFIG_MPC85xx) 76 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 77 { 78 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR); 79 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 80 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE); 81 u32 flash_addr, addr; 82 int found = 0; 83 int i = 0; 84 85 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) { 86 flash_addr = flash_info[i].start[0]; 87 addr = flash_info[i].start[0] + csf_flash_offset; 88 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) { 89 debug("Barker found on addr %x\n", addr); 90 found = 1; 91 break; 92 } 93 } 94 95 if (!found) 96 return -1; 97 98 *csf_addr = addr; 99 *flash_base_addr = flash_addr; 100 101 return 0; 102 } 103 #else 104 /* For platforms like LS1020, correct flash address is present in 105 * the header. So the function reqturns flash base address as 0 106 */ 107 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 108 { 109 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); 110 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 111 112 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr, 113 barker_code, ESBC_BARKER_LEN)) 114 return -1; 115 116 *csf_addr = csf_hdr_addr; 117 *flash_base_addr = 0; 118 return 0; 119 } 120 #endif 121 122 static int get_ie_info_addr(u32 *ie_addr) 123 { 124 struct fsl_secboot_img_hdr *hdr; 125 struct fsl_secboot_sg_table *sg_tbl; 126 u32 flash_base_addr, csf_addr; 127 128 if (get_csf_base_addr(&csf_addr, &flash_base_addr)) 129 return -1; 130 131 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr; 132 133 /* For SoC's with Trust Architecture v1 with corenet bus 134 * the sg table field in CSF header has absolute address 135 * for sg table in memory. In other Trust Architecture, 136 * this field specifies the offset of sg table from the 137 * base address of CSF Header 138 */ 139 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET) 140 sg_tbl = (struct fsl_secboot_sg_table *) 141 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 142 flash_base_addr); 143 #else 144 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr + 145 (u32)hdr->psgtable); 146 #endif 147 148 /* IE Key Table is the first entry in the SG Table */ 149 #if defined(CONFIG_MPC85xx) 150 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 151 flash_base_addr; 152 #else 153 *ie_addr = sg_tbl->src_addr; 154 #endif 155 156 debug("IE Table address is %x\n", *ie_addr); 157 return 0; 158 } 159 160 #endif 161 162 #ifdef CONFIG_KEY_REVOCATION 163 /* This function checks srk_table_flag in header and set/reset srk_flag.*/ 164 static u32 check_srk(struct fsl_secboot_img_priv *img) 165 { 166 #ifdef CONFIG_ESBC_HDR_LS 167 /* In LS, No SRK Flag as SRK is always present*/ 168 return 1; 169 #else 170 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG) 171 return 1; 172 173 return 0; 174 #endif 175 } 176 177 /* This function returns ospr's key_revoc values.*/ 178 static u32 get_key_revoc(void) 179 { 180 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 181 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >> 182 OSPR_KEY_REVOC_SHIFT; 183 } 184 185 /* This function checks if selected key is revoked or not.*/ 186 static u32 is_key_revoked(u32 keynum, u32 rev_flag) 187 { 188 if (keynum == UNREVOCABLE_KEY) 189 return 0; 190 191 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag) 192 return 1; 193 194 return 0; 195 } 196 197 /* It read validates srk_table key lengths.*/ 198 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img) 199 { 200 int i = 0; 201 u32 ret, key_num, key_revoc_flag, size; 202 struct fsl_secboot_img_hdr *hdr = &img->hdr; 203 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 204 205 if ((hdr->len_kr.num_srk == 0) || 206 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES)) 207 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY; 208 209 key_num = hdr->len_kr.srk_sel; 210 if (key_num == 0 || key_num > hdr->len_kr.num_srk) 211 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM; 212 213 /* Get revoc key from sfp */ 214 key_revoc_flag = get_key_revoc(); 215 ret = is_key_revoked(key_num, key_revoc_flag); 