1 /* 2 * Copyright 2015 Freescale Semiconductor, Inc. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <fsl_validate.h> 9 #include <fsl_secboot_err.h> 10 #include <fsl_sfp.h> 11 #include <fsl_sec.h> 12 #include <command.h> 13 #include <malloc.h> 14 #include <dm/uclass.h> 15 #include <u-boot/rsa-mod-exp.h> 16 #include <hash.h> 17 #include <fsl_secboot_err.h> 18 #ifdef CONFIG_LS102XA 19 #include <asm/arch/immap_ls102xa.h> 20 #endif 21 22 #define SHA256_BITS 256 23 #define SHA256_BYTES (256/8) 24 #define SHA256_NIBBLES (256/4) 25 #define NUM_HEX_CHARS (sizeof(ulong) * 2) 26 27 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \ 28 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \ 29 ((key_len) == 2 * KEY_SIZE_BYTES)) 30 31 /* This array contains DER value for SHA-256 */ 32 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 33 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 34 0x04, 0x20 35 }; 36 37 static u8 hash_val[SHA256_BYTES]; 38 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 }; 39 40 void branch_to_self(void) __attribute__ ((noreturn)); 41 42 /* 43 * This function will put core in infinite loop. 44 * This will be called when the ESBC can not proceed further due 45 * to some unknown errors. 46 */ 47 void branch_to_self(void) 48 { 49 printf("Core is in infinite loop due to errors.\n"); 50 self: 51 goto self; 52 } 53 54 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 55 static u32 check_ie(struct fsl_secboot_img_priv *img) 56 { 57 if (img->hdr.ie_flag) 58 return 1; 59 60 return 0; 61 } 62 63 /* This function returns the CSF Header Address of uboot 64 * For MPC85xx based platforms, the LAW mapping for NOR 65 * flash changes in uboot code. Hence the offset needs 66 * to be calculated and added to the new NOR flash base 67 * address 68 */ 69 #if defined(CONFIG_MPC85xx) 70 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 71 { 72 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR); 73 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 74 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE); 75 u32 flash_addr, addr; 76 int found = 0; 77 int i = 0; 78 79 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) { 80 flash_addr = flash_info[i].start[0]; 81 addr = flash_info[i].start[0] + csf_flash_offset; 82 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) { 83 debug("Barker found on addr %x\n", addr); 84 found = 1; 85 break; 86 } 87 } 88 89 if (!found) 90 return -1; 91 92 *csf_addr = addr; 93 *flash_base_addr = flash_addr; 94 95 return 0; 96 } 97 #else 98 /* For platforms like LS1020, correct flash address is present in 99 * the header. So the function reqturns flash base address as 0 100 */ 101 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 102 { 103 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); 104 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 105 106 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr, 107 barker_code, ESBC_BARKER_LEN)) 108 return -1; 109 110 *csf_addr = csf_hdr_addr; 111 *flash_base_addr = 0; 112 return 0; 113 } 114 #endif 115 116 static int get_ie_info_addr(u32 *ie_addr) 117 { 118 struct fsl_secboot_img_hdr *hdr; 119 struct fsl_secboot_sg_table *sg_tbl; 120 u32 flash_base_addr, csf_addr; 121 122 if (get_csf_base_addr(&csf_addr, &flash_base_addr)) 123 return -1; 124 125 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr; 126 127 /* For SoC's with Trust Architecture v1 with corenet bus 128 * the sg table field in CSF header has absolute address 129 * for sg table in memory. In other Trust Architecture, 130 * this field specifies the offset of sg table from the 131 * base address of CSF Header 132 */ 133 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET) 134 sg_tbl = (struct fsl_secboot_sg_table *) 135 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 136 flash_base_addr); 137 #else 138 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr + 139 (u32)hdr->psgtable); 140 #endif 141 142 /* IE Key Table is the first entry in the SG Table */ 143 #if defined(CONFIG_MPC85xx) 144 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 145 flash_base_addr; 146 #else 147 *ie_addr = sg_tbl->src_addr; 148 #endif 149 150 debug("IE Table address is %x\n", *ie_addr); 151 return 0; 152 } 153 154 #endif 155 156 #ifdef CONFIG_KEY_REVOCATION 157 /* This function checks srk_table_flag in header and set/reset srk_flag.