| /* |
| * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions are met: |
| * |
| * Redistributions of source code must retain the above copyright notice, this |
| * list of conditions and the following disclaimer. |
| * |
| * Redistributions in binary form must reproduce the above copyright notice, |
| * this list of conditions and the following disclaimer in the documentation |
| * and/or other materials provided with the distribution. |
| * |
| * Neither the name of ARM nor the names of its contributors may be used |
| * to endorse or promote products derived from this software without specific |
| * prior written permission. |
| * |
| * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
| * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
| * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| * POSSIBILITY OF SUCH DAMAGE. |
| */ |
| |
| /* Authentication module based on PolarSSL */ |
| |
| #include <stddef.h> |
| |
| #include <assert.h> |
| #include <auth.h> |
| #include <debug.h> |
| #include <platform.h> |
| #include <platform_def.h> |
| #include <platform_oid.h> |
| |
| #include <polarssl/memory_buffer_alloc.h> |
| #include <polarssl/oid.h> |
| #include <polarssl/platform.h> |
| #include <polarssl/sha256.h> |
| #include <polarssl/x509_crt.h> |
| |
| /* |
| * At each authentication stage, the module is responsible for extracting and |
| * storing those elements (keys, hashes, etc.) that will be needed later on |
| * during the Trusted Boot process. |
| */ |
| |
| /* SHA256 algorithm */ |
| #define SHA_BYTES 32 |
| |
| /* |
| * An 8 KB stack has been proven to be enough for the current Trusted Boot |
| * process |
| */ |
| #define POLARSSL_HEAP_SIZE (8*1024) |
| static unsigned char heap[POLARSSL_HEAP_SIZE]; |
| |
| /* |
| * RSA public keys: |
| * SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3 |
| * algorithm AlgorithmIdentifier, 1 + 1 (sequence) |
| * + 1 + 1 + 9 (rsa oid) |
| * + 1 + 1 (params null) |
| * subjectPublicKey BIT STRING } 1 + 3 + (1 + below) |
| * RSAPublicKey ::= SEQUENCE { 1 + 3 |
| * modulus INTEGER, -- n 1 + 3 + MPI_MAX + 1 |
| * publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1 |
| * } |
| * |
| * POLARSSL_MPI_MAX_SIZE is set to 256 bytes (RSA-2048 bit keys) in the |
| * configuration file |
| */ |
| #define RSA_PUB_DER_MAX_BYTES 38 + 2 * POLARSSL_MPI_MAX_SIZE |
| |
| /* |
| * Buffer for storing public keys extracted from certificates while they are |
| * verified |
| */ |
| static unsigned char pk_buf[RSA_PUB_DER_MAX_BYTES]; |
| |
| /* We use this variable to parse and authenticate the certificates */ |
| static x509_crt cert; |
| |
| /* BL specific variables */ |
| #if IMAGE_BL1 |
| static unsigned char sha_bl2[SHA_BYTES]; |
| #elif IMAGE_BL2 |
| /* Buffers to store the hash of BL3-x images */ |
| static unsigned char sha_bl30[SHA_BYTES]; |
| static unsigned char sha_bl31[SHA_BYTES]; |
| static unsigned char sha_bl32[SHA_BYTES]; |
| static unsigned char sha_bl33[SHA_BYTES]; |
| /* Buffers to store the Trusted and Non-Trusted world public keys */ |
| static unsigned char tz_world_pk[RSA_PUB_DER_MAX_BYTES]; |
| static unsigned char ntz_world_pk[RSA_PUB_DER_MAX_BYTES]; |
| static size_t tz_world_pk_len, ntz_world_pk_len; |
