blob: 513f33f32bd6f0cb0565db19dd87ea086212dda6 [file] [log] [blame]
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001/*
2 * Copyright (C) 2018 Marvell International Ltd.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 * https://spdx.org/licenses
6 */
7
8#include <stdlib.h>
9#include <stdio.h>
10#include <stdint.h>
11#include <stddef.h>
12#include <string.h>
13#include <unistd.h>
14#include <sys/stat.h>
15#include <sys/time.h>
16
17#ifdef CONFIG_MVEBU_SECURE_BOOT
18#include <libconfig.h> /* for parsing config file */
19
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +020020/* mbedTLS stuff */
21#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
22 defined(MBEDTLS_SHA256_C) && \
23 defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
24 defined(MBEDTLS_CTR_DRBG_C)
25#include <mbedtls/error.h>
26#include <mbedtls/entropy.h>
27#include <mbedtls/ctr_drbg.h>
28#include <mbedtls/md.h>
29#include <mbedtls/pk.h>
30#include <mbedtls/sha256.h>
Govindraj Raja9c7dfb02023-01-11 18:34:58 +000031#include <mbedtls/version.h>
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +020032#include <mbedtls/x509.h>
33#else
34#error "Bad mbedTLS configuration!"
35#endif
36#endif /* CONFIG_MVEBU_SECURE_BOOT */
37
38#define MAX_FILENAME 256
39#define CSK_ARR_SZ 16
40#define CSK_ARR_EMPTY_FILE "*"
41#define AES_KEY_BIT_LEN 256
42#define AES_KEY_BYTE_LEN (AES_KEY_BIT_LEN >> 3)
43#define AES_BLOCK_SZ 16
44#define RSA_SIGN_BYTE_LEN 256
45#define MAX_RSA_DER_BYTE_LEN 524
46/* Number of address pairs in control array */
47#define CP_CTRL_EL_ARRAY_SZ 32
48
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +030049#define VERSION_STRING "Marvell(C) doimage utility version 3.3"
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +020050
51/* A8K definitions */
52
53/* Extension header types */
54#define EXT_TYPE_SECURITY 0x1
55#define EXT_TYPE_BINARY 0x2
56
57#define MAIN_HDR_MAGIC 0xB105B002
58
59/* PROLOG alignment considerations:
60 * 128B: To allow supporting XMODEM protocol.
61 * 8KB: To align the boot image to the largest NAND page size, and simplify
62 * the read operations from NAND.
63 * We choose the largest page size, in order to use a single image for all
64 * NAND page sizes.
65 */
66#define PROLOG_ALIGNMENT (8 << 10)
67
68/* UART argument bitfield */
69#define UART_MODE_UNMODIFIED 0x0
70#define UART_MODE_DISABLE 0x1
71#define UART_MODE_UPDATE 0x2
72
73typedef struct _main_header {
74 uint32_t magic; /* 0-3 */
75 uint32_t prolog_size; /* 4-7 */
76 uint32_t prolog_checksum; /* 8-11 */
77 uint32_t boot_image_size; /* 12-15 */
78 uint32_t boot_image_checksum; /* 16-19 */
79 uint32_t rsrvd0; /* 20-23 */
80 uint32_t load_addr; /* 24-27 */
81 uint32_t exec_addr; /* 28-31 */
82 uint8_t uart_cfg; /* 32 */
83 uint8_t baudrate; /* 33 */
84 uint8_t ext_count; /* 34 */
85 uint8_t aux_flags; /* 35 */
86 uint32_t io_arg_0; /* 36-39 */
87 uint32_t io_arg_1; /* 40-43 */
88 uint32_t io_arg_2; /* 43-47 */
89 uint32_t io_arg_3; /* 48-51 */
90 uint32_t rsrvd1; /* 52-55 */
91 uint32_t rsrvd2; /* 56-59 */
92 uint32_t rsrvd3; /* 60-63 */
93} header_t;
94
95typedef struct _ext_header {
96 uint8_t type;
97 uint8_t offset;
98 uint16_t reserved;
99 uint32_t size;
100} ext_header_t;
101
102typedef struct _sec_entry {
103 uint8_t kak_key[MAX_RSA_DER_BYTE_LEN];
104 uint32_t jtag_delay;
105 uint32_t box_id;
106 uint32_t flash_id;
107 uint32_t jtag_en;
108 uint32_t encrypt_en;
109 uint32_t efuse_dis;
110 uint8_t header_sign[RSA_SIGN_BYTE_LEN];
111 uint8_t image_sign[RSA_SIGN_BYTE_LEN];
112 uint8_t csk_keys[CSK_ARR_SZ][MAX_RSA_DER_BYTE_LEN];
113 uint8_t csk_sign[RSA_SIGN_BYTE_LEN];
114 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ];
115 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ];
116} sec_entry_t;
117
118/* A8K definitions end */
119
120/* UART argument bitfield */
121#define UART_MODE_UNMODIFIED 0x0
122#define UART_MODE_DISABLE 0x1
123#define UART_MODE_UPDATE 0x2
124
125#define uart_set_mode(arg, mode) (arg |= (mode & 0x3))
126
127typedef struct _sec_options {
128#ifdef CONFIG_MVEBU_SECURE_BOOT
129 char aes_key_file[MAX_FILENAME+1];
130 char kak_key_file[MAX_FILENAME+1];
131 char csk_key_file[CSK_ARR_SZ][MAX_FILENAME+1];
132 uint32_t box_id;
133 uint32_t flash_id;
134 uint32_t jtag_delay;
135 uint8_t csk_index;
136 uint8_t jtag_enable;
137 uint8_t efuse_disable;
138 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ];
139 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ];
140 mbedtls_pk_context kak_pk;
141 mbedtls_pk_context csk_pk[CSK_ARR_SZ];
142 uint8_t aes_key[AES_KEY_BYTE_LEN];
143 uint8_t *encrypted_image;
144 uint32_t enc_image_sz;
145#endif
146} sec_options;
147
148typedef struct _options {
149 char bin_ext_file[MAX_FILENAME+1];
150 char sec_cfg_file[MAX_FILENAME+1];
151 sec_options *sec_opts;
152 uint32_t load_addr;
153 uint32_t exec_addr;
154 uint32_t baudrate;
155 uint8_t disable_print;
156 int8_t key_index; /* For header signatures verification only */
157 uint32_t nfc_io_args;
158} options_t;
159
160void usage_err(char *msg)
161{
162 fprintf(stderr, "Error: %s\n", msg);
163 fprintf(stderr, "run 'doimage -h' to get usage information\n");
164 exit(-1);
165}
166
167void usage(void)
168{
169 printf("\n\n%s\n\n", VERSION_STRING);
170 printf("Usage: doimage [options] <input_file> [output_file]\n");
171 printf("create bootrom image from u-boot and boot extensions\n\n");
172
173 printf("Arguments\n");
174 printf(" input_file name of boot image file.\n");
175 printf(" if -p is used, name of the bootrom image file");
176 printf(" to parse.\n");
177 printf(" output_file name of output bootrom image file\n");
178
179 printf("\nOptions\n");
180 printf(" -s target SOC name. supports a8020,a7020\n");
181 printf(" different SOCs may have different boot image\n");
182 printf(" format so it's mandatory to know the target SOC\n");
183 printf(" -i boot I/F name. supports nand, spi, nor\n");
184 printf(" This affects certain parameters coded in the\n");
185 printf(" image header\n");
186 printf(" -l boot image load address. default is 0x0\n");
187 printf(" -e boot image entry address. default is 0x0\n");
188 printf(" -b binary extension image file.\n");
189 printf(" This image is executed before the boot image.\n");
190 printf(" This is typically used to initialize the memory ");
191 printf(" controller.\n");
192 printf(" Currently supports only a single file.\n");
193#ifdef CONFIG_MVEBU_SECURE_BOOT
194 printf(" -c Make trusted boot image using parameters\n");
195 printf(" from the configuration file.\n");
196#endif
197 printf(" -p Parse and display a pre-built boot image\n");
198#ifdef CONFIG_MVEBU_SECURE_BOOT
199 printf(" -k Key index for RSA signatures verification\n");
200 printf(" when parsing the boot image\n");
201#endif
202 printf(" -m Disable prints of bootrom and binary extension\n");
203 printf(" -u UART baudrate used for bootrom prints.\n");
204 printf(" Must be multiple of 1200\n");
205 printf(" -h Show this help message\n");
206 printf(" IO-ROM NFC-NAND boot parameters:\n");
207 printf(" -n NAND device block size in KB [Default is 64KB].\n");
208 printf(" -t NAND cell technology (SLC [Default] or MLC)\n");
209
210 exit(-1);
211}
212
213/* globals */
Matteo Crocedfccb6b2018-09-24 02:27:21 +0200214static options_t opts = {
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200215 .bin_ext_file = "NA",
216 .sec_cfg_file = "NA",
217 .sec_opts = 0,
218 .load_addr = 0x0,
219 .exec_addr = 0x0,
220 .disable_print = 0,
221 .baudrate = 0,
222 .key_index = -1,
223};
224
225int get_file_size(char *filename)
226{
227 struct stat st;
228
229 if (stat(filename, &st) == 0)
230 return st.st_size;
231
232 return -1;
233}
234
235uint32_t checksum32(uint32_t *start, int len)
236{
237 uint32_t sum = 0;
238 uint32_t *startp = start;
239
240 do {
241 sum += *startp;
242 startp++;
243 len -= 4;
244 } while (len > 0);
245
246 return sum;
247}
248
249/*******************************************************************************
250 * create_rsa_signature (memory buffer content)
251 * Create RSASSA-PSS/SHA-256 signature for memory buffer
252 * using RSA Private Key
253 * INPUT:
254 * pk_ctx Private Key context
255 * input memory buffer
256 * ilen buffer length
257 * pers personalization string for seeding the RNG.