*/ 158 static u32 check_srk(struct fsl_secboot_img_priv *img) 159 { 160 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG) 161 return 1; 162 163 return 0; 164 } 165 166 /* This function returns ospr's key_revoc values.*/ 167 static u32 get_key_revoc(void) 168 { 169 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 170 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >> 171 OSPR_KEY_REVOC_SHIFT; 172 } 173 174 /* This function checks if selected key is revoked or not.*/ 175 static u32 is_key_revoked(u32 keynum, u32 rev_flag) 176 { 177 if (keynum == UNREVOCABLE_KEY) 178 return 0; 179 180 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag) 181 return 1; 182 183 return 0; 184 } 185 186 /* It read validates srk_table key lengths.*/ 187 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img) 188 { 189 int i = 0; 190 u32 ret, key_num, key_revoc_flag, size; 191 struct fsl_secboot_img_hdr *hdr = &img->hdr; 192 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 193 194 if ((hdr->len_kr.num_srk == 0) || 195 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES)) 196 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY; 197 198 key_num = hdr->len_kr.srk_sel; 199 if (key_num == 0 || key_num > hdr->len_kr.num_srk) 200 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM; 201 202 /* Get revoc key from sfp */ 203 key_revoc_flag = get_key_revoc(); 204 ret = is_key_revoked(key_num, key_revoc_flag); 205 if (ret) 206 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED; 207 208 size = hdr->len_kr.num_srk * sizeof(struct srk_table); 209 210 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size); 211 212 for (i = 0; i < hdr->len_kr.num_srk; i++) { 213 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len)) 214 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN; 215 } 216 217 img->key_len = img->srk_tbl[key_num - 1].key_len; 218 219 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey), 220 img->key_len); 221 222 return 0; 223 } 224 #endif 225 226 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img) 227 { 228 struct fsl_secboot_img_hdr *hdr = &img->hdr; 229 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 230 231 /* check key length */ 232 if (!CHECK_KEY_LEN(hdr->key_len)) 233 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN; 234 235 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len); 236 237 img->key_len = hdr->key_len; 238 239 return 0; 240 } 241 242 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 243 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img) 244 { 245 struct fsl_secboot_img_hdr *hdr = &img->hdr; 246 u32 ie_key_len, ie_revoc_flag, ie_num; 247 struct ie_key_info *ie_info; 248 249 if (get_ie_info_addr(&img->ie_addr)) 250 return ERROR_IE_TABLE_NOT_FOUND; 251 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr; 252 if (ie_info->num_keys == 0 || ie_info->num_keys > 32) 253 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY; 254 255 ie_num = hdr->ie_key_sel; 256 if (ie_num == 0 || ie_num > ie_info->num_keys) 257 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM; 258 259 ie_revoc_flag = ie_info->key_revok; 260 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag) 261 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED; 262 263 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len; 264 265 if (!CHECK_KEY_LEN(ie_key_len)) 266 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN; 267 268 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey), 269 ie_key_len); 270 271 img->key_len = ie_key_len; 272 return 0; 273 } 274 #endif 275 276 277 /* This function return length of public key.*/ 278 static inline u32 get_key_len(struct fsl_secboot_img_priv *img) 279 { 280 return img->key_len; 281 } 282 283 /* 284 * Handles the ESBC uboot client header verification failure. 