Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 01ea23906616c546d63af750c9b07e6ed69dd873 / . / drivers / auth / mbedtls / mbedtls_x509_parser.c
blob: b538c782b1992384c4c840f2f53178adacb54feb [file] [log] [blame]
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]1/*
Yann Gautierbb7ffdf2023-01-06 11:47:26 +0100[diff] [blame]2 * Copyright (c) 2015-2023, ARM Limited and Contributors. All rights reserved.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]3 *
dp-armfa3cf0b2017-05-03 09:38:09 +0100[diff] [blame]4 * SPDX-License-Identifier: BSD-3-Clause
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]5 */
6
7/*
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]8 * X509 parser based on mbed TLS
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]9 *
10 * This module implements functions to check the integrity of a X509v3
11 * certificate ASN.1 structure and extract authentication parameters from the
12 * extensions field, such as an image hash or a public key.
13 */
14
15#include <assert.h>
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]16#include <stddef.h>
17#include <stdint.h>
18#include <string.h>
19
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]20/* mbed TLS headers */
21#include <mbedtls/asn1.h>
22#include <mbedtls/oid.h>
23#include <mbedtls/platform.h>
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]24
Antonio Nino Diaze0f90632018-12-14 00:18:21 +0000[diff] [blame]25#include <arch_helpers.h>
26#include <drivers/auth/img_parser_mod.h>
27#include <drivers/auth/mbedtls/mbedtls_common.h>
28#include <lib/utils.h>
29
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]30/* Maximum OID string length ("a.b.c.d.e.f ...") */
31#define MAX_OID_STR_LEN 64
32
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]33#define LIB_NAME "mbed TLS X509v3"
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]34
35/* Temporary variables to speed up the authentication parameters search. These
36 * variables are assigned once during the integrity check and used any time an
37 * authentication parameter is requested, so we do not have to parse the image
38 * again */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]39static mbedtls_asn1_buf tbs;
40static mbedtls_asn1_buf v3_ext;
41static mbedtls_asn1_buf pk;
42static mbedtls_asn1_buf sig_alg;
43static mbedtls_asn1_buf signature;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]44
45/*
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]46 * Clear all static temporary variables.
47 */
48static void clear_temp_vars(void)
49{
50#define ZERO_AND_CLEAN(x) \
51 do { \
Douglas Raillarda8954fc2017-01-26 15:54:44 +0000[diff] [blame]52 zeromem(&x, sizeof(x)); \
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]53 clean_dcache_range((uintptr_t)&x, sizeof(x)); \
54 } while (0);
55
56 ZERO_AND_CLEAN(tbs)
57 ZERO_AND_CLEAN(v3_ext);
58 ZERO_AND_CLEAN(pk);
59 ZERO_AND_CLEAN(sig_alg);
60 ZERO_AND_CLEAN(signature);
61
62#undef ZERO_AND_CLEAN
63}
64
65/*
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]66 * Get X509v3 extension
67 *
68 * Global variable 'v3_ext' must point to the extensions region
69 * in the certificate. No need to check for errors since the image has passed
70 * the integrity check.