258 * For instance a private key file name.
259 * OUTPUT:
260 * signature RSA-2048 signature
261 * RETURN:
262 * 0 on success
263 */
264#ifdef CONFIG_MVEBU_SECURE_BOOT
265int create_rsa_signature(mbedtls_pk_context *pk_ctx,
266 const unsigned char *input,
267 size_t ilen,
268 const char *pers,
269 uint8_t *signature)
270{
271 mbedtls_entropy_context entropy;
272 mbedtls_ctr_drbg_context ctr_drbg;
273 unsigned char hash[32];
274 unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
275 int rval;
276
277 /* Not sure this is required,
278 * but it's safer to start with empty buffers
279 */
280 memset(hash, 0, sizeof(hash));
281 memset(buf, 0, sizeof(buf));
282
283 mbedtls_ctr_drbg_init(&ctr_drbg);
284 mbedtls_entropy_init(&entropy);
285
286 /* Seed the random number generator */
287 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
288 (const unsigned char *)pers, strlen(pers));
289 if (rval != 0) {
290 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval);
291 goto sign_exit;
292 }
293
294 /* The PK context should be already initialized.
295 * Set the padding type for this PK context
296 */
297 mbedtls_rsa_set_padding(mbedtls_pk_rsa(*pk_ctx),
298 MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
299
300 /* First compute the SHA256 hash for the input blob */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300301 mbedtls_sha256_ret(input, ilen, hash, 0);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200302
303 /* Then calculate the hash signature */
304 rval = mbedtls_rsa_rsassa_pss_sign(mbedtls_pk_rsa(*pk_ctx),
305 mbedtls_ctr_drbg_random,
306 &ctr_drbg,
307 MBEDTLS_RSA_PRIVATE,
308 MBEDTLS_MD_SHA256, 0, hash, buf);
309 if (rval != 0) {
310 fprintf(stderr,
311 "Failed to create RSA signature for %s. Error %d\n",
312 pers, rval);
313 goto sign_exit;
314 }
315 memcpy(signature, buf, 256);
316
317sign_exit:
318 mbedtls_ctr_drbg_free(&ctr_drbg);
319 mbedtls_entropy_free(&entropy);
320
321 return rval;
322} /* end of create_rsa_signature */
323
324/*******************************************************************************
325 * verify_rsa_signature (memory buffer content)
326 * Verify RSASSA-PSS/SHA-256 signature for memory buffer
327 * using RSA Public Key
328 * INPUT:
329 * pub_key Public Key buffer
330 * ilen Public Key buffer length
331 * input memory buffer
332 * ilen buffer length
333 * pers personalization string for seeding the RNG.
334 * signature RSA-2048 signature
335 * OUTPUT:
336 * none
337 * RETURN:
338 * 0 on success
339 */
340int verify_rsa_signature(const unsigned char *pub_key,
341 size_t klen,
342 const unsigned char *input,
343 size_t ilen,
344 const char *pers,
345 uint8_t *signature)
346{
347 mbedtls_entropy_context entropy;
348 mbedtls_ctr_drbg_context ctr_drbg;
349 mbedtls_pk_context pk_ctx;
350 unsigned char hash[32];
351 int rval;
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300352 unsigned char *pkey = (unsigned char *)pub_key;
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200353
354 /* Not sure this is required,
355 * but it's safer to start with empty buffer
356 */
357 memset(hash, 0, sizeof(hash));
358
359 mbedtls_pk_init(&pk_ctx);
360 mbedtls_ctr_drbg_init(&ctr_drbg);
361 mbedtls_entropy_init(&entropy);
362
363 /* Seed the random number generator */
364 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
365 (const unsigned char *)pers, strlen(pers));
366 if (rval != 0) {
367 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval);
368 goto verify_exit;
369 }
370
371 /* Check ability to read the public key */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300372 rval = mbedtls_pk_parse_subpubkey(&pkey, pub_key + klen, &pk_ctx);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200373 if (rval != 0) {
374 fprintf(stderr, " Failed in pk_parse_public_key (%#x)!\n",
375 rval);
376 goto verify_exit;
377 }
378
379 /* Set the padding type for the new PK context */
380 mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk_ctx),
381 MBEDTLS_RSA_PKCS_V21,
382 MBEDTLS_MD_SHA256);
383
384 /* Compute the SHA256 hash for the input buffer */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300385 mbedtls_sha256_ret(input, ilen, hash, 0);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200386
387 rval = mbedtls_rsa_rsassa_pss_verify(mbedtls_pk_rsa(pk_ctx),
388 mbedtls_ctr_drbg_random,
389 &ctr_drbg,
390 MBEDTLS_RSA_PUBLIC,
391 MBEDTLS_MD_SHA256, 0,
392 hash, signature);
393 if (rval != 0)
394 fprintf(stderr, "Failed to verify signature (%d)!\n", rval);
395
396verify_exit:
397
398 mbedtls_pk_free(&pk_ctx);
399 mbedtls_ctr_drbg_free(&ctr_drbg);
400 mbedtls_entropy_free(&entropy);
401 return rval;
402} /* end of verify_rsa_signature */
403
404/*******************************************************************************
405 * image_encrypt
406 * Encrypt image buffer using AES-256-CBC scheme.
407 * The resulting image is saved into opts.sec_opts->encrypted_image
408 * and the adjusted image size into opts.sec_opts->enc_image_sz
409 * First AES_BLOCK_SZ bytes of the output image contain IV
410 * INPUT:
411 * buf Source buffer to encrypt
412 * blen Source buffer length
413 * OUTPUT:
414 * none
415 * RETURN:
416 * 0 on success
417 */
418int image_encrypt(uint8_t *buf, uint32_t blen)
419{
420 struct timeval tv;
421 char *ptmp = (char *)&tv;
422 unsigned char digest[32];
423 unsigned char IV[AES_BLOCK_SZ];
424 int i, k;
425 mbedtls_aes_context aes_ctx;
426 int rval = -1;
427 uint8_t *test_img = 0;
428
429 if (AES_BLOCK_SZ > 32) {
430 fprintf(stderr, "Unsupported AES block size %d\n",
431 AES_BLOCK_SZ);
432 return rval;
433 }
434
435 mbedtls_aes_init(&aes_ctx);
436 memset(IV, 0, AES_BLOCK_SZ);
437 memset(digest, 0, 32);
438
439 /* Generate initialization vector and init the AES engine
440 * Use file name XOR current time and finally SHA-256
441 * [0...AES_BLOCK_SZ-1]
442 */
443 k = strlen(opts.sec_opts->aes_key_file);
444 if (k > AES_BLOCK_SZ)
445 k = AES_BLOCK_SZ;
446 memcpy(IV, opts.sec_opts->aes_key_file, k);
447 gettimeofday(&tv, 0);
448
449 for (i = 0, k = 0; i < AES_BLOCK_SZ; i++,
450 k = (k+1) % sizeof(struct timeval))
451 IV[i] ^= ptmp[k];
452
453 /* compute SHA-256 digest of the results
454 * and use it as the init vector (IV)
455 */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300456 mbedtls_sha256_ret(IV, AES_BLOCK_SZ, digest, 0);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200457 memcpy(IV, digest, AES_BLOCK_SZ);
458 mbedtls_aes_setkey_enc(&aes_ctx, opts.sec_opts->aes_key,
459 AES_KEY_BIT_LEN);
460
461 /* The output image has to include extra space for IV
462 * and to be aligned to the AES block size.