216 if (ret) 217 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED; 218 219 size = hdr->len_kr.num_srk * sizeof(struct srk_table); 220 221 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size); 222 223 for (i = 0; i < hdr->len_kr.num_srk; i++) { 224 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len)) 225 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN; 226 } 227 228 img->key_len = img->srk_tbl[key_num - 1].key_len; 229 230 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey), 231 img->key_len); 232 233 return 0; 234 } 235 #endif 236 237 #ifndef CONFIG_ESBC_HDR_LS 238 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img) 239 { 240 struct fsl_secboot_img_hdr *hdr = &img->hdr; 241 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 242 243 /* check key length */ 244 if (!CHECK_KEY_LEN(hdr->key_len)) 245 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN; 246 247 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len); 248 249 img->key_len = hdr->key_len; 250 251 return 0; 252 } 253 #endif /* CONFIG_ESBC_HDR_LS */ 254 255 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 256 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img) 257 { 258 struct fsl_secboot_img_hdr *hdr = &img->hdr; 259 u32 ie_key_len, ie_revoc_flag, ie_num; 260 struct ie_key_info *ie_info; 261 262 if (get_ie_info_addr(&img->ie_addr)) 263 return ERROR_IE_TABLE_NOT_FOUND; 264 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr; 265 if (ie_info->num_keys == 0 || ie_info->num_keys > 32) 266 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY; 267 268 ie_num = hdr->ie_key_sel; 269 if (ie_num == 0 || ie_num > ie_info->num_keys) 270 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM; 271 272 ie_revoc_flag = ie_info->key_revok; 273 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag) 274 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED; 275 276 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len; 277 278 if (!CHECK_KEY_LEN(ie_key_len)) 279 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN; 280 281 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey), 282 ie_key_len); 283 284 img->key_len = ie_key_len; 285 return 0; 286 } 287 #endif 288 289 290 /* This function return length of public key.*/ 291 static inline u32 get_key_len(struct fsl_secboot_img_priv *img) 292 { 293 return img->key_len; 294 } 295 296 /* 297 * Handles the ESBC uboot client header verification failure. 298 * This function handles all the errors which might occur in the 299 * parsing and checking of ESBC uboot client header. It will also 300 * set the error bits in the SEC_MON. 301 */ 302 static void fsl_secboot_header_verification_failure(void) 303 { 304 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 305 (CONFIG_SYS_SEC_MON_ADDR); 306 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 307 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 308 309 /* 29th bit of OSPR is ITS */ 310 u32 its = sfp_in32(&sfp_regs->ospr) >> 2; 311 312 /* 313 * Read the SEC_MON status register 314 * Read SSM_ST field 315 */ 316 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 317 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 318 if (its == 1) 319 change_sec_mon_state(HPSR_SSM_ST_TRUST, 320 HPSR_SSM_ST_SOFT_FAIL); 321 else 322 change_sec_mon_state(HPSR_SSM_ST_TRUST, 323 HPSR_SSM_ST_NON_SECURE); 324 } 325 326 printf("Generating reset request\n"); 327 do_reset(NULL, 0, 0, NULL); 328 } 329 330 /* 331 * Handles the ESBC uboot client image verification failure. 