| /* Buffer to store the BL3-x public keys */ |
| static unsigned char content_pk[RSA_PUB_DER_MAX_BYTES]; |
| static size_t content_pk_len; |
| #endif |
| |
| |
| static int x509_get_crt_ext_data(const unsigned char **ext_data, |
| size_t *ext_len, |
| x509_crt *crt, |
| const char *oid) |
| { |
| int ret; |
| size_t len; |
| unsigned char *end_ext_data, *end_ext_octet; |
| unsigned char *p; |
| const unsigned char *end; |
| char oid_str[64]; |
| |
| p = crt->v3_ext.p; |
| end = crt->v3_ext.p + crt->v3_ext.len; |
| |
| ret = asn1_get_tag(&p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE); |
| if (ret != 0) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret; |
| |
| if (end != p + len) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + |
| POLARSSL_ERR_ASN1_LENGTH_MISMATCH; |
| |
| while (p < end) { |
| /* |
| * Extension ::= SEQUENCE { |
| * extnID OBJECT IDENTIFIER, |
| * critical BOOLEAN DEFAULT FALSE, |
| * extnValue OCTET STRING } |
| */ |
| x509_buf extn_oid = {0, 0, NULL}; |
| int is_critical = 0; /* DEFAULT FALSE */ |
| |
| ret = asn1_get_tag(&p, end, &len, |
| ASN1_CONSTRUCTED | ASN1_SEQUENCE); |
| if (ret != 0) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret; |
| |
| end_ext_data = p + len; |
| |
| /* Get extension ID */ |
| extn_oid.tag = *p; |
| |
| ret = asn1_get_tag(&p, end, &extn_oid.len, ASN1_OID); |
| if (ret != 0) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret; |
| |
| extn_oid.p = p; |
| p += extn_oid.len; |
| |
| if ((end - p) < 1) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + |
| POLARSSL_ERR_ASN1_OUT_OF_DATA; |
| |
| /* Get optional critical */ |
| ret = asn1_get_bool(&p, end_ext_data, &is_critical); |
| if (ret != 0 && (ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG)) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret; |
| |
| /* Data should be octet string type */ |
| ret = asn1_get_tag(&p, end_ext_data, &len, ASN1_OCTET_STRING); |
| if (ret != 0) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret; |
| |
| end_ext_octet = p + len; |
| |
| if (end_ext_octet != end_ext_data) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + |
| POLARSSL_ERR_ASN1_LENGTH_MISMATCH; |
| |
| /* Detect requested extension */ |
| oid_get_numeric_string(oid_str, 64, &extn_oid); |
| if (memcmp(oid, oid_str, sizeof(oid)) == 0) { |
| *ext_data = p; |
| *ext_len = len; |
| return 0; |
| } |
| |
| /* Next */ |
| p = end_ext_octet; |
| } |
| |
| if (p != end) |
| return POLARSSL_ERR_X509_INVALID_EXTENSIONS + |
| POLARSSL_ERR_ASN1_LENGTH_MISMATCH; |
| |
| return POLARSSL_ERR_X509_UNKNOWN_OID; |
| } |
| |
| #if IMAGE_BL1 |
| /* |
| * Parse and verify the BL2 certificate |
| * |
| * This function verifies the integrity of the BL2 certificate, checks that it |
| * has been signed with the ROT key and extracts the BL2 hash stored in the |
| * certificate so it can be matched later against the calculated hash. |
| * |
| * Return: 0 = success, Otherwise = error |
| */ |
| static int check_bl2_cert(unsigned char *buf, size_t len) |
| { |
| const unsigned char *p; |
| size_t sz; |
| int err, flags; |
| |
| x509_crt_init(&cert); |
| |
| /* Parse the BL2 certificate */ |
| err = x509_crt_parse(&cert, buf, len); |
| if (err) { |