463 * The input image buffer has to be already aligned to AES_BLOCK_SZ
464 * and padded with zeroes
465 */
466 opts.sec_opts->enc_image_sz = (blen + 2 * AES_BLOCK_SZ - 1) &
467 ~(AES_BLOCK_SZ - 1);
468 opts.sec_opts->encrypted_image = calloc(opts.sec_opts->enc_image_sz, 1);
469 if (opts.sec_opts->encrypted_image == 0) {
470 fprintf(stderr, "Failed to allocate encrypted image!\n");
471 goto encrypt_exit;
472 }
473
474 /* Put IV into the output buffer next to the encrypted image
475 * Since the IV is modified by the encryption function,
476 * this should be done now
477 */
478 memcpy(opts.sec_opts->encrypted_image +
479 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
480 IV, AES_BLOCK_SZ);
481 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
482 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
483 IV, buf, opts.sec_opts->encrypted_image);
484 if (rval != 0) {
485 fprintf(stderr, "Failed to encrypt the image! Error %d\n",
486 rval);
487 goto encrypt_exit;
488 }
489
490 mbedtls_aes_free(&aes_ctx);
491
492 /* Try to decrypt the image and compare it with the original data */
493 mbedtls_aes_init(&aes_ctx);
494 mbedtls_aes_setkey_dec(&aes_ctx, opts.sec_opts->aes_key,
495 AES_KEY_BIT_LEN);
496
497 test_img = calloc(opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 1);
498 if (test_img == 0) {
499 fprintf(stderr, "Failed to allocate test image!d\n");
500 rval = -1;
501 goto encrypt_exit;
502 }
503
504 memcpy(IV, opts.sec_opts->encrypted_image +
505 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
506 AES_BLOCK_SZ);
507 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT,
508 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
509 IV, opts.sec_opts->encrypted_image, test_img);
510 if (rval != 0) {
511 fprintf(stderr, "Failed to decrypt the image! Error %d\n",
512 rval);
513 goto encrypt_exit;
514 }
515
516 for (i = 0; i < blen; i++) {
517 if (buf[i] != test_img[i]) {
518 fprintf(stderr, "Failed to compare the image after");
519 fprintf(stderr, " decryption! Byte count is %d\n", i);
520 rval = -1;
521 goto encrypt_exit;
522 }
523 }
524
525encrypt_exit:
526
527 mbedtls_aes_free(&aes_ctx);
528 if (test_img)
529 free(test_img);
530
531 return rval;
532} /* end of image_encrypt */
533
534/*******************************************************************************
535 * verify_secure_header_signatures
536 * Verify CSK array, header and image signatures and print results
537 * INPUT:
538 * main_hdr Main header
539 * sec_ext Secure extension
540 * OUTPUT:
541 * none
542 * RETURN:
543 * 0 on success
544 */
545int verify_secure_header_signatures(header_t *main_hdr, sec_entry_t *sec_ext)
546{
547 uint8_t *image = (uint8_t *)main_hdr + main_hdr->prolog_size;
548 uint8_t signature[RSA_SIGN_BYTE_LEN];
549 int rval = -1;
550
551 /* Save headers signature and reset it in the secure header */
552 memcpy(signature, sec_ext->header_sign, RSA_SIGN_BYTE_LEN);
553 memset(sec_ext->header_sign, 0, RSA_SIGN_BYTE_LEN);
554
555 fprintf(stdout, "\nCheck RSA Signatures\n");
556 fprintf(stdout, "#########################\n");
557 fprintf(stdout, "CSK Block Signature: ");
558 if (verify_rsa_signature(sec_ext->kak_key,
559 MAX_RSA_DER_BYTE_LEN,
560 &sec_ext->csk_keys[0][0],
561 sizeof(sec_ext->csk_keys),
562 "CSK Block Signature: ",
563 sec_ext->csk_sign) != 0) {
564 fprintf(stdout, "ERROR\n");
565 goto ver_error;
566 }
567 fprintf(stdout, "OK\n");
568
569 if (opts.key_index != -1) {
570 fprintf(stdout, "Image Signature: ");
571 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index],
572 MAX_RSA_DER_BYTE_LEN,
573 image, main_hdr->boot_image_size,
574 "Image Signature: ",
575 sec_ext->image_sign) != 0) {
576 fprintf(stdout, "ERROR\n");
577 goto ver_error;
578 }
579 fprintf(stdout, "OK\n");
580
581 fprintf(stdout, "Header Signature: ");
582 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index],
583 MAX_RSA_DER_BYTE_LEN,
584 (uint8_t *)main_hdr,
585 main_hdr->prolog_size,
586 "Header Signature: ",
587 signature) != 0) {
588 fprintf(stdout, "ERROR\n");
589 goto ver_error;
590 }
591 fprintf(stdout, "OK\n");
592 } else {
593 fprintf(stdout, "SKIP Image and Header Signatures");
594 fprintf(stdout, " check (undefined key index)\n");
595 }
596
597 rval = 0;
598
599ver_error:
600 memcpy(sec_ext->header_sign, signature, RSA_SIGN_BYTE_LEN);
601 return rval;
602}
603
604/*******************************************************************************
605 * verify_and_copy_file_name_entry
606 * INPUT:
607 * element_name
608 * element
609 * OUTPUT:
610 * copy_to
611 * RETURN:
612 * 0 on success
613 */
614int verify_and_copy_file_name_entry(const char *element_name,
615 const char *element, char *copy_to)
616{
617 int element_length = strlen(element);
618
619 if (element_length >= MAX_FILENAME) {
620 fprintf(stderr, "The file name %s for %s is too long (%d). ",
621 element, element_name, element_length);
622 fprintf(stderr, "Maximum allowed %d characters!\n",
623 MAX_FILENAME);
624 return -1;
625 } else if (element_length == 0) {
626 fprintf(stderr, "The file name for %s is empty!\n",
627 element_name);
628 return -1;
629 }
630 memcpy(copy_to, element, element_length);
631
632 return 0;
633}
634
635/*******************************************************************************
636 * parse_sec_config_file
637 * Read the secure boot configuration from a file
638 * into internal structures
639 * INPUT:
640 * filename File name
641 * OUTPUT:
642 * none
643 * RETURN:
644 * 0 on success
645 */
646int parse_sec_config_file(char *filename)
647{
648 config_t sec_cfg;
649 int array_sz, element, rval = -1;
650 const char *cfg_string;
651 int32_t cfg_int32;
652 const config_setting_t *csk_array, *control_array;