332 * This function handles all the errors which might occur in the 333 * public key hash comparison and signature verification of 334 * ESBC uboot client image. It will also 335 * set the error bits in the SEC_MON. 336 */ 337 static void fsl_secboot_image_verification_failure(void) 338 { 339 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 340 (CONFIG_SYS_SEC_MON_ADDR); 341 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 342 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 343 344 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT; 345 346 /* 347 * Read the SEC_MON status register 348 * Read SSM_ST field 349 */ 350 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 351 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 352 if (its == 1) { 353 change_sec_mon_state(HPSR_SSM_ST_TRUST, 354 HPSR_SSM_ST_SOFT_FAIL); 355 356 printf("Generating reset request\n"); 357 do_reset(NULL, 0, 0, NULL); 358 } else { 359 change_sec_mon_state(HPSR_SSM_ST_TRUST, 360 HPSR_SSM_ST_NON_SECURE); 361 } 362 } 363 } 364 365 static void fsl_secboot_bootscript_parse_failure(void) 366 { 367 fsl_secboot_header_verification_failure(); 368 } 369 370 /* 371 * Handles the errors in esbc boot. 372 * This function handles all the errors which might occur in the 373 * esbc boot phase. It will call the appropriate api to log the 374 * errors and set the error bits in the SEC_MON. 375 */ 376 void fsl_secboot_handle_error(int error) 377 { 378 const struct fsl_secboot_errcode *e; 379 380 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX; 381 e++) { 382 if (e->errcode == error) 383 printf("ERROR :: %x :: %s\n", error, e->name); 384 } 385 386 /* If Boot Mode is secure, transition the SNVS state and issue 387 * reset based on type of failure and ITS setting. 388 * If Boot mode is non-secure, return from this function. 389 */ 390 if (fsl_check_boot_mode_secure() == 0) 391 return; 392 393 switch (error) { 394 case ERROR_ESBC_CLIENT_HEADER_BARKER: 395 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE: 396 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN: 397 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN: 398 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN: 399 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1: 400 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2: 401 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD: 402 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP: 403 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD: 404 case ERROR_KEY_TABLE_NOT_FOUND: 405 #ifdef CONFIG_KEY_REVOCATION 406 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED: 407 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY: 408 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM: 409 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN: 410 #endif 411 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 412 /*@fallthrough@*/ 413 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED: 414 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY: 415 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM: 416 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN: 417 case ERROR_IE_TABLE_NOT_FOUND: 418 #endif 419 fsl_secboot_header_verification_failure(); 420 break; 421 case ERROR_ESBC_SEC_RESET: 422 case ERROR_ESBC_SEC_DEQ: 423 case ERROR_ESBC_SEC_ENQ: 424 case ERROR_ESBC_SEC_DEQ_TO: 425 case ERROR_ESBC_SEC_JOBQ_STATUS: 426 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY: 427 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM: 428 fsl_secboot_image_verification_failure(); 429 break; 430 case ERROR_ESBC_MISSING_BOOTM: 431 fsl_secboot_bootscript_parse_failure(); 432 break; 433 case ERROR_ESBC_WRONG_CMD: 434 default: 435 branch_to_self(); 436 break; 437 } 438 } 439 440 static void fsl_secblk_handle_error(int error) 441 { 442 switch (error) { 443 case ERROR_ESBC_SEC_ENQ: 444 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ); 445 break; 446 case ERROR_ESBC_SEC_DEQ: 447 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ); 448 break; 449 case ERROR_ESBC_SEC_DEQ_TO: 450 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO); 451 break; 452 default: 453 printf("Job Queue Output status %x\n", error); 454 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS); 455 break; 456 } 457 } 458 459 /* 460 * Calculate hash of key obtained via offset present in ESBC uboot 461 * client hdr. This function calculates the hash of key which is obtained 462 * through offset present in ESBC uboot client header. 