71 */
72static int get_ext(const char *oid, void **ext, unsigned int *ext_len)
73{
74 int oid_len;
75 size_t len;
76 unsigned char *end_ext_data, *end_ext_octet;
77 unsigned char *p;
78 const unsigned char *end;
79 char oid_str[MAX_OID_STR_LEN];
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]80 mbedtls_asn1_buf extn_oid;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]81 int is_critical;
82
83 assert(oid != NULL);
84
85 p = v3_ext.p;
86 end = v3_ext.p + v3_ext.len;
87
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]88 while (p < end) {
Douglas Raillarda8954fc2017-01-26 15:54:44 +0000[diff] [blame]89 zeromem(&extn_oid, sizeof(extn_oid));
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]90 is_critical = 0; /* DEFAULT FALSE */
91
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]92 mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
93 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]94 end_ext_data = p + len;
95
96 /* Get extension ID */
97 extn_oid.tag = *p;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]98 mbedtls_asn1_get_tag(&p, end, &extn_oid.len, MBEDTLS_ASN1_OID);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]99 extn_oid.p = p;
100 p += extn_oid.len;
101
102 /* Get optional critical */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]103 mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]104
105 /* Extension data */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]106 mbedtls_asn1_get_tag(&p, end_ext_data, &len,
107 MBEDTLS_ASN1_OCTET_STRING);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]108 end_ext_octet = p + len;
109
110 /* Detect requested extension */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]111 oid_len = mbedtls_oid_get_numeric_string(oid_str,
112 MAX_OID_STR_LEN,
113 &extn_oid);
Nicolas Toromanoff2d817a32020-12-23 16:01:25 +0100[diff] [blame]114 if ((oid_len == MBEDTLS_ERR_OID_BUF_TOO_SMALL) || (oid_len < 0)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]115 return IMG_PARSER_ERR;
116 }
Nicolas Toromanoff2d817a32020-12-23 16:01:25 +0100[diff] [blame]117 if (((size_t)oid_len == strlen(oid_str)) && !strcmp(oid, oid_str)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]118 *ext = (void *)p;
119 *ext_len = (unsigned int)len;
120 return IMG_PARSER_OK;
121 }
122
123 /* Next */
124 p = end_ext_octet;
125 }
126
127 return IMG_PARSER_ERR_NOT_FOUND;
128}
129
130
131/*
132 * Check the integrity of the certificate ASN.1 structure.
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]133 *
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]134 * Extract the relevant data that will be used later during authentication.
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]135 *
136 * This function doesn't clear the static variables located on the top of this
137 * file in case of an error. It is only called from check_integrity(), which
138 * performs the cleanup if necessary.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]139 */
140static int cert_parse(void *img, unsigned int img_len)
141{
142 int ret, is_critical;
143 size_t len;
Demi Marie Obenourb1342a22022-12-08 15:24:18 -0500[diff] [blame]144 unsigned char *p, *end, *crt_end, *pk_end;
Demi Marie Obenour139b84c2022-12-08 15:24:23 -0500[diff] [blame]145 mbedtls_asn1_buf sig_alg1;
Demi Marie Obenour83737b72022-12-08 15:23:50 -0500[diff] [blame]146 /*
147 * The unique ASN.1 DER encoding of [0] EXPLICIT INTEGER { v3(2} }.
148 */
149 static const char v3[] = {
150 /* The outer CONTEXT SPECIFIC 0 tag */
151 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0,
152 /* The number bytes used to encode the inner INTEGER */
153 3,
154 /* The tag of the inner INTEGER */
155 MBEDTLS_ASN1_INTEGER,
156 /* The number of bytes needed to represent 2 */
157 1,
158 /* The actual value 2 */
159 2,
160 };
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]161
162 p = (unsigned char *)img;
163 len = img_len;
Demi Marie Obenour01ea2392023-01-19 09:50:16 -0500[diff] [blame^]164 crt_end = p + len;
165 end = crt_end;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]166
167 /*
168 * Certificate ::= SEQUENCE {
169 * tbsCertificate TBSCertificate,
170 * signatureAlgorithm AlgorithmIdentifier,
171 * signatureValue BIT STRING }
172 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]173 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
174 MBEDTLS_ASN1_SEQUENCE);
Demi Marie Obenour01ea2392023-01-19 09:50:16 -0500[diff] [blame^]175 if ((ret != 0) || ((p + len) != end)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]176 return IMG_PARSER_ERR_FORMAT;
177 }
178
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]179 /*
180 * TBSCertificate ::= SEQUENCE {
181 */
182 tbs.p = p;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]183 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