653 sec_options *sec_opt = 0;
654
655 config_init(&sec_cfg);
656
657 if (config_read_file(&sec_cfg, filename) != CONFIG_TRUE) {
658 fprintf(stderr, "Failed to read data from config file ");
659 fprintf(stderr, "%s\n\t%s at line %d\n",
660 filename, config_error_text(&sec_cfg),
661 config_error_line(&sec_cfg));
662 goto exit_parse;
663 }
664
665 sec_opt = (sec_options *)calloc(sizeof(sec_options), 1);
666 if (sec_opt == 0) {
667 fprintf(stderr,
668 "Cannot allocate memory for secure boot options!\n");
669 goto exit_parse;
670 }
671
672 /* KAK file name */
673 if (config_lookup_string(&sec_cfg, "kak_key_file",
674 &cfg_string) != CONFIG_TRUE) {
675 fprintf(stderr, "The \"kak_key_file\" undefined!\n");
676 goto exit_parse;
677 }
678 if (verify_and_copy_file_name_entry("kak_key_file",
679 cfg_string, sec_opt->kak_key_file))
680 goto exit_parse;
681
682
683 /* AES file name - can be empty/undefined */
684 if (config_lookup_string(&sec_cfg, "aes_key_file",
685 &cfg_string) == CONFIG_TRUE) {
686 if (verify_and_copy_file_name_entry("aes_key_file",
687 cfg_string,
688 sec_opt->aes_key_file))
689 goto exit_parse;
690 }
691
692 /* CSK file names array */
693 csk_array = config_lookup(&sec_cfg, "csk_key_file");
694 if (csk_array == NULL) {
695 fprintf(stderr, "The \"csk_key_file\" undefined!\n");
696 goto exit_parse;
697 }
698 array_sz = config_setting_length(csk_array);
699 if (array_sz > CSK_ARR_SZ) {
700 fprintf(stderr, "The \"csk_key_file\" array is too big! ");
701 fprintf(stderr, "Only first %d elements will be used\n",
702 CSK_ARR_SZ);
703 array_sz = CSK_ARR_SZ;
704 } else if (array_sz == 0) {
705 fprintf(stderr, "The \"csk_key_file\" array is empty!\n");
706 goto exit_parse;
707 }
708
709 for (element = 0; element < array_sz; element++) {
710 cfg_string = config_setting_get_string_elem(csk_array, element);
711 if (verify_and_copy_file_name_entry(
712 "csk_key_file", cfg_string,
713 sec_opt->csk_key_file[element])) {
714 fprintf(stderr, "Bad csk_key_file[%d] entry!\n",
715 element);
716 goto exit_parse;
717 }
718 }
719
720 /* JTAG options */
721 if (config_lookup_bool(&sec_cfg, "jtag.enable",
722 &cfg_int32) != CONFIG_TRUE) {
723 fprintf(stderr, "Error obtaining \"jtag.enable\" element. ");
724 fprintf(stderr, "Using default - FALSE\n");
725 cfg_int32 = 0;
726 }
727 sec_opt->jtag_enable = cfg_int32;
728
729 if (config_lookup_int(&sec_cfg, "jtag.delay",
730 &cfg_int32) != CONFIG_TRUE) {
731 fprintf(stderr, "Error obtaining \"jtag.delay\" element. ");
732 fprintf(stderr, "Using default - 0us\n");
733 cfg_int32 = 0;
734 }
735 sec_opt->jtag_delay = cfg_int32;
736
737 /* eFUSE option */
738 if (config_lookup_bool(&sec_cfg, "efuse_disable",
739 &cfg_int32) != CONFIG_TRUE) {
740 fprintf(stderr, "Error obtaining \"efuse_disable\" element. ");
741 fprintf(stderr, "Using default - TRUE\n");
742 cfg_int32 = 1;
743 }
744 sec_opt->efuse_disable = cfg_int32;
745
746 /* Box ID option */
747 if (config_lookup_int(&sec_cfg, "box_id", &cfg_int32) != CONFIG_TRUE) {
748 fprintf(stderr, "Error obtaining \"box_id\" element. ");
749 fprintf(stderr, "Using default - 0x0\n");
750 cfg_int32 = 0;
751 }
752 sec_opt->box_id = cfg_int32;
753
754 /* Flash ID option */
755 if (config_lookup_int(&sec_cfg, "flash_id",
756 &cfg_int32) != CONFIG_TRUE) {
757 fprintf(stderr, "Error obtaining \"flash_id\" element. ");
758 fprintf(stderr, "Using default - 0x0\n");
759 cfg_int32 = 0;
760 }
761 sec_opt->flash_id = cfg_int32;
762
763 /* CSK index option */
764 if (config_lookup_int(&sec_cfg, "csk_key_index",
765 &cfg_int32) != CONFIG_TRUE) {
Konstantin Porotchkincfa897e2018-08-16 13:57:18 +0300766 fprintf(stderr, "Error obtaining \"flash_id\" element. ");
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200767 fprintf(stderr, "Using default - 0x0\n");
768 cfg_int32 = 0;
769 }
770 sec_opt->csk_index = cfg_int32;
771
772 /* Secure boot control array */
773 control_array = config_lookup(&sec_cfg, "control");
774 if (control_array != NULL) {
775 array_sz = config_setting_length(control_array);
776 if (array_sz == 0)
777 fprintf(stderr, "The \"control\" array is empty!\n");
778 } else {
779 fprintf(stderr, "The \"control\" is undefined!\n");
780 array_sz = 0;
781 }
782
783 for (element = 0; element < CP_CTRL_EL_ARRAY_SZ; element++) {
784 sec_opt->cp_ctrl_arr[element] =
785 config_setting_get_int_elem(control_array, element * 2);
786 sec_opt->cp_efuse_arr[element] =
787 config_setting_get_int_elem(control_array,
788 element * 2 + 1);
789 }
790
791 opts.sec_opts = sec_opt;
792 rval = 0;
793
794exit_parse:
795 config_destroy(&sec_cfg);
796 if (sec_opt && (rval != 0))
797 free(sec_opt);
798 return rval;
799} /* end of parse_sec_config_file */
800
801int format_sec_ext(char *filename, FILE *out_fd)
802{
803 ext_header_t header;
804 sec_entry_t sec_ext;
805 int index;
806 int written;
807
808#define DER_BUF_SZ 1600
809
810 /* First, parse the configuration file */
811 if (parse_sec_config_file(filename)) {
812 fprintf(stderr,
813 "failed parsing configuration file %s\n", filename);
814 return 1;
815 }
816
817 /* Everything except signatures can be created at this stage */
818 header.type = EXT_TYPE_SECURITY;
819 header.offset = 0;
820 header.size = sizeof(sec_entry_t);
821 header.reserved = 0;
822
823 /* Bring up RSA context and read private keys from their files */
824 for (index = 0; index < (CSK_ARR_SZ + 1); index++) {
825 /* for every private key file */
826 mbedtls_pk_context *pk_ctx = (index == CSK_ARR_SZ) ?
827 &opts.sec_opts->kak_pk :
828 &opts.sec_opts->csk_pk[index];
829 char *fname = (index == CSK_ARR_SZ) ?
830 opts.sec_opts->kak_key_file :
831 opts.sec_opts->csk_key_file[index];
832 uint8_t *out_der_key = (index == CSK_ARR_SZ) ?
