blob: 6fc23d5014e54e6fd14d9f3c5a2e4b4f9457a4a2 [file] [log] [blame]
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +02001/*
2 * Copyright (C) 2018 Marvell International Ltd.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 * https://spdx.org/licenses
6 */
7
8#include <stdlib.h>
9#include <stdio.h>
10#include <stdint.h>
11#include <stddef.h>
12#include <string.h>
13#include <unistd.h>
14#include <sys/stat.h>
15#include <sys/time.h>
16
17#ifdef CONFIG_MVEBU_SECURE_BOOT
18#include <libconfig.h> /* for parsing config file */
19
20#if !defined(MBEDTLS_CONFIG_FILE)
21#include "mbedtls/config.h"
22#else
23#include MBEDTLS_CONFIG_FILE
24#endif
25
26/* mbedTLS stuff */
27#if defined(MBEDTLS_BIGNUM_C) && defined(MBEDTLS_ENTROPY_C) && \
28 defined(MBEDTLS_SHA256_C) && \
29 defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO) && \
30 defined(MBEDTLS_CTR_DRBG_C)
31#include <mbedtls/error.h>
32#include <mbedtls/entropy.h>
33#include <mbedtls/ctr_drbg.h>
34#include <mbedtls/md.h>
35#include <mbedtls/pk.h>
36#include <mbedtls/sha256.h>
37#include <mbedtls/x509.h>
38#else
39#error "Bad mbedTLS configuration!"
40#endif
41#endif /* CONFIG_MVEBU_SECURE_BOOT */
42
43#define MAX_FILENAME 256
44#define CSK_ARR_SZ 16
45#define CSK_ARR_EMPTY_FILE "*"
46#define AES_KEY_BIT_LEN 256
47#define AES_KEY_BYTE_LEN (AES_KEY_BIT_LEN >> 3)
48#define AES_BLOCK_SZ 16
49#define RSA_SIGN_BYTE_LEN 256
50#define MAX_RSA_DER_BYTE_LEN 524
51/* Number of address pairs in control array */
52#define CP_CTRL_EL_ARRAY_SZ 32
53
54#define VERSION_STRING "Marvell(C) doimage utility version 3.2"
55
56/* A8K definitions */
57
58/* Extension header types */
59#define EXT_TYPE_SECURITY 0x1
60#define EXT_TYPE_BINARY 0x2
61
62#define MAIN_HDR_MAGIC 0xB105B002
63
64/* PROLOG alignment considerations:
65 * 128B: To allow supporting XMODEM protocol.
66 * 8KB: To align the boot image to the largest NAND page size, and simplify
67 * the read operations from NAND.
68 * We choose the largest page size, in order to use a single image for all
69 * NAND page sizes.
70 */
71#define PROLOG_ALIGNMENT (8 << 10)
72
73/* UART argument bitfield */
74#define UART_MODE_UNMODIFIED 0x0
75#define UART_MODE_DISABLE 0x1
76#define UART_MODE_UPDATE 0x2
77
78typedef struct _main_header {
79 uint32_t magic; /* 0-3 */
80 uint32_t prolog_size; /* 4-7 */
81 uint32_t prolog_checksum; /* 8-11 */
82 uint32_t boot_image_size; /* 12-15 */
83 uint32_t boot_image_checksum; /* 16-19 */
84 uint32_t rsrvd0; /* 20-23 */
85 uint32_t load_addr; /* 24-27 */
86 uint32_t exec_addr; /* 28-31 */
87 uint8_t uart_cfg; /* 32 */
88 uint8_t baudrate; /* 33 */
89 uint8_t ext_count; /* 34 */
90 uint8_t aux_flags; /* 35 */
91 uint32_t io_arg_0; /* 36-39 */
92 uint32_t io_arg_1; /* 40-43 */
93 uint32_t io_arg_2; /* 43-47 */
94 uint32_t io_arg_3; /* 48-51 */
95 uint32_t rsrvd1; /* 52-55 */
96 uint32_t rsrvd2; /* 56-59 */
97 uint32_t rsrvd3; /* 60-63 */
98} header_t;
99
100typedef struct _ext_header {
101 uint8_t type;
102 uint8_t offset;
103 uint16_t reserved;
104 uint32_t size;
105} ext_header_t;
106
107typedef struct _sec_entry {
108 uint8_t kak_key[MAX_RSA_DER_BYTE_LEN];
109 uint32_t jtag_delay;
110 uint32_t box_id;
111 uint32_t flash_id;
112 uint32_t jtag_en;
113 uint32_t encrypt_en;
114 uint32_t efuse_dis;
115 uint8_t header_sign[RSA_SIGN_BYTE_LEN];
116 uint8_t image_sign[RSA_SIGN_BYTE_LEN];
117 uint8_t csk_keys[CSK_ARR_SZ][MAX_RSA_DER_BYTE_LEN];
118 uint8_t csk_sign[RSA_SIGN_BYTE_LEN];
119 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ];
120 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ];
121} sec_entry_t;
122
123/* A8K definitions end */
124
125/* UART argument bitfield */
126#define UART_MODE_UNMODIFIED 0x0
127#define UART_MODE_DISABLE 0x1
128#define UART_MODE_UPDATE 0x2
129
130#define uart_set_mode(arg, mode) (arg |= (mode & 0x3))
131
132typedef struct _sec_options {
133#ifdef CONFIG_MVEBU_SECURE_BOOT
134 char aes_key_file[MAX_FILENAME+1];
135 char kak_key_file[MAX_FILENAME+1];
136 char csk_key_file[CSK_ARR_SZ][MAX_FILENAME+1];
137 uint32_t box_id;
138 uint32_t flash_id;
139 uint32_t jtag_delay;
140 uint8_t csk_index;
141 uint8_t jtag_enable;
142 uint8_t efuse_disable;
143 uint32_t cp_ctrl_arr[CP_CTRL_EL_ARRAY_SZ];
144 uint32_t cp_efuse_arr[CP_CTRL_EL_ARRAY_SZ];
145 mbedtls_pk_context kak_pk;
146 mbedtls_pk_context csk_pk[CSK_ARR_SZ];
147 uint8_t aes_key[AES_KEY_BYTE_LEN];
148 uint8_t *encrypted_image;
149 uint32_t enc_image_sz;
150#endif
151} sec_options;
152
153typedef struct _options {
154 char bin_ext_file[MAX_FILENAME+1];
155 char sec_cfg_file[MAX_FILENAME+1];
156 sec_options *sec_opts;
157 uint32_t load_addr;
158 uint32_t exec_addr;
159 uint32_t baudrate;
160 uint8_t disable_print;
161 int8_t key_index; /* For header signatures verification only */
162 uint32_t nfc_io_args;
163} options_t;
164
165void usage_err(char *msg)
166{
167 fprintf(stderr, "Error: %s\n", msg);
168 fprintf(stderr, "run 'doimage -h' to get usage information\n");
169 exit(-1);
170}
171
172void usage(void)
173{
174 printf("\n\n%s\n\n", VERSION_STRING);
175 printf("Usage: doimage [options] <input_file> [output_file]\n");