184 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]185 if (ret != 0) {
186 return IMG_PARSER_ERR_FORMAT;
187 }
188 end = p + len;
189 tbs.len = end - tbs.p;
190
191 /*
Demi Marie Obenour83737b72022-12-08 15:23:50 -0500[diff] [blame]192 * Version ::= [0] EXPLICIT INTEGER { v1(0), v2(1), v3(2) }
193 * -- only v3 accepted
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]194 */
Demi Marie Obenour83737b72022-12-08 15:23:50 -0500[diff] [blame]195 if (((end - p) <= (ptrdiff_t)sizeof(v3)) ||
196 (memcmp(p, v3, sizeof(v3)) != 0)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]197 return IMG_PARSER_ERR_FORMAT;
198 }
Demi Marie Obenour83737b72022-12-08 15:23:50 -0500[diff] [blame]199 p += sizeof(v3);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]200
201 /*
202 * CertificateSerialNumber ::= INTEGER
203 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]204 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]205 if (ret != 0) {
206 return IMG_PARSER_ERR_FORMAT;
207 }
208 p += len;
209
210 /*
211 * signature AlgorithmIdentifier
212 */
213 sig_alg1.p = p;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]214 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
215 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]216 if (ret != 0) {
217 return IMG_PARSER_ERR_FORMAT;
218 }
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]219 sig_alg1.len = (p + len) - sig_alg1.p;
220 p += len;
221
222 /*
223 * issuer Name
224 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]225 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
226 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]227 if (ret != 0) {
228 return IMG_PARSER_ERR_FORMAT;
229 }
230 p += len;
231
232 /*
233 * Validity ::= SEQUENCE {
234 * notBefore Time,
235 * notAfter Time }
236 *
237 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]238 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
239 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]240 if (ret != 0) {
241 return IMG_PARSER_ERR_FORMAT;
242 }
243 p += len;
244
245 /*
246 * subject Name
247 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]248 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
249 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]250 if (ret != 0) {
251 return IMG_PARSER_ERR_FORMAT;
252 }
253 p += len;
254
255 /*
256 * SubjectPublicKeyInfo
257 */
258 pk.p = p;
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]259 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
260 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]261 if (ret != 0) {
262 return IMG_PARSER_ERR_FORMAT;
263 }
Demi Marie Obenourb1342a22022-12-08 15:24:18 -0500[diff] [blame]264 pk_end = p + len;
265 pk.len = pk_end - pk.p;
266
Demi Marie Obenour0587d9c2022-12-08 15:24:36 -0500[diff] [blame]267 /* algorithm */
Demi Marie Obenourb1342a22022-12-08 15:24:18 -0500[diff] [blame]268 ret = mbedtls_asn1_get_tag(&p, pk_end, &len, MBEDTLS_ASN1_CONSTRUCTED |
269 MBEDTLS_ASN1_SEQUENCE);
270 if (ret != 0) {
271 return IMG_PARSER_ERR_FORMAT;
272 }
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]273 p += len;
274
Demi Marie Obenour4d1610b2022-12-08 15:24:27 -0500[diff] [blame]275 /* Key is a BIT STRING and must use all bytes in SubjectPublicKeyInfo */
276 ret = mbedtls_asn1_get_bitstring_null(&p, pk_end, &len);
Demi Marie Obenourb1342a22022-12-08 15:24:18 -0500[diff] [blame]277 if ((ret != 0) || (p + len != pk_end)) {
278 return IMG_PARSER_ERR_FORMAT;
279 }
280 p = pk_end;
281
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]282 /*
283 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]284 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
Demi Marie Obenour221a6482023-01-19 09:46:55 -0500[diff] [blame]285 * -- technically these contain BIT STRINGs but that is not worth
286 * -- validating
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]287 */
Demi Marie Obenour221a6482023-01-19 09:46:55 -0500[diff] [blame]288 for (int i = 1; i < 3; i++) {
289 ret = mbedtls_asn1_get_tag(&p, end, &len,
290 MBEDTLS_ASN1_CONTEXT_SPECIFIC |
291 MBEDTLS_ASN1_CONSTRUCTED | i);
292 /*
293 * Unique IDs are obsolete, so MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
294 * is the common case.
295 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]296 if (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
Demi Marie Obenour221a6482023-01-19 09:46:55 -0500[diff] [blame]297 if (ret != 0) {
298 return IMG_PARSER_ERR_FORMAT;
299 }
300 p += len;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]301 }
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]302 }
303
304 /*
305 * extensions [3] EXPLICIT Extensions OPTIONAL
Demi Marie Obenour47a80552022-12-08 15:23:58 -0500[diff] [blame]306 * }
307 *
308 * X.509 and RFC5280 allow omitting the extensions entirely.