833 sec_ext.kak_key :
834 sec_ext.csk_keys[index];
835 size_t output_len;
836 unsigned char output_buf[DER_BUF_SZ];
837 unsigned char *der_buf_start;
838
839 /* Handle invalid/reserved file names */
840 if (strncmp(CSK_ARR_EMPTY_FILE, fname,
841 strlen(CSK_ARR_EMPTY_FILE)) == 0) {
842 if (opts.sec_opts->csk_index == index) {
843 fprintf(stderr,
844 "CSK file with index %d cannot be %s\n",
845 index, CSK_ARR_EMPTY_FILE);
846 return 1;
847 } else if (index == CSK_ARR_SZ) {
848 fprintf(stderr, "KAK file name cannot be %s\n",
849 CSK_ARR_EMPTY_FILE);
850 return 1;
851 }
852 /* this key will be empty in CSK array */
853 continue;
854 }
855
856 mbedtls_pk_init(pk_ctx);
857 /* Read the private RSA key into the context
858 * and verify it (no password)
859 */
860 if (mbedtls_pk_parse_keyfile(pk_ctx, fname, "") != 0) {
861 fprintf(stderr,
862 "Cannot read RSA private key file %s\n", fname);
863 return 1;
864 }
865
866 /* Create a public key out of private one
867 * and store it in DER format
868 */
869 output_len = mbedtls_pk_write_pubkey_der(pk_ctx,
870 output_buf,
871 DER_BUF_SZ);
872 if (output_len < 0) {
873 fprintf(stderr,
874 "Failed to create DER coded PUB key (%s)\n",
875 fname);
876 return 1;
877 }
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300878
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200879 /* Data in the output buffer is aligned to the buffer end */
880 der_buf_start = output_buf + sizeof(output_buf) - output_len;
881 /* In the header DER data is aligned
882 * to the start of appropriate field
883 */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300884 bzero(out_der_key, MAX_RSA_DER_BYTE_LEN);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200885 memcpy(out_der_key, der_buf_start, output_len);
886
887 } /* for every private key file */
888
889 /* The CSK block signature can be created here */
890 if (create_rsa_signature(&opts.sec_opts->kak_pk,
891 &sec_ext.csk_keys[0][0],
892 sizeof(sec_ext.csk_keys),
893 opts.sec_opts->csk_key_file[
894 opts.sec_opts->csk_index],
895 sec_ext.csk_sign) != 0) {
896 fprintf(stderr, "Failed to sign CSK keys block!\n");
897 return 1;
898 }
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300899
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200900 /* Check that everything is correct */
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +0300901 if (verify_rsa_signature(sec_ext.kak_key,
902 MAX_RSA_DER_BYTE_LEN,
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200903 &sec_ext.csk_keys[0][0],
904 sizeof(sec_ext.csk_keys),
905 opts.sec_opts->kak_key_file,
906 sec_ext.csk_sign) != 0) {
907 fprintf(stderr, "Failed to verify CSK keys block signature!\n");
908 return 1;
909 }
910
911 /* AES encryption stuff */
912 if (strlen(opts.sec_opts->aes_key_file) != 0) {
913 FILE *in_fd;
914
915 in_fd = fopen(opts.sec_opts->aes_key_file, "rb");
916 if (in_fd == NULL) {
917 fprintf(stderr, "Failed to open AES key file %s\n",
918 opts.sec_opts->aes_key_file);
919 return 1;
920 }
921
922 /* Read the AES key in ASCII format byte by byte */
923 for (index = 0; index < AES_KEY_BYTE_LEN; index++) {
924 if (fscanf(in_fd, "%02hhx",
925 opts.sec_opts->aes_key + index) != 1) {
926 fprintf(stderr,
927 "Failed to read AES key byte %d ",
928 index);
929 fprintf(stderr,
930 "from file %s\n",
931 opts.sec_opts->aes_key_file);
932 fclose(in_fd);
933 return 1;
934 }
935 }
936 fclose(in_fd);
937 sec_ext.encrypt_en = 1;
938 } else {
939 sec_ext.encrypt_en = 0;
940 }
941
942 /* Fill the rest of the trusted boot extension fields */
943 sec_ext.box_id = opts.sec_opts->box_id;
944 sec_ext.flash_id = opts.sec_opts->flash_id;
945 sec_ext.efuse_dis = opts.sec_opts->efuse_disable;
946 sec_ext.jtag_delay = opts.sec_opts->jtag_delay;
947 sec_ext.jtag_en = opts.sec_opts->jtag_enable;
948
949 memcpy(sec_ext.cp_ctrl_arr,
950 opts.sec_opts->cp_ctrl_arr,
951 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ);
952 memcpy(sec_ext.cp_efuse_arr,
953 opts.sec_opts->cp_efuse_arr,
954 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ);
955
956 /* Write the resulting extension to file
957 * (image and header signature fields are still empty)
958 */
959
960 /* Write extension header */
961 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd);
962 if (written != 1) {
963 fprintf(stderr,
964 "Failed to write SEC extension header to the file\n");
965 return 1;
966 }
967 /* Write extension body */
968 written = fwrite(&sec_ext, sizeof(sec_entry_t), 1, out_fd);
969 if (written != 1) {
970 fprintf(stderr,
971 "Failed to write SEC extension body to the file\n");
972 return 1;
973 }
974
975 return 0;
976}
977
978/*******************************************************************************
979 * finalize_secure_ext
980 * Make final changes to secure extension - calculate image and header
981 * signatures and encrypt the image if needed.
982 * The main header checksum and image size fields updated accordingly
983 * INPUT:
984 * header Main header
985 * prolog_buf the entire prolog buffer
986 * prolog_size prolog buffer length
987 * image_buf buffer containing the input binary image
988 * image_size image buffer size.
989 * OUTPUT:
990 * none
991 * RETURN:
992 * 0 on success
993 */
994int finalize_secure_ext(header_t *header,
995 uint8_t *prolog_buf, uint32_t prolog_size,
996 uint8_t *image_buf, int image_size)
997{
998 int cur_ext, offset;
999 uint8_t *final_image = image_buf;
1000 uint32_t final_image_sz = image_size;
1001 uint8_t hdr_sign[RSA_SIGN_BYTE_LEN];
1002 sec_entry_t *sec_ext = 0;
1003
1004 /* Find the Trusted Boot Header between available extensions */
1005 for (cur_ext = 0, offset = sizeof(header_t);
1006 cur_ext < header->ext_count; cur_ext++) {
1007 ext_header_t *ext_hdr = (ext_header_t *)(prolog_buf + offset);
1008
1009 if (ext_hdr->type == EXT_TYPE_SECURITY) {
1010 sec_ext = (sec_entry_t *)(prolog_buf + offset +
1011 sizeof(ext_header_t) + ext_hdr->offset);
1012 break;
1013 }
1014
1015 offset += sizeof(ext_header_t);
1016 /* If offset is Zero, the extension follows its header */
1017 if (ext_hdr->offset == 0)
1018 offset += ext_hdr->size;
1019 }
1020
1021 if (sec_ext == 0) {
1022 fprintf(stderr, "Error: No Trusted Boot extension found!\n");
1023 return -1;
1024 }
1025
1026 if (sec_ext->encrypt_en) {
1027 /* Encrypt the image if needed */
1028 fprintf(stdout, "Encrypting the image...\n");
1029
1030 if (image_encrypt(image_buf, image_size) != 0) {
1031 fprintf(stderr, "Failed to encrypt the image!\n");
1032 return -1;
1033 }
1034
1035 /* Image size and checksum should be updated after encryption.
1036 * This way the image could be verified by the BootROM
1037 * before decryption.
1038 */
1039 final_image = opts.sec_opts->encrypted_image;
1040 final_image_sz = opts.sec_opts->enc_image_sz;
1041
1042 header->boot_image_size = final_image_sz;
1043 header->boot_image_checksum =
1044 checksum32((uint32_t *)final_image, final_image_sz);
1045 } /* AES encryption */
1046
1047 /* Create the image signature first, since it will be later
1048 * signed along with the header signature
1049 */