285 * This function handles all the errors which might occur in the 286 * parsing and checking of ESBC uboot client header. It will also 287 * set the error bits in the SEC_MON. 288 */ 289 static void fsl_secboot_header_verification_failure(void) 290 { 291 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 292 (CONFIG_SYS_SEC_MON_ADDR); 293 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 294 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 295 296 /* 29th bit of OSPR is ITS */ 297 u32 its = sfp_in32(&sfp_regs->ospr) >> 2; 298 299 /* 300 * Read the SEC_MON status register 301 * Read SSM_ST field 302 */ 303 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 304 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 305 if (its == 1) 306 change_sec_mon_state(HPSR_SSM_ST_TRUST, 307 HPSR_SSM_ST_SOFT_FAIL); 308 else 309 change_sec_mon_state(HPSR_SSM_ST_TRUST, 310 HPSR_SSM_ST_NON_SECURE); 311 } 312 313 printf("Generating reset request\n"); 314 do_reset(NULL, 0, 0, NULL); 315 } 316 317 /* 318 * Handles the ESBC uboot client image verification failure. 319 * This function handles all the errors which might occur in the 320 * public key hash comparison and signature verification of 321 * ESBC uboot client image. It will also 322 * set the error bits in the SEC_MON. 323 */ 324 static void fsl_secboot_image_verification_failure(void) 325 { 326 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 327 (CONFIG_SYS_SEC_MON_ADDR); 328 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 329 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 330 331 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT; 332 333 /* 334 * Read the SEC_MON status register 335 * Read SSM_ST field 336 */ 337 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 338 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 339 if (its == 1) { 340 change_sec_mon_state(HPSR_SSM_ST_TRUST, 341 HPSR_SSM_ST_SOFT_FAIL); 342 343 printf("Generating reset request\n"); 344 do_reset(NULL, 0, 0, NULL); 345 } else { 346 change_sec_mon_state(HPSR_SSM_ST_TRUST, 347 HPSR_SSM_ST_NON_SECURE); 348 } 349 } 350 } 351 352 static void fsl_secboot_bootscript_parse_failure(void) 353 { 354 fsl_secboot_header_verification_failure(); 355 } 356 357 /* 358 * Handles the errors in esbc boot. 359 * This function handles all the errors which might occur in the 360 * esbc boot phase. It will call the appropriate api to log the 361 * errors and set the error bits in the SEC_MON. 362 */ 363 void fsl_secboot_handle_error(int error) 364 { 365 const struct fsl_secboot_errcode *e; 366 367 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX; 368 e++) { 369 if (e->errcode == error) 370 printf("ERROR :: %x :: %s\n", error, e->name); 371 } 372 373 switch (error) { 374 case ERROR_ESBC_CLIENT_HEADER_BARKER: 375 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE: 376 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN: 377 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN: 378 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN: 379 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1: 380 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2: 381 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD: 382 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP: 383 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD: 384 #ifdef CONFIG_KEY_REVOCATION 385 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED: 386 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY: 387 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM: 388 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN: 389 #endif 390 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 391 /*@fallthrough@*/ 392 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED: 393 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY: 394 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM: 395 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN: 396 case ERROR_IE_TABLE_NOT_FOUND: 397 #endif 398 fsl_secboot_header_verification_failure(); 399 break; 400 case ERROR_ESBC_SEC_RESET: 401 case ERROR_ESBC_SEC_DEQ: 402 case ERROR_ESBC_SEC_ENQ: 403 case ERROR_ESBC_SEC_DEQ_TO: 404 case ERROR_ESBC_SEC_JOBQ_STATUS: 405 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY: 406 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM: 407 fsl_secboot_image_verification_failure(); 408 break; 409 case ERROR_ESBC_MISSING_BOOTM: 410 fsl_secboot_bootscript_parse_failure(); 411 break; 412 case ERROR_ESBC_WRONG_CMD: 413 default: 414 branch_to_self(); 415 break; 416 } 417 } 418 419 static void fsl_secblk_handle_error(int error) 420 { 421 switch (error) { 422 case