309 * However, in TF-A, a certificate with no extensions would
310 * always fail later on, as the extensions contain the
311 * information needed to authenticate the next stage in the
312 * boot chain. Furthermore, get_ext() assumes that the
313 * extensions have been parsed into v3_ext, and allowing
314 * there to be no extensions would pointlessly complicate
315 * the code. Therefore, just reject certificates without
316 * extensions. This is also why version 1 and 2 certificates
317 * are rejected above.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]318 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]319 ret = mbedtls_asn1_get_tag(&p, end, &len,
320 MBEDTLS_ASN1_CONTEXT_SPECIFIC |
321 MBEDTLS_ASN1_CONSTRUCTED | 3);
Demi Marie Obenourfa07d042022-12-08 15:23:56 -0500[diff] [blame]322 if ((ret != 0) || (len != (size_t)(end - p))) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]323 return IMG_PARSER_ERR_FORMAT;
324 }
325
326 /*
327 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Demi Marie Obenourfa07d042022-12-08 15:23:56 -0500[diff] [blame]328 * -- must use all remaining bytes in TBSCertificate
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]329 */
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]330 ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
331 MBEDTLS_ASN1_SEQUENCE);
Demi Marie Obenourfa07d042022-12-08 15:23:56 -0500[diff] [blame]332 if ((ret != 0) || (len != (size_t)(end - p))) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]333 return IMG_PARSER_ERR_FORMAT;
334 }
Demi Marie Obenour0587d9c2022-12-08 15:24:36 -0500[diff] [blame]335 v3_ext.p = p;
336 v3_ext.len = len;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]337
338 /*
Demi Marie Obenour47a80552022-12-08 15:23:58 -0500[diff] [blame]339 * Check extensions integrity. At least one extension is
340 * required: the ASN.1 specifies a minimum size of 1, and at
341 * least one extension is needed to authenticate the next stage
342 * in the boot chain.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]343 */
Demi Marie Obenour47a80552022-12-08 15:23:58 -0500[diff] [blame]344 do {
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]345 unsigned char *end_ext_data;
346
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]347 ret = mbedtls_asn1_get_tag(&p, end, &len,
348 MBEDTLS_ASN1_CONSTRUCTED |
349 MBEDTLS_ASN1_SEQUENCE);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]350 if (ret != 0) {
351 return IMG_PARSER_ERR_FORMAT;
352 }
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]353 end_ext_data = p + len;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]354
355 /* Get extension ID */
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]356 ret = mbedtls_asn1_get_tag(&p, end_ext_data, &len, MBEDTLS_ASN1_OID);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]357 if (ret != 0) {
358 return IMG_PARSER_ERR_FORMAT;
359 }
360 p += len;
361
362 /* Get optional critical */
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]363 ret = mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]364 if ((ret != 0) && (ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]365 return IMG_PARSER_ERR_FORMAT;
366 }
367
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]368 /*
369 * Data should be octet string type and must use all bytes in
370 * the Extension.
371 */
372 ret = mbedtls_asn1_get_tag(&p, end_ext_data, &len,
Juan Castillobae6b2a2015-11-05 09:24:53 +0000[diff] [blame]373 MBEDTLS_ASN1_OCTET_STRING);
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]374 if ((ret != 0) || ((p + len) != end_ext_data)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]375 return IMG_PARSER_ERR_FORMAT;
376 }
Demi Marie Obenour6cb3ef22022-12-09 17:19:08 -0500[diff] [blame]377 p = end_ext_data;
Demi Marie Obenour47a80552022-12-08 15:23:58 -0500[diff] [blame]378 } while (p < end);
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]379
380 if (p != end) {
381 return IMG_PARSER_ERR_FORMAT;
382 }
383
384 end = crt_end;
385
386 /*
387 * }
388 * -- end of TBSCertificate
389 *
390 * signatureAlgorithm AlgorithmIdentifier
Demi Marie Obenour139b84c2022-12-08 15:24:23 -0500[diff] [blame]391 * -- Does not need to be parsed. Ensuring it is bitwise
392 * -- identical (including the tag!) with the first signature
393 * -- algorithm is sufficient.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]394 */
Demi Marie Obenour139b84c2022-12-08 15:24:23 -0500[diff] [blame]395 if ((sig_alg1.len >= (size_t)(end - p)) ||
396 (0 != memcmp(sig_alg1.p, p, sig_alg1.len))) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]397 return IMG_PARSER_ERR_FORMAT;
398 }
Demi Marie Obenour139b84c2022-12-08 15:24:23 -0500[diff] [blame]399 p += sig_alg1.len;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]400 memcpy(&sig_alg, &sig_alg1, sizeof(sig_alg));
401
402 /*
403 * signatureValue BIT STRING
Demi Marie Obenour01ea2392023-01-19 09:50:16 -0500[diff] [blame^]404 * } -- must consume all bytes
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]405 */
406 signature.p = p;
Demi Marie Obenour4d1610b2022-12-08 15:24:27 -0500[diff] [blame]407 ret = mbedtls_asn1_get_bitstring_null(&p, end, &len);
Demi Marie Obenour01ea2392023-01-19 09:50:16 -0500[diff] [blame^]408 if ((ret != 0) || ((p + len) != end)) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]409 return IMG_PARSER_ERR_FORMAT;
410 }
Demi Marie Obenour01ea2392023-01-19 09:50:16 -0500[diff] [blame^]411 signature.len = end - signature.p;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]412
413 return IMG_PARSER_OK;
414}
415
416
417/* Exported functions */
418
419static void init(void)
420{
421 mbedtls_init();
422}
423
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]424/*
425 * Wrapper for cert_parse() that clears the static variables used by it in case
426 * of an error.