1050 if (create_rsa_signature(&opts.sec_opts->csk_pk[
1051 opts.sec_opts->csk_index],
1052 final_image, final_image_sz,
1053 opts.sec_opts->csk_key_file[
1054 opts.sec_opts->csk_index],
1055 sec_ext->image_sign) != 0) {
1056 fprintf(stderr, "Failed to sign image!\n");
1057 return -1;
1058 }
1059 /* Check that the image signature is correct */
1060 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index],
1061 MAX_RSA_DER_BYTE_LEN,
1062 final_image, final_image_sz,
1063 opts.sec_opts->csk_key_file[
1064 opts.sec_opts->csk_index],
1065 sec_ext->image_sign) != 0) {
1066 fprintf(stderr, "Failed to verify image signature!\n");
1067 return -1;
1068 }
1069
1070 /* Sign the headers and all the extensions block
1071 * when the header signature field is empty
1072 */
1073 if (create_rsa_signature(&opts.sec_opts->csk_pk[
1074 opts.sec_opts->csk_index],
1075 prolog_buf, prolog_size,
1076 opts.sec_opts->csk_key_file[
1077 opts.sec_opts->csk_index],
1078 hdr_sign) != 0) {
1079 fprintf(stderr, "Failed to sign header!\n");
1080 return -1;
1081 }
1082 /* Check that the header signature is correct */
1083 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index],
1084 MAX_RSA_DER_BYTE_LEN,
1085 prolog_buf, prolog_size,
1086 opts.sec_opts->csk_key_file[
1087 opts.sec_opts->csk_index],
1088 hdr_sign) != 0) {
1089 fprintf(stderr, "Failed to verify header signature!\n");
1090 return -1;
1091 }
1092
1093 /* Finally, copy the header signature into the trusted boot extension */
1094 memcpy(sec_ext->header_sign, hdr_sign, RSA_SIGN_BYTE_LEN);
1095
1096 return 0;
1097}
1098
1099#endif /* CONFIG_MVEBU_SECURE_BOOT */
1100
1101
1102#define FMT_HEX 0
1103#define FMT_DEC 1
1104#define FMT_BIN 2
1105#define FMT_NONE 3
1106
1107void do_print_field(unsigned int value, char *name,
1108 int start, int size, int format)
1109{
1110 fprintf(stdout, "[0x%05x : 0x%05x] %-26s",
1111 start, start + size - 1, name);
1112
1113 switch (format) {
1114 case FMT_HEX:
1115 printf("0x%x\n", value);
1116 break;
1117 case FMT_DEC:
1118 printf("%d\n", value);
1119 break;
1120 default:
1121 printf("\n");
1122 break;
1123 }
1124}
1125
1126#define print_field(st, type, field, hex, base) \
1127 do_print_field((int)st->field, #field, \
1128 base + offsetof(type, field), sizeof(st->field), hex)
1129
1130int print_header(uint8_t *buf, int base)
1131{
1132 header_t *main_hdr;
1133
1134 main_hdr = (header_t *)buf;
1135
1136 fprintf(stdout, "########### Header ##############\n");
1137 print_field(main_hdr, header_t, magic, FMT_HEX, base);
1138 print_field(main_hdr, header_t, prolog_size, FMT_DEC, base);
1139 print_field(main_hdr, header_t, prolog_checksum, FMT_HEX, base);
1140 print_field(main_hdr, header_t, boot_image_size, FMT_DEC, base);
1141 print_field(main_hdr, header_t, boot_image_checksum, FMT_HEX, base);
1142 print_field(main_hdr, header_t, rsrvd0, FMT_HEX, base);
1143 print_field(main_hdr, header_t, load_addr, FMT_HEX, base);
1144 print_field(main_hdr, header_t, exec_addr, FMT_HEX, base);
1145 print_field(main_hdr, header_t, uart_cfg, FMT_HEX, base);
1146 print_field(main_hdr, header_t, baudrate, FMT_HEX, base);
1147 print_field(main_hdr, header_t, ext_count, FMT_DEC, base);
1148 print_field(main_hdr, header_t, aux_flags, FMT_HEX, base);
1149 print_field(main_hdr, header_t, io_arg_0, FMT_HEX, base);
1150 print_field(main_hdr, header_t, io_arg_1, FMT_HEX, base);
1151 print_field(main_hdr, header_t, io_arg_2, FMT_HEX, base);
1152 print_field(main_hdr, header_t, io_arg_3, FMT_HEX, base);
1153 print_field(main_hdr, header_t, rsrvd1, FMT_HEX, base);
1154 print_field(main_hdr, header_t, rsrvd2, FMT_HEX, base);
1155 print_field(main_hdr, header_t, rsrvd3, FMT_HEX, base);
1156
1157 return sizeof(header_t);
1158}
1159
1160int print_ext_hdr(ext_header_t *ext_hdr, int base)
1161{
1162 print_field(ext_hdr, ext_header_t, type, FMT_HEX, base);
1163 print_field(ext_hdr, ext_header_t, offset, FMT_HEX, base);
1164 print_field(ext_hdr, ext_header_t, reserved, FMT_HEX, base);
1165 print_field(ext_hdr, ext_header_t, size, FMT_DEC, base);
1166
1167 return base + sizeof(ext_header_t);
1168}
1169
1170void print_sec_ext(ext_header_t *ext_hdr, int base)
1171{
1172 sec_entry_t *sec_entry;
1173 uint32_t new_base;
1174
1175 fprintf(stdout, "\n########### Secure extension ###########\n");
1176
1177 new_base = print_ext_hdr(ext_hdr, base);
1178
1179 sec_entry = (sec_entry_t *)(ext_hdr + 1);
1180
1181 do_print_field(0, "KAK key", new_base, MAX_RSA_DER_BYTE_LEN, FMT_NONE);
1182 new_base += MAX_RSA_DER_BYTE_LEN;
1183 print_field(sec_entry, sec_entry_t, jtag_delay, FMT_DEC, base);
1184 print_field(sec_entry, sec_entry_t, box_id, FMT_HEX, base);
1185 print_field(sec_entry, sec_entry_t, flash_id, FMT_HEX, base);
1186 print_field(sec_entry, sec_entry_t, encrypt_en, FMT_DEC, base);
1187 print_field(sec_entry, sec_entry_t, efuse_dis, FMT_DEC, base);
1188 new_base += 6 * sizeof(uint32_t);
1189 do_print_field(0, "header signature",
1190 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1191 new_base += RSA_SIGN_BYTE_LEN;
1192 do_print_field(0, "image signature",
1193 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1194 new_base += RSA_SIGN_BYTE_LEN;
1195 do_print_field(0, "CSK keys", new_base,
1196 CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN, FMT_NONE);
1197 new_base += CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN;
1198 do_print_field(0, "CSK block signature",
1199 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1200 new_base += RSA_SIGN_BYTE_LEN;
1201 do_print_field(0, "control", new_base,
1202 CP_CTRL_EL_ARRAY_SZ * 2, FMT_NONE);
1203
1204}
1205
1206void print_bin_ext(ext_header_t *ext_hdr, int base)
1207{
1208 fprintf(stdout, "\n########### Binary extension ###########\n");
1209 base = print_ext_hdr(ext_hdr, base);
1210 do_print_field(0, "binary image", base, ext_hdr->size, FMT_NONE);
1211}
1212
1213int print_extension(void *buf, int base, int count, int ext_size)
1214{
1215 ext_header_t *ext_hdr = buf;
1216 int pad = ext_size;
1217 int curr_size;
1218
1219 while (count--) {
1220 if (ext_hdr->type == EXT_TYPE_BINARY)
1221 print_bin_ext(ext_hdr, base);
1222 else if (ext_hdr->type == EXT_TYPE_SECURITY)
1223 print_sec_ext(ext_hdr, base);
1224
1225 curr_size = sizeof(ext_header_t) + ext_hdr->size;
1226 base += curr_size;
1227 pad -= curr_size;
1228 ext_hdr = (ext_header_t *)((uintptr_t)ext_hdr + curr_size);
1229 }
1230
1231 if (pad)
1232 do_print_field(0, "padding", base, pad, FMT_NONE);
1233
1234 return ext_size;
1235}
1236
1237int parse_image(uint8_t *buf, int size)
1238{
1239 int base = 0;
1240 int ret = 1;
1241 header_t *main_hdr;
1242 uint32_t checksum, prolog_checksum;
1243
1244
1245 fprintf(stdout,
1246 "################### Prolog Start ######################\n\n");
1247 main_hdr = (header_t *)buf;
1248 base += print_header(buf, base);
1249
1250 if (main_hdr->ext_count)
1251 base += print_extension(buf + base, base,
1252 main_hdr->ext_count,
1253 main_hdr->prolog_size -
1254 sizeof(header_t));
1255
1256 if (base < main_hdr->prolog_size) {