ERROR_ESBC_SEC_ENQ: 423 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ); 424 break; 425 case ERROR_ESBC_SEC_DEQ: 426 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ); 427 break; 428 case ERROR_ESBC_SEC_DEQ_TO: 429 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO); 430 break; 431 default: 432 printf("Job Queue Output status %x\n", error); 433 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS); 434 break; 435 } 436 } 437 438 /* 439 * Calculate hash of key obtained via offset present in ESBC uboot 440 * client hdr. This function calculates the hash of key which is obtained 441 * through offset present in ESBC uboot client header. 442 */ 443 static int calc_img_key_hash(struct fsl_secboot_img_priv *img) 444 { 445 struct hash_algo *algo; 446 void *ctx; 447 int i, srk = 0; 448 int ret = 0; 449 const char *algo_name = "sha256"; 450 451 /* Calculate hash of the esbc key */ 452 ret = hash_progressive_lookup_algo(algo_name, &algo); 453 if (ret) 454 return ret; 455 456 ret = algo->hash_init(algo, &ctx); 457 if (ret) 458 return ret; 459 460 /* Update hash for ESBC key */ 461 #ifdef CONFIG_KEY_REVOCATION 462 if (check_srk(img)) { 463 ret = algo->hash_update(algo, ctx, 464 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 465 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1); 466 srk = 1; 467 } 468 #endif 469 if (!srk) 470 ret = algo->hash_update(algo, ctx, 471 img->img_key, img->key_len, 1); 472 if (ret) 473 return ret; 474 475 /* Copy hash at destination buffer */ 476 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 477 if (ret) 478 return ret; 479 480 for (i = 0; i < SHA256_BYTES; i++) 481 img->img_key_hash[i] = hash_val[i]; 482 483 return 0; 484 } 485 486 /* 487 * Calculate hash of ESBC hdr and ESBC. This function calculates the 488 * single hash of ESBC header and ESBC image. If SG flag is on, all 489 * SG entries are also hashed alongwith the complete SG table. 490 */ 491 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img) 492 { 493 struct hash_algo *algo; 494 void *ctx; 495 int ret = 0; 496 int key_hash = 0; 497 const char *algo_name = "sha256"; 498 499 /* Calculate the hash of the ESBC */ 500 ret = hash_progressive_lookup_algo(algo_name, &algo); 501 if (ret) 502 return ret; 503 504 ret = algo->hash_init(algo, &ctx); 505 /* Copy hash at destination buffer */ 506 if (ret) 507 return ret; 508 509 /* Update hash for CSF Header */ 510 ret = algo->hash_update(algo, ctx, 511 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0); 512 if (ret) 513 return ret; 514 515 /* Update the hash with that of srk table if srk flag is 1 516 * If IE Table is selected, key is not added in the hash 517 * If neither srk table nor IE key table available, add key 518 * from header in the hash calculation 519 */ 520 #ifdef CONFIG_KEY_REVOCATION 521 if (check_srk(img)) { 522 ret = algo->hash_update(algo, ctx, 523 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 524 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0); 525 key_hash = 1; 526 } 527 #endif 528 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 529 if (!key_hash && check_ie(img)) 530 key_hash = 1; 531 #endif 532 if (!key_hash) 533 ret = algo->hash_update(algo, ctx, 534 img->img_key, img->hdr.key_len, 0); 535 if (ret) 536 return ret; 537 538 /* Update hash for actual Image */ 539 ret = algo->hash_update(algo, ctx, 540 (u8 *)img->img_addr, img->img_size, 1); 541 if (ret) 542 return ret; 543 544 /* Copy hash at destination buffer */ 545 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 546 if (ret) 547 return ret; 548 549 return 0; 550 } 551 552 /* 553 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the 554 * pointers for padding, DER value and hash. And finally, constructs EM' 555 * which includes hash of complete CSF header and ESBC image. If SG flag 556 * is on, hash of SG table and entries is also included. 