| ERROR("BL2 certificate parse error %d.\n", err); |
| goto error; |
| } |
| |
| /* Check that it has been signed with the ROT key */ |
| err = pk_write_pubkey_der(&cert.pk, pk_buf, sizeof(pk_buf)); |
| if (err < 0) { |
| ERROR("Error loading ROT key in DER format %d.\n", err); |
| goto error; |
| } |
| |
| sz = (size_t)err; |
| p = pk_buf + sizeof(pk_buf) - sz; |
| |
| err = plat_match_rotpk(p, sz); |
| if (err) { |
| ERROR("ROT and BL2 certificate key mismatch\n"); |
| goto error; |
| } |
| |
| /* Verify certificate */ |
| err = x509_crt_verify(&cert, &cert, NULL, NULL, &flags, NULL, NULL); |
| if (err) { |
| ERROR("BL2 certificate verification error %d. Flags: 0x%x.\n", |
| err, flags); |
| goto error; |
| } |
| |
| /* Extract BL2 image hash from certificate */ |
| err = x509_get_crt_ext_data(&p, &sz, &cert, BL2_HASH_OID); |
| if (err) { |
| ERROR("Cannot read BL2 hash from certificate\n"); |
| goto error; |
| } |
| |
| assert(sz == SHA_BYTES + 2); |
| |
| /* Skip the tag and length bytes and copy the hash */ |
| p += 2; |
| memcpy(sha_bl2, p, SHA_BYTES); |
| |
| error: |
| x509_crt_free(&cert); |
| |
| return err; |
| } |
| #endif /* IMAGE_BL1 */ |
| |
| #if IMAGE_BL2 |
| static int check_trusted_key_cert(unsigned char *buf, size_t len) |
| { |
| const unsigned char *p; |
| size_t sz; |
| int err, flags; |
| |
| x509_crt_init(&cert); |
| |
| /* Parse the Trusted Key certificate */ |
| err = x509_crt_parse(&cert, buf, len); |
| if (err) { |
| ERROR("Trusted Key certificate parse error %d.\n", err); |
| goto error; |
| } |
| |
| /* Verify Trusted Key certificate */ |
| err = x509_crt_verify(&cert, &cert, NULL, NULL, &flags, NULL, NULL); |
| if (err) { |
| ERROR("Trusted Key certificate verification error %d. Flags: " |
| "0x%x.\n", err, flags); |
| goto error; |
| } |
| |
| /* Check that it has been signed with the ROT key */ |
| err = pk_write_pubkey_der(&cert.pk, pk_buf, sizeof(pk_buf)); |
| if (err < 0) { |
| ERROR("Error loading ROT key in DER format %d.\n", err); |
| goto error; |
| } |
| |
| sz = (size_t)err; |
| p = pk_buf + sizeof(pk_buf) - sz; |
| |
| if (plat_match_rotpk(p, sz)) { |
| ERROR("ROT and Trusted Key certificate key mismatch\n"); |
| goto error; |
| } |
| |
| /* Extract Trusted World key from extensions */ |
| err = x509_get_crt_ext_data(&p, &tz_world_pk_len, |
| &cert, TZ_WORLD_PK_OID); |
| if (err) { |
| ERROR("Cannot read Trusted World key\n"); |
| goto error; |
| } |
| |
| assert(tz_world_pk_len <= RSA_PUB_DER_MAX_BYTES); |
| memcpy(tz_world_pk, p, tz_world_pk_len); |
| |
| /* Extract Non-Trusted World key from extensions */ |
| err = x509_get_crt_ext_data(&p, &ntz_world_pk_len, |
| &cert, NTZ_WORLD_PK_OID); |
| if (err) { |
| ERROR("Cannot read Non-Trusted World key\n"); |
| goto error; |
| } |
| |
| assert(tz_world_pk_len <= RSA_PUB_DER_MAX_BYTES); |
| memcpy(ntz_world_pk, p, ntz_world_pk_len); |
| |
| error: |
| x509_crt_free(&cert); |
| |
| return err; |
| } |
| |
| static int check_bl3x_key_cert(const unsigned char *buf, size_t len, |
| const unsigned char *i_key, size_t i_key_len, |
| unsigned char *s_key, size_t *s_key_len, |
| const char *key_oid) |
| { |
| const unsigned char *p; |
| size_t sz; |
| int err, flags; |
| |