1257 fprintf(stdout, "\n########### Padding ##############\n");
1258 do_print_field(0, "prolog padding",
1259 base, main_hdr->prolog_size - base, FMT_HEX);
1260 base = main_hdr->prolog_size;
1261 }
1262 fprintf(stdout,
1263 "\n################### Prolog End ######################\n");
1264
1265 fprintf(stdout,
1266 "\n################### Boot image ######################\n");
1267
1268 do_print_field(0, "boot image", base, size - base - 4, FMT_NONE);
1269
1270 fprintf(stdout,
1271 "################### Image end ########################\n");
1272
1273 /* Check sanity for certain values */
1274 printf("\nChecking values:\n");
1275
1276 if (main_hdr->magic == MAIN_HDR_MAGIC) {
1277 fprintf(stdout, "Headers magic: OK!\n");
1278 } else {
1279 fprintf(stderr,
1280 "\n****** ERROR: HEADER MAGIC 0x%08x != 0x%08x\n",
1281 main_hdr->magic, MAIN_HDR_MAGIC);
1282 goto error;
1283 }
1284
1285 /* headers checksum */
1286 /* clear the checksum field in header to calculate checksum */
1287 prolog_checksum = main_hdr->prolog_checksum;
1288 main_hdr->prolog_checksum = 0;
1289 checksum = checksum32((uint32_t *)buf, main_hdr->prolog_size);
1290
1291 if (checksum == prolog_checksum) {
1292 fprintf(stdout, "Headers checksum: OK!\n");
1293 } else {
1294 fprintf(stderr,
1295 "\n***** ERROR: BAD HEADER CHECKSUM 0x%08x != 0x%08x\n",
1296 checksum, prolog_checksum);
1297 goto error;
1298 }
1299
1300 /* boot image checksum */
1301 checksum = checksum32((uint32_t *)(buf + main_hdr->prolog_size),
1302 main_hdr->boot_image_size);
1303 if (checksum == main_hdr->boot_image_checksum) {
1304 fprintf(stdout, "Image checksum: OK!\n");
1305 } else {
1306 fprintf(stderr,
1307 "\n****** ERROR: BAD IMAGE CHECKSUM 0x%08x != 0x%08x\n",
1308 checksum, main_hdr->boot_image_checksum);
1309 goto error;
1310 }
1311
1312#ifdef CONFIG_MVEBU_SECURE_BOOT
1313 /* RSA signatures */
1314 if (main_hdr->ext_count) {
1315 uint8_t ext_num = main_hdr->ext_count;
1316 ext_header_t *ext_hdr = (ext_header_t *)(main_hdr + 1);
1317 unsigned char hash[32];
1318 int i;
1319
1320 while (ext_num--) {
1321 if (ext_hdr->type == EXT_TYPE_SECURITY) {
1322 sec_entry_t *sec_entry =
1323 (sec_entry_t *)(ext_hdr + 1);
1324
1325 ret = verify_secure_header_signatures(
1326 main_hdr, sec_entry);
1327 if (ret != 0) {
1328 fprintf(stderr,
1329 "\n****** FAILED TO VERIFY ");
1330 fprintf(stderr,
1331 "RSA SIGNATURES ********\n");
1332 goto error;
1333 }
1334
Konstantin Porotchkin4fdfa352019-05-01 17:08:18 +03001335 mbedtls_sha256_ret(sec_entry->kak_key,
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001336 MAX_RSA_DER_BYTE_LEN, hash, 0);
1337 fprintf(stdout,
1338 ">>>>>>>>>> KAK KEY HASH >>>>>>>>>>\n");
1339 fprintf(stdout, "SHA256: ");
1340 for (i = 0; i < 32; i++)
1341 fprintf(stdout, "%02X", hash[i]);
1342
1343 fprintf(stdout,
1344 "\n<<<<<<<<< KAK KEY HASH <<<<<<<<<\n");
1345
1346 break;
1347 }
1348 ext_hdr =
1349 (ext_header_t *)((uint8_t *)(ext_hdr + 1) +
1350 ext_hdr->size);
1351 }
1352 }
1353#endif
1354
1355 ret = 0;
1356error:
1357 return ret;
1358}
1359
1360int format_bin_ext(char *filename, FILE *out_fd)
1361{
1362 ext_header_t header;
1363 FILE *in_fd;
1364 int size, written;
1365 int aligned_size, pad_bytes;
1366 char c;
1367
1368 in_fd = fopen(filename, "rb");
1369 if (in_fd == NULL) {
1370 fprintf(stderr, "failed to open bin extension file %s\n",
1371 filename);
1372 return 1;
1373 }
1374
1375 size = get_file_size(filename);
1376 if (size <= 0) {
1377 fprintf(stderr, "bin extension file size is bad\n");
1378 return 1;
1379 }
1380
1381 /* Align extension size to 8 bytes */
1382 aligned_size = (size + 7) & (~7);
1383 pad_bytes = aligned_size - size;
1384
1385 header.type = EXT_TYPE_BINARY;
1386 header.offset = 0;
1387 header.size = aligned_size;
1388 header.reserved = 0;
1389
1390 /* Write header */
1391 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd);
1392 if (written != 1) {
1393 fprintf(stderr, "failed writing header to extension file\n");
1394 return 1;
1395 }
1396
1397 /* Write image */
1398 while (size--) {
1399 c = getc(in_fd);
1400 fputc(c, out_fd);
1401 }
1402
1403 while (pad_bytes--)
1404 fputc(0, out_fd);
1405
1406 fclose(in_fd);
1407
1408 return 0;
1409}
1410
1411/* ****************************************
1412 *
1413 * Write all extensions (binary, secure
1414 * extensions) to file
1415 *
1416 * ****************************************/
1417
1418int format_extensions(char *ext_filename)
1419{
1420 FILE *out_fd;
1421 int ret = 0;
1422
1423 out_fd = fopen(ext_filename, "wb");
1424 if (out_fd == NULL) {
1425 fprintf(stderr, "failed to open extension output file %s",
1426 ext_filename);
1427 return 1;
1428 }
1429
1430 if (strncmp(opts.bin_ext_file, "NA", MAX_FILENAME)) {
1431 if (format_bin_ext(opts.bin_ext_file, out_fd)) {
1432 ret = 1;
1433 goto error;
1434 }
1435 }
1436#ifdef CONFIG_MVEBU_SECURE_BOOT
1437 if (strncmp(opts.sec_cfg_file, "NA", MAX_FILENAME)) {
1438 if (format_sec_ext(opts.sec_cfg_file, out_fd)) {
1439 ret = 1;
1440 goto error;
1441 }
1442 }
1443#endif
1444
1445error:
1446 fflush(out_fd);
1447 fclose(out_fd);
1448 return ret;
1449}
1450
1451void update_uart(header_t *header)
1452{
1453 header->uart_cfg = 0;
1454 header->baudrate = 0;
1455
1456 if (opts.disable_print)
1457 uart_set_mode(header->uart_cfg, UART_MODE_DISABLE);
1458
1459 if (opts.baudrate)
1460 header->baudrate = (opts.baudrate / 1200);
1461}
1462
1463/* ****************************************
1464 *
1465 * Write the image prolog, i.e.
1466 * main header and extensions, to file
1467 *
1468 * ****************************************/
1469
1470int write_prolog(int ext_cnt, char *ext_filename,
1471 uint8_t *image_buf, int image_size, FILE *out_fd)
1472{
1473 header_t *header;
1474 int main_hdr_size = sizeof(header_t);
1475 int prolog_size = main_hdr_size;
1476 FILE *ext_fd;
1477 char *buf;
1478 int written, read;
1479 int ret = 1;
1480
1481
1482 if (ext_cnt)
1483 prolog_size += get_file_size(ext_filename);
1484
1485 prolog_size = ((prolog_size + PROLOG_ALIGNMENT) &
1486 (~(PROLOG_ALIGNMENT-1)));
1487
1488 /* Allocate a zeroed buffer to zero the padding bytes */
1489 buf = calloc(prolog_size, 1);
1490 if (buf == NULL) {
1491 fprintf(stderr, "Error: failed allocating checksum buffer\n");
1492 return 1;
1493 }
1494
1495 header = (header_t *)buf;
1496 header->magic = MAIN_HDR_MAGIC;
1497 header->prolog_size = prolog_size;
1498 header->load_addr = opts.load_addr;
1499 header->exec_addr = opts.exec_addr;
1500 header->io_arg_0 = opts.nfc_io_args;
1501 header->ext_count = ext_cnt;
1502 header->aux_flags = 0;
1503 header->boot_image_size = (image_size + 3) & (~0x3);
1504 header->boot_image_checksum = checksum32((uint32_t *)image_buf,
1505 image_size);
1506
1507 update_uart(header);
1508
1509 /* Populate buffer with main header and extensions */
1510 if (ext_cnt) {
1511 ext_fd = fopen(ext_filename, "rb");
1512 if (ext_fd == NULL) {
1513 fprintf(stderr,
1514 "Error: failed to open extensions file\n");
1515 goto error;
1516 }
1517
1518 read = fread(&buf[main_hdr_size],
1519 get_file_size(ext_filename), 1, ext_fd);
1520 if (read != 1) {