463 */ 464 static int calc_img_key_hash(struct fsl_secboot_img_priv *img) 465 { 466 struct hash_algo *algo; 467 void *ctx; 468 int i, srk = 0; 469 int ret = 0; 470 const char *algo_name = "sha256"; 471 472 /* Calculate hash of the esbc key */ 473 ret = hash_progressive_lookup_algo(algo_name, &algo); 474 if (ret) 475 return ret; 476 477 ret = algo->hash_init(algo, &ctx); 478 if (ret) 479 return ret; 480 481 /* Update hash for ESBC key */ 482 #ifdef CONFIG_KEY_REVOCATION 483 if (check_srk(img)) { 484 ret = algo->hash_update(algo, ctx, 485 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 486 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1); 487 srk = 1; 488 } 489 #endif 490 if (!srk) 491 ret = algo->hash_update(algo, ctx, 492 img->img_key, img->key_len, 1); 493 if (ret) 494 return ret; 495 496 /* Copy hash at destination buffer */ 497 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 498 if (ret) 499 return ret; 500 501 for (i = 0; i < SHA256_BYTES; i++) 502 img->img_key_hash[i] = hash_val[i]; 503 504 return 0; 505 } 506 507 /* 508 * Calculate hash of ESBC hdr and ESBC. This function calculates the 509 * single hash of ESBC header and ESBC image. If SG flag is on, all 510 * SG entries are also hashed alongwith the complete SG table. 511 */ 512 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img) 513 { 514 struct hash_algo *algo; 515 void *ctx; 516 int ret = 0; 517 int key_hash = 0; 518 const char *algo_name = "sha256"; 519 520 /* Calculate the hash of the ESBC */ 521 ret = hash_progressive_lookup_algo(algo_name, &algo); 522 if (ret) 523 return ret; 524 525 ret = algo->hash_init(algo, &ctx); 526 /* Copy hash at destination buffer */ 527 if (ret) 528 return ret; 529 530 /* Update hash for CSF Header */ 531 ret = algo->hash_update(algo, ctx, 532 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0); 533 if (ret) 534 return ret; 535 536 /* Update the hash with that of srk table if srk flag is 1 537 * If IE Table is selected, key is not added in the hash 538 * If neither srk table nor IE key table available, add key 539 * from header in the hash calculation 540 */ 541 #ifdef CONFIG_KEY_REVOCATION 542 if (check_srk(img)) { 543 ret = algo->hash_update(algo, ctx, 544 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 545 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0); 546 key_hash = 1; 547 } 548 #endif 549 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 550 if (!key_hash && check_ie(img)) 551 key_hash = 1; 552 #endif 553 #ifndef CONFIG_ESBC_HDR_LS 554 /* No single key support in LS ESBC header */ 555 if (!key_hash) { 556 ret = algo->hash_update(algo, ctx, 557 img->img_key, img->hdr.key_len, 0); 558 key_hash = 1; 559 } 560 #endif 561 if (ret) 562 return ret; 563 if (!key_hash) 564 return ERROR_KEY_TABLE_NOT_FOUND; 565 566 /* Update hash for actual Image */ 567 ret = algo->hash_update(algo, ctx, 568 (u8 *)img->img_addr, img->img_size, 1); 569 if (ret) 570 return ret; 571 572 /* Copy hash at destination buffer */ 573 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 574 if (ret) 575 return ret; 576 577 return 0; 578 } 579 580 /* 581 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the 582 * pointers for padding, DER value and hash. And finally, constructs EM' 583 * which includes hash of complete CSF header and ESBC image. If SG flag 584 * is on, hash of SG table and entries is also included. 585 */ 586 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img) 587 { 588 /* 589 * RSA PKCSv1.5 encoding format for encoded message is below 590 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash 591 * PS is Padding String 592 * DER is DER value for SHA-256 593 * Hash is SHA-256 hash 594 * ********************************************************* 595 * representative points to first byte of EM initially and is 596 * filled with 0x0 597 * representative is incremented by 1 and second byte is filled 598 * with 0x1 599 * padding points to third byte of EM 600 * digest points to full length of EM - 32 bytes 601 * hash_id (DER value) points to 19 bytes before pDigest 602 * separator is one byte which separates padding and DER 603 */ 604 605 size_t len; 606 u8 *representative; 607 u8 *padding, *digest; 608 u8 *hash_id, *separator; 609 int i; 610 611 len = (get_key_len(img) / 2) - 1; 612 representative = img->img_encoded_hash_second; 613 representative[0] = 0; 614 representative[1] = 1; /* block type 1 */ 615 616 padding = &representative[2]; 617 digest = &representative[1] + len - 32; 618 hash_id = digest - sizeof(hash_identifier); 619 separator = hash_id - 1; 620 621 /* fill padding area pointed by padding with 0xff */ 622 memset(padding, 0xff, separator - padding); 623 624 /* fill byte pointed by separator */ 625 *separator = 0; 626 627 /* fill SHA-256 DER value pointed by HashId */ 628 memcpy(hash_id, hash_identifier, sizeof(hash_identifier)); 629 630 /* fill hash pointed by Digest */ 631 for (i = 0; i < SHA256_BYTES; i++) 632 digest[i] = hash_val[i]; 633 } 634 635 /* 636 * Reads and validates the ESBC client header. 637 * This function reads key and signature from the ESBC client header. 638 * If Scatter/Gather flag is on, lengths and offsets of images 639 * present as SG entries are also read. This function also checks 640 * whether the header is valid or not. 641 */ 642 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) 643 { 644 char buf[20]; 645 struct fsl_secboot_img_hdr *hdr = &img->hdr; 646 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 647 u8 *k, *s; 648 u32 ret = 0; 649 650 int key_found = 0; 651 652 /* check barker code */ 653 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) 654 return ERROR_ESBC_CLIENT_HEADER_BARKER; 655 656 /* If Image Address is not passed as argument to function, 657 * then Address and Size must be read from the Header. 658 */ 659 if (img->img_addr == 0) { 660 #ifdef CONFIG_ESBC_ADDR_64BIT 661 img->img_addr = hdr->pimg64; 662 #else 663 img->img_addr = hdr->pimg; 664 #endif 665 } 666 667 sprintf(buf, "%lx", img->img_addr); 668 setenv("img_addr", buf); 669 670 if (!hdr->img_size) 671 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; 672 673 img->img_size = hdr->img_size; 674 675 /* Key checking*/ 676 #ifdef CONFIG_KEY_REVOCATION 677 if (check_srk(img)) { 678 ret = read_validate_srk_tbl(img); 679 if (ret != 0) 680 return ret; 681 key_found = 1; 682 } 683 #endif 684 685 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 686 if (!key_found && check_ie(img)) { 687 ret = read_validate_ie_tbl(img); 688 if (ret != 0) 689 return ret; 690 key_found = 1; 691 } 692 #endif 693 #ifndef CONFIG_ESBC_HDR_LS 694 /* Single Key Feature not available in LS ESBC Header */ 695 if (key_found == 0) { 696 ret = read_validate_single_key(img); 697 if (ret != 0) 698 return ret; 699 key_found = 1; 700 } 701 #endif 702 if (!key_found) 703 return ERROR_KEY_TABLE_NOT_FOUND; 704 705 /* check signaure */ 706 if (get_key_len(img) == 2 * hdr->sign_len) { 707 /* check signature length */ 708 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) || 709 (hdr->sign_len == KEY_SIZE_BYTES / 2) || 710 (hdr->sign_len == KEY_SIZE_BYTES))) 711 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN; 712 } else { 713 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN; 714 } 715 716 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len); 717 /* No SG support in LS-CH3 */ 718 #ifndef CONFIG_ESBC_HDR_LS 719 /* No SG support */ 720 if (hdr->sg_flag) 721 return ERROR_ESBC_CLIENT_HEADER_SG; 722 #endif 723 724 /* modulus most significant bit should be set */ 725 k = (u8 *)&img->img_key; 726 727 if ((k[0] & 0x80) == 0) 728 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1; 729 730 /* modulus value should be odd */ 731 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0) 732 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2; 733 734 /* Check signature value < modulus value */ 735 s = (u8 *)&img->img_sign; 736 737 if (!(memcmp(s, k, hdr->sign_len) < 0)) 738 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD; 739 740 return ESBC_VALID_HDR; 741 } 742 743 static inline int str2longbe(const char *p, ulong *num) 744 { 745 char *endptr; 746 ulong tmp; 747 748 if (!p) { 749 return 0; 750 } else { 751 tmp = simple_strtoul(p, &endptr, 16); 752 if (sizeof(ulong) == 4) 753 *num = cpu_to_be32(tmp); 754 else 755 *num = cpu_to_be64(tmp); 756 } 757 758 return *p != '\0' && *endptr == '\0'; 759 } 760 /* Function to calculate the ESBC Image Hash 761 * and hash from Digital signature. 