| x509_crt_init(&cert); |
| |
| /* Parse key certificate */ |
| err = x509_crt_parse(&cert, buf, len); |
| if (err) { |
| ERROR("Key certificate parse error %d.\n", err); |
| goto error; |
| } |
| |
| /* Verify certificate */ |
| err = x509_crt_verify(&cert, &cert, NULL, NULL, &flags, NULL, NULL); |
| if (err) { |
| ERROR("Key certificate verification error %d. Flags: " |
| "0x%x.\n", err, flags); |
| goto error; |
| } |
| |
| /* Check that the certificate has been signed by the issuer */ |
| err = pk_write_pubkey_der(&cert.pk, pk_buf, sizeof(pk_buf)); |
| if (err < 0) { |
| ERROR("Error loading key in DER format %d.\n", err); |
| goto error; |
| } |
| |
| sz = (size_t)err; |
| p = pk_buf + sizeof(pk_buf) - sz; |
| if ((sz != i_key_len) || memcmp(p, i_key, sz)) { |
| ERROR("Key certificate not signed with issuer key\n"); |
| err = 1; |
| goto error; |
| } |
| |
| /* Get the content certificate key */ |
| err = x509_get_crt_ext_data(&p, &sz, &cert, key_oid); |
| if (err) { |
| ERROR("Extension %s not found in Key certificate\n", key_oid); |
| goto error; |
| } |
| |
| assert(sz <= RSA_PUB_DER_MAX_BYTES); |
| memcpy(s_key, p, sz); |
| *s_key_len = sz; |
| |
| error: |
| x509_crt_free(&cert); |
| |
| return err; |
| } |
| |
| static int check_bl3x_cert(unsigned char *buf, size_t len, |
| const unsigned char *i_key, size_t i_key_len, |
| const char *hash_oid, unsigned char *sha) |
| { |
| const unsigned char *p; |
| size_t sz; |
| int err, flags; |
| |
| x509_crt_init(&cert); |
| |
| /* Parse BL31 content certificate */ |
| err = x509_crt_parse(&cert, buf, len); |
| if (err) { |
| ERROR("Content certificate parse error %d.\n", err); |
| goto error; |
| } |
| |
| /* Verify certificate */ |
| err = x509_crt_verify(&cert, &cert, NULL, NULL, &flags, NULL, NULL); |
| if (err) { |
| ERROR("Content certificate verification error %d. Flags: " |
| "0x%x.\n", err, flags); |
| goto error; |
| } |
| |
| /* Check that content certificate has been signed with the content |
| * certificate key corresponding to this image */ |
| sz = pk_write_pubkey_der(&cert.pk, pk_buf, sizeof(pk_buf)); |
| p = pk_buf + sizeof(pk_buf) - sz; |
| |
| if ((sz != i_key_len) || memcmp(p, i_key, sz)) { |
| ERROR("Content certificate not signed with content " |
| "certificate key\n"); |
| err = 1; |
| goto error; |
| } |
| |
| /* Extract image hash from certificate */ |
| err = x509_get_crt_ext_data(&p, &sz, &cert, hash_oid); |
| if (err) { |
| ERROR("Cannot read hash from certificate\n"); |
| goto error; |
| } |
| |
| assert(sz == SHA_BYTES + 2); |
| |
| /* Skip the tag and length bytes and copy the hash */ |
| p += 2; |
| memcpy(sha, p, SHA_BYTES); |
| |
| error: |
| x509_crt_free(&cert); |
| |
| return err; |
| } |
| #endif /* IMAGE_BL2 */ |
| |
| /* |
| * Calculate the hash of the image and check it against the hash extracted |
| * previously from the certificate |
| * |
| * Parameters: |
| * buf: buffer where image is loaded |
| * len: size of the image |
| * sha: matching hash (extracted from the image certificate) |
| * |
| * Return: 0 = match, Otherwise = mismatch |
| */ |
| static int check_bl_img(unsigned char *buf, size_t len, |
| const unsigned char *sha) |
| { |
| unsigned char img_sha[SHA_BYTES]; |
| |