1521 fprintf(stderr,
1522 "Error: failed to open extensions file\n");
1523 goto error;
1524 }
1525
1526#ifdef CONFIG_MVEBU_SECURE_BOOT
1527 /* Secure boot mode? */
1528 if (opts.sec_opts != 0) {
1529 ret = finalize_secure_ext(header, (uint8_t *)buf,
1530 prolog_size, image_buf,
1531 image_size);
1532 if (ret != 0) {
1533 fprintf(stderr, "Error: failed to handle ");
1534 fprintf(stderr, "secure extension!\n");
1535 goto error;
1536 }
1537 } /* secure boot mode */
1538#endif
1539 }
1540
1541 /* Update the total prolog checksum */
1542 header->prolog_checksum = checksum32((uint32_t *)buf, prolog_size);
1543
1544 /* Now spill everything to output file */
1545 written = fwrite(buf, prolog_size, 1, out_fd);
1546 if (written != 1) {
1547 fprintf(stderr,
1548 "Error: failed to write prolog to output file\n");
1549 goto error;
1550 }
1551
1552 ret = 0;
1553
1554error:
1555 free(buf);
1556 return ret;
1557}
1558
1559int write_boot_image(uint8_t *buf, uint32_t image_size, FILE *out_fd)
1560{
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001561 int written;
1562
Konstantin Porotchkindb194352019-05-02 15:10:07 +03001563 written = fwrite(buf, image_size, 1, out_fd);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001564 if (written != 1) {
1565 fprintf(stderr, "Error: Failed to write boot image\n");
1566 goto error;
1567 }
1568
1569 return 0;
1570error:
1571 return 1;
1572}
1573
1574int main(int argc, char *argv[])
1575{
Matteo Crocedfccb6b2018-09-24 02:27:21 +02001576 char in_file[MAX_FILENAME+1] = { 0 };
1577 char out_file[MAX_FILENAME+1] = { 0 };
1578 char ext_file[MAX_FILENAME+1] = { 0 };
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001579 FILE *in_fd = NULL;
1580 FILE *out_fd = NULL;
1581 int parse = 0;
1582 int ext_cnt = 0;
1583 int opt;
1584 int ret = 0;
Konstantin Porotchkindb194352019-05-02 15:10:07 +03001585 int image_size, file_size;
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001586 uint8_t *image_buf = NULL;
1587 int read;
Matteo Crocedfccb6b2018-09-24 02:27:21 +02001588 size_t len;
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001589 uint32_t nand_block_size_kb, mlc_nand;
1590
1591 /* Create temporary file for building extensions
1592 * Use process ID for allowing multiple parallel runs
1593 */
1594 snprintf(ext_file, MAX_FILENAME, "/tmp/ext_file-%x", getpid());
1595
1596 while ((opt = getopt(argc, argv, "hpms:i:l:e:a:b:u:n:t:c:k:")) != -1) {
1597 switch (opt) {
1598 case 'h':
1599 usage();
1600 break;
1601 case 'l':
1602 opts.load_addr = strtoul(optarg, NULL, 0);
1603 break;
1604 case 'e':
1605 opts.exec_addr = strtoul(optarg, NULL, 0);
1606 break;
1607 case 'm':
1608 opts.disable_print = 1;
1609 break;
1610 case 'u':
1611 opts.baudrate = strtoul(optarg, NULL, 0);
1612 break;
1613 case 'b':
1614 strncpy(opts.bin_ext_file, optarg, MAX_FILENAME);
1615 ext_cnt++;
1616 break;
1617 case 'p':
1618 parse = 1;
1619 break;
1620 case 'n':
1621 nand_block_size_kb = strtoul(optarg, NULL, 0);
1622 opts.nfc_io_args |= (nand_block_size_kb / 64);
1623 break;
1624 case 't':
1625 mlc_nand = 0;
1626 if (!strncmp("MLC", optarg, 3))
1627 mlc_nand = 1;
1628 opts.nfc_io_args |= (mlc_nand << 8);
1629 break;
1630#ifdef CONFIG_MVEBU_SECURE_BOOT
1631 case 'c': /* SEC extension */
1632 strncpy(opts.sec_cfg_file, optarg, MAX_FILENAME);
1633 ext_cnt++;
1634 break;
1635 case 'k':
1636 opts.key_index = strtoul(optarg, NULL, 0);
1637 break;
1638#endif
1639 default: /* '?' */
1640 usage_err("Unknown argument");
1641 exit(EXIT_FAILURE);
1642 }
1643 }
1644
1645 /* Check validity of inputes */
1646 if (opts.load_addr % 8)
1647 usage_err("Load address must be 8 bytes aligned");
1648
1649 if (opts.baudrate % 1200)
1650 usage_err("Baudrate must be a multiple of 1200");
1651
1652 /* The remaining arguments are the input
1653 * and potentially output file
1654 */
1655 /* Input file must exist so exit if not */
1656 if (optind >= argc)
1657 usage_err("missing input file name");
1658
Matteo Crocedfccb6b2018-09-24 02:27:21 +02001659 len = strlen(argv[optind]);
1660 if (len > MAX_FILENAME)
1661 usage_err("file name too long");
1662 memcpy(in_file, argv[optind], len);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001663 optind++;
1664
1665 /* Output file must exist in non parse mode */
Matteo Crocedfccb6b2018-09-24 02:27:21 +02001666 if (optind < argc) {
1667 len = strlen(argv[optind]);
1668 if (len > MAX_FILENAME)
1669 usage_err("file name too long");
1670 memcpy(out_file, argv[optind], len);
1671 } else if (!parse)
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001672 usage_err("missing output file name");
1673
1674 /* open the input file */
1675 in_fd = fopen(in_file, "rb");
1676 if (in_fd == NULL) {
1677 printf("Error: Failed to open input file %s\n", in_file);
1678 goto main_exit;
1679 }
1680
Konstantin Porotchkindb194352019-05-02 15:10:07 +03001681 /* Read the input file to buffer
1682 * Always align the image to 16 byte boundary
1683 */
1684 file_size = get_file_size(in_file);
1685 image_size = (file_size + AES_BLOCK_SZ - 1) & ~(AES_BLOCK_SZ - 1);
1686 image_buf = calloc(image_size, 1);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001687 if (image_buf == NULL) {
1688 fprintf(stderr, "Error: failed allocating input buffer\n");
1689 return 1;
1690 }
1691
Konstantin Porotchkindb194352019-05-02 15:10:07 +03001692 read = fread(image_buf, file_size, 1, in_fd);
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001693 if (read != 1) {
1694 fprintf(stderr, "Error: failed to read input file\n");
1695 goto main_exit;
1696 }
1697
1698 /* Parse the input image and leave */
1699 if (parse) {
1700 if (opts.key_index >= CSK_ARR_SZ) {
1701 fprintf(stderr,
1702 "Wrong key IDX value. Valid values 0 - %d\n",
1703 CSK_ARR_SZ - 1);
1704 goto main_exit;
1705 }
1706 ret = parse_image(image_buf, image_size);
1707 goto main_exit;
1708 }
1709
1710 /* Create a blob file from all extensions */
1711 if (ext_cnt) {
1712 ret = format_extensions(ext_file);
1713 if (ret)
1714 goto main_exit;
1715 }
1716
1717 out_fd = fopen(out_file, "wb");
1718 if (out_fd == NULL) {
1719 fprintf(stderr,
1720 "Error: Failed to open output file %s\n", out_file);
1721 goto main_exit;
1722 }
1723
1724 ret = write_prolog(ext_cnt, ext_file, image_buf, image_size, out_fd);
1725 if (ret)
1726 goto main_exit;
1727
1728#ifdef CONFIG_MVEBU_SECURE_BOOT
1729 if (opts.sec_opts && (opts.sec_opts->encrypted_image != 0) &&
1730 (opts.sec_opts->enc_image_sz != 0)) {
1731 ret = write_boot_image(opts.sec_opts->encrypted_image,
1732 opts.sec_opts->enc_image_sz, out_fd);
1733 } else
1734#endif
1735 ret = write_boot_image(image_buf, image_size, out_fd);
1736 if (ret)
1737 goto main_exit;
1738
1739main_exit:
1740 if (in_fd)
1741 fclose(in_fd);
1742
1743 if (out_fd)
1744 fclose(out_fd);
1745
1746 if (image_buf)
1747 free(image_buf);
1748
1749 unlink(ext_file);
1750
1751#ifdef CONFIG_MVEBU_SECURE_BOOT
1752 if (opts.sec_opts) {
1753 if (opts.sec_opts->encrypted_image)
1754 free(opts.sec_opts->encrypted_image);
1755 free(opts.sec_opts);
1756 }
1757#endif
1758 exit(ret);
1759}