762 * The Two hash's are compared to yield the 763 * result of signature validation. 764 */ 765 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img) 766 { 767 int ret; 768 uint32_t key_len; 769 struct key_prop prop; 770 #if !defined(USE_HOSTCC) 771 struct udevice *mod_exp_dev; 772 #endif 773 ret = calc_esbchdr_esbc_hash(img); 774 if (ret) 775 return ret; 776 777 /* Construct encoded hash EM' wrt PKCSv1.5 */ 778 construct_img_encoded_hash_second(img); 779 780 /* Fill prop structure for public key */ 781 memset(&prop, 0, sizeof(struct key_prop)); 782 key_len = get_key_len(img) / 2; 783 prop.modulus = img->img_key; 784 prop.public_exponent = img->img_key + key_len; 785 prop.num_bits = key_len * 8; 786 prop.exp_len = key_len; 787 788 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev); 789 if (ret) { 790 printf("RSA: Can't find Modular Exp implementation\n"); 791 return -EINVAL; 792 } 793 794 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len, 795 &prop, img->img_encoded_hash); 796 if (ret) 797 return ret; 798 799 /* 800 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5 801 * memcmp returns zero on success 802 * memcmp returns non-zero on failure 803 */ 804 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash, 805 img->hdr.sign_len); 806 807 if (ret) 808 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM; 809 810 return 0; 811 } 812 813 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, 814 uintptr_t img_addr) 815 { 816 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 817 ulong hash[SHA256_BYTES/sizeof(ulong)]; 818 char hash_str[NUM_HEX_CHARS + 1]; 819 struct fsl_secboot_img_priv *img; 820 struct fsl_secboot_img_hdr *hdr; 821 void *esbc; 822 int ret, i, hash_cmd = 0; 823 u32 srk_hash[8]; 824 825 if (arg_hash_str != NULL) { 826 const char *cp = arg_hash_str; 827 int i = 0; 828 829 if (*cp == '0' && *(cp + 1) == 'x') 830 cp += 2; 831 832 /* The input string expected is in hex, where 833 * each 4 bits would be represented by a hex 834 * sha256 hash is 256 bits long, which would mean 835 * num of characters = 256 / 4 836 */ 837 if (strlen(cp) != SHA256_NIBBLES) { 838 printf("%s is not a 256 bits hex string as expected\n", 839 arg_hash_str); 840 return -1; 841 } 842 843 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) { 844 strncpy(hash_str, cp + (i * NUM_HEX_CHARS), 845 NUM_HEX_CHARS); 846 hash_str[NUM_HEX_CHARS] = '\0'; 847 if (!str2longbe(hash_str, &hash[i])) { 848 printf("%s is not a 256 bits hex string ", 849 arg_hash_str); 850 return -1; 851 } 852 } 853 854 hash_cmd = 1; 855 } 856 857 img = malloc(sizeof(struct fsl_secboot_img_priv)); 858 859 if (!img) 860 return -1; 861 862 memset(img, 0, sizeof(struct fsl_secboot_img_priv)); 863 864 /* Update the information in Private Struct */ 865 hdr = &img->hdr; 866 img->ehdrloc = haddr; 867 img->img_addr = img_addr; 868 esbc = (u8 *)img->ehdrloc; 869 870 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); 871 872 /* read and validate esbc header */ 873 ret = read_validate_esbc_client_header(img); 874 875 if (ret != ESBC_VALID_HDR) { 876 fsl_secboot_handle_error(ret); 877 goto exit; 878 } 879 880 /* SRKH present in SFP */ 881 for (i = 0; i < NUM_SRKH_REGS; i++) 882 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]); 883 884 /* 885 * Calculate hash of key obtained via offset present in 886 * ESBC uboot client hdr 887 */ 888 ret = calc_img_key_hash(img); 889 if (ret) { 890 fsl_secblk_handle_error(ret); 891 goto exit; 892 } 893 894 /* Compare hash obtained above with SRK hash present in SFP */ 895 if (hash_cmd) 896 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES); 897 else 898 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES); 899 900 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 901 if (!hash_cmd && check_ie(img)) 902 ret = 0; 903 #endif 904 905 if (ret != 0) { 906 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY); 907 goto exit; 908 } 909 910 ret = calculate_cmp_img_sig(img); 911 if (ret) { 912 fsl_secboot_handle_error(ret); 913 goto exit; 914 } 915 916 exit: 917 return ret; 918 } 919