427 */
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]428static int check_integrity(void *img, unsigned int img_len)
429{
Antonio Nino Diaz30eb9672017-01-13 15:03:19 +0000[diff] [blame]430 int rc = cert_parse(img, img_len);
431
432 if (rc != IMG_PARSER_OK)
433 clear_temp_vars();
434
435 return rc;
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]436}
437
438/*
439 * Extract an authentication parameter from an X509v3 certificate
Juan Castillobfb7fa62016-01-22 11:05:57 +0000[diff] [blame]440 *
441 * This function returns a pointer to the extracted data and its length.
442 * Depending on the type of parameter, a pointer to the data stored in the
443 * certificate may be returned (i.e. an octet string containing a hash). Other
444 * data may need to be copied and formatted (i.e. integers). In the later case,
445 * a buffer of the correct type needs to be statically allocated, filled and
446 * returned.
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]447 */
448static int get_auth_param(const auth_param_type_desc_t *type_desc,
449 void *img, unsigned int img_len,
450 void **param, unsigned int *param_len)
451{
452 int rc = IMG_PARSER_OK;
453
454 /* We do not use img because the check_integrity function has already
455 * extracted the relevant data (v3_ext, pk, sig_alg, etc) */
456
457 switch (type_desc->type) {
458 case AUTH_PARAM_RAW_DATA:
459 /* Data to be signed */
460 *param = (void *)tbs.p;
461 *param_len = (unsigned int)tbs.len;
462 break;
463 case AUTH_PARAM_HASH:
Juan Castillobfb7fa62016-01-22 11:05:57 +0000[diff] [blame]464 case AUTH_PARAM_NV_CTR:
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]465 /* All these parameters are included as X509v3 extensions */
466 rc = get_ext(type_desc->cookie, param, param_len);
467 break;
468 case AUTH_PARAM_PUB_KEY:
Yann Gautierbb7ffdf2023-01-06 11:47:26 +0100[diff] [blame]469 if (type_desc->cookie != NULL) {
Juan Castilloa57a4d52015-04-02 15:44:20 +0100[diff] [blame]470 /* Get public key from extension */
471 rc = get_ext(type_desc->cookie, param, param_len);
472 } else {
473 /* Get the subject public key */
474 *param = (void *)pk.p;
475 *param_len = (unsigned int)pk.len;
476 }
477 break;
478 case AUTH_PARAM_SIG_ALG:
479 /* Get the certificate signature algorithm */
480 *param = (void *)sig_alg.p;
481 *param_len = (unsigned int)sig_alg.len;
482 break;
483 case AUTH_PARAM_SIG:
484 /* Get the certificate signature */
485 *param = (void *)signature.p;
486 *param_len = (unsigned int)signature.len;
487 break;
488 default:
489 rc = IMG_PARSER_ERR_NOT_FOUND;
490 break;
491 }
492
493 return rc;
494}
495
496REGISTER_IMG_PARSER_LIB(IMG_CERT, LIB_NAME, init, \
497 check_integrity, get_auth_param);