| /* Calculate the hash of the image */ |
| sha256(buf, len, img_sha, 0); |
| |
| /* Match the hash with the one extracted from the certificate */ |
| if (memcmp(img_sha, sha, SHA_BYTES)) { |
| ERROR("Image hash mismatch\n"); |
| return 1; |
| } |
| |
| return 0; |
| } |
| |
| /* |
| * Object verification function |
| * |
| * The id parameter will indicate the expected format of the object |
| * (certificate, image, etc). |
| * |
| * Return: 0 = success, Otherwise = error |
| */ |
| static int polarssl_mod_verify(unsigned int id, uintptr_t obj, size_t len) |
| { |
| int ret; |
| |
| switch (id) { |
| #if IMAGE_BL1 |
| case AUTH_BL2_IMG_CERT: |
| ret = check_bl2_cert((unsigned char *)obj, len); |
| break; |
| case AUTH_BL2_IMG: |
| ret = check_bl_img((unsigned char *)obj, len, sha_bl2); |
| break; |
| #endif /* IMAGE_BL1 */ |
| |
| #if IMAGE_BL2 |
| case AUTH_TRUSTED_KEY_CERT: |
| ret = check_trusted_key_cert((unsigned char *)obj, len); |
| break; |
| case AUTH_BL30_KEY_CERT: |
| ret = check_bl3x_key_cert((unsigned char *)obj, len, |
| tz_world_pk, tz_world_pk_len, |
| content_pk, &content_pk_len, |
| BL30_CONTENT_CERT_PK_OID); |
| break; |
| case AUTH_BL31_KEY_CERT: |
| ret = check_bl3x_key_cert((unsigned char *)obj, len, |
| tz_world_pk, tz_world_pk_len, |
| content_pk, &content_pk_len, |
| BL31_CONTENT_CERT_PK_OID); |
| break; |
| case AUTH_BL32_KEY_CERT: |
| ret = check_bl3x_key_cert((unsigned char *)obj, len, |
| tz_world_pk, tz_world_pk_len, |
| content_pk, &content_pk_len, |
| BL32_CONTENT_CERT_PK_OID); |
| break; |
| case AUTH_BL33_KEY_CERT: |
| ret = check_bl3x_key_cert((unsigned char *)obj, len, |
| ntz_world_pk, ntz_world_pk_len, |
| content_pk, &content_pk_len, |
| BL33_CONTENT_CERT_PK_OID); |
| break; |
| case AUTH_BL30_IMG_CERT: |
| ret = check_bl3x_cert((unsigned char *)obj, len, |
| content_pk, content_pk_len, |
| BL30_HASH_OID, sha_bl30); |
| break; |
| case AUTH_BL31_IMG_CERT: |
| ret = check_bl3x_cert((unsigned char *)obj, len, |
| content_pk, content_pk_len, |
| BL31_HASH_OID, sha_bl31); |
| break; |
| case AUTH_BL32_IMG_CERT: |
| ret = check_bl3x_cert((unsigned char *)obj, len, |
| content_pk, content_pk_len, |
| BL32_HASH_OID, sha_bl32); |
| break; |
| case AUTH_BL33_IMG_CERT: |
| ret = check_bl3x_cert((unsigned char *)obj, len, |
| content_pk, content_pk_len, |
| BL33_HASH_OID, sha_bl33); |
| break; |
| case AUTH_BL30_IMG: |
| ret = check_bl_img((unsigned char *)obj, len, sha_bl30); |
| break; |
| case AUTH_BL31_IMG: |
| ret = check_bl_img((unsigned char *)obj, len, sha_bl31); |
| break; |
| case AUTH_BL32_IMG: |
| ret = check_bl_img((unsigned char *)obj, len, sha_bl32); |
| break; |
| case AUTH_BL33_IMG: |
| ret = check_bl_img((unsigned char *)obj, len, sha_bl33); |
| break; |
| #endif /* IMAGE_BL2 */ |
| default: |
| ret = -1; |
| break; |
| } |
| |
| return ret; |
| } |
| |
| /* |
| * Module initialization function |
| * |
| * Return: 0 = success, Otherwise = error |
| */ |
| static int polarssl_mod_init(void) |
| { |
| /* Initialize the PolarSSL heap */ |
| return memory_buffer_alloc_init(heap, POLARSSL_HEAP_SIZE); |
| } |
| |
| const auth_mod_t auth_mod = { |
| .name = "PolarSSL", |
| .init = polarssl_mod_init, |
| .verify = polarssl_mod_verify |
| }; |