557 */ 558 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img) 559 { 560 /* 561 * RSA PKCSv1.5 encoding format for encoded message is below 562 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash 563 * PS is Padding String 564 * DER is DER value for SHA-256 565 * Hash is SHA-256 hash 566 * ********************************************************* 567 * representative points to first byte of EM initially and is 568 * filled with 0x0 569 * representative is incremented by 1 and second byte is filled 570 * with 0x1 571 * padding points to third byte of EM 572 * digest points to full length of EM - 32 bytes 573 * hash_id (DER value) points to 19 bytes before pDigest 574 * separator is one byte which separates padding and DER 575 */ 576 577 size_t len; 578 u8 *representative; 579 u8 *padding, *digest; 580 u8 *hash_id, *separator; 581 int i; 582 583 len = (get_key_len(img) / 2) - 1; 584 representative = img->img_encoded_hash_second; 585 representative[0] = 0; 586 representative[1] = 1; /* block type 1 */ 587 588 padding = &representative[2]; 589 digest = &representative[1] + len - 32; 590 hash_id = digest - sizeof(hash_identifier); 591 separator = hash_id - 1; 592 593 /* fill padding area pointed by padding with 0xff */ 594 memset(padding, 0xff, separator - padding); 595 596 /* fill byte pointed by separator */ 597 *separator = 0; 598 599 /* fill SHA-256 DER value pointed by HashId */ 600 memcpy(hash_id, hash_identifier, sizeof(hash_identifier)); 601 602 /* fill hash pointed by Digest */ 603 for (i = 0; i < SHA256_BYTES; i++) 604 digest[i] = hash_val[i]; 605 } 606 607 /* 608 * Reads and validates the ESBC client header. 609 * This function reads key and signature from the ESBC client header. 610 * If Scatter/Gather flag is on, lengths and offsets of images 611 * present as SG entries are also read. This function also checks 612 * whether the header is valid or not. 613 */ 614 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) 615 { 616 char buf[20]; 617 struct fsl_secboot_img_hdr *hdr = &img->hdr; 618 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 619 u8 *k, *s; 620 u32 ret = 0; 621 622 #ifdef CONFIG_KEY_REVOCATION 623 #endif 624 int key_found = 0; 625 626 /* check barker code */ 627 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) 628 return ERROR_ESBC_CLIENT_HEADER_BARKER; 629 630 /* If Image Address is not passed as argument to function, 631 * then Address and Size must be read from the Header. 632 */ 633 if (img->img_addr == 0) { 634 #ifdef CONFIG_ESBC_ADDR_64BIT 635 img->img_addr = hdr->pimg64; 636 #else 637 img->img_addr = hdr->pimg; 638 #endif 639 } 640 641 sprintf(buf, "%lx", img->img_addr); 642 setenv("img_addr", buf); 643 644 if (!hdr->img_size) 645 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; 646 647 img->img_size = hdr->img_size; 648 649 /* Key checking*/ 650 #ifdef CONFIG_KEY_REVOCATION 651 if (check_srk(img)) { 652 ret = read_validate_srk_tbl(img); 653 if (ret != 0) 654 return ret; 655 key_found = 1; 656 } 657 #endif 658 659 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 660 if (!key_found && check_ie(img)) { 661 ret = read_validate_ie_tbl(img); 662 if (ret != 0) 663 return ret; 664 key_found = 1; 665 } 666 #endif 667 668 if (key_found == 0) { 669 ret = read_validate_single_key(img); 670 if (ret != 0) 671 return ret; 672 key_found = 1; 673 } 674 675 /* check signaure */ 676 if (get_key_len(img) == 2 * hdr->sign_len) { 677 /* check signature length */ 678 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) || 679 (hdr->sign_len == KEY_SIZE_BYTES / 2) || 680 (hdr->sign_len == KEY_SIZE_BYTES))) 681 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN; 682 } else { 683 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN; 684 } 685 686 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len); 687 688 /* No SG support */ 689 if (hdr->sg_flag) 690 return ERROR_ESBC_CLIENT_HEADER_SG; 691 692 /* modulus most significant bit should be set */ 693 k = (u8 *)&img->img_key; 694 695 if ((k[0] & 0x80) == 0) 696 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1; 697 698 /* modulus value should be odd */ 699 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0) 700 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2; 701 702 /* Check signature value < modulus value */ 703 s = (u8 *)&img->img_sign; 704 705 if (!(memcmp(s, k, hdr->sign_len) < 0)) 706 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD; 707 708 return ESBC_VALID_HDR; 709 } 710 711 static inline int str2longbe(const char *p, ulong *num) 712 { 713 char *endptr; 714 ulong tmp; 715 716 if (!p) { 717 return 0; 718 } else { 719 tmp = simple_strtoul(p, &endptr, 16); 720 if (sizeof(ulong) == 4) 721 *num = cpu_to_be32(tmp); 722 else 723 *num = cpu_to_be64(tmp); 724 } 725 726 return *p != '\0' && *endptr == '\0'; 727 } 728 /* Function to calculate the ESBC Image Hash 729 * and hash from Digital signature. 730 * The Two hash's are compared to yield the 731 * result of signature validation. 732 */ 733 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img) 734 { 735 int ret; 736 uint32_t key_len; 737 struct key_prop prop; 738 #if !defined(USE_HOSTCC) 739 struct udevice *mod_exp_dev; 740 #endif 741 ret = calc_esbchdr_esbc_hash(img); 742 if (ret) 743 return ret; 744 745 /* Construct encoded hash EM' wrt PKCSv1.5 */ 746 construct_img_encoded_hash_second(img); 747 748 /* Fill prop structure for public key */ 749 memset(&prop, 0, sizeof(struct key_prop)); 750 key_len = get_key_len(img) / 2; 751 prop.modulus = img->img_key; 752 prop.public_exponent = img->img_key + key_len; 753 prop.num_bits = key_len * 8; 754 prop.exp_len = key_len; 755 756 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev); 757 if (ret) { 758 printf("RSA: Can't find Modular Exp implementation\n"); 759 return -EINVAL; 760 } 761 762 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len, 763 &prop, img->img_encoded_hash); 764 if (ret) 765 return ret; 766 767 /* 768 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5 769 * memcmp returns zero on success 770 * memcmp returns non-zero on failure 771 */ 772 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash, 773 img->hdr.sign_len); 774 775 if (ret) 776 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM; 777 778 return 0; 779 } 780 781 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str, 782 uintptr_t img_addr) 783 { 784 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 785 ulong hash[SHA256_BYTES/sizeof(ulong)]; 786 char hash_str[NUM_HEX_CHARS + 1]; 787 struct fsl_secboot_img_priv *img; 788 struct fsl_secboot_img_hdr *hdr; 789 void *esbc; 790 int ret, i, hash_cmd = 0; 791 u32 srk_hash[8]; 792 793 if (arg_hash_str != NULL) { 794 const char *cp = arg_hash_str; 795 int i = 0; 796 797 if (*cp == '0' && *(cp + 1) == 'x') 798 cp += 2; 799 800 /* The input string expected is in hex, where 801 * each 4 bits would be represented by a hex 802 * sha256 hash is 256 bits long, which would mean 803 * num of characters = 256 / 4 804 */ 805 if (strlen(cp) != SHA256_NIBBLES) { 806 printf("%s is not a 256 bits hex string as expected\n", 807 arg_hash_str); 808 return -1; 809 } 810 811 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) { 812 strncpy(hash_str, cp + (i * NUM_HEX_CHARS), 813 NUM_HEX_CHARS); 814 hash_str[NUM_HEX_CHARS] = '\0'; 815 if (!str2longbe(hash_str, &hash[i])) { 816 printf("%s is not a 256 bits hex string ", 817 arg_hash_str); 818 return -1; 819 } 820 } 821 822 hash_cmd = 1; 823 } 824 825 img = malloc(sizeof(struct fsl_secboot_img_priv)); 826 827 if (!img) 828 return -1; 829 830 memset(img, 0, sizeof(struct fsl_secboot_img_priv)); 831 832 /* Update the information in Private Struct */ 833 hdr = &img->hdr; 834 img->ehdrloc = haddr; 835 img->img_addr = img_addr; 836 esbc = (u8 *)img->ehdrloc; 837 838 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); 839 840 /* read and validate esbc header */ 841 ret = read_validate_esbc_client_header(img); 842 843 if (ret != ESBC_VALID_HDR) { 844 fsl_secboot_handle_error(ret); 845 goto exit; 846 } 847 848 /* SRKH present in SFP */ 849 for (i = 0; i < NUM_SRKH_REGS; i++) 850 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]); 851 852 /* 853 * Calculate hash of key obtained via offset present in 854 * ESBC uboot client hdr 855 */ 856 ret = calc_img_key_hash(img); 857 if (ret) { 858 fsl_secblk_handle_error(ret); 859 goto exit; 860 } 861 862 /* Compare hash obtained above with SRK hash present in SFP */ 863 if (hash_cmd) 864 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES); 865 else 866 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES); 867 868 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 869 if (!hash_cmd && check_ie(img)) 870 ret = 0; 871 #endif 872 873 if (ret != 0) { 874 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY); 875 goto exit; 876 } 877 878 ret = calculate_cmp_img_sig(img); 879 if (ret) { 880 fsl_secboot_handle_error(ret); 881 goto exit; 882 } 883 884 exit: 885 return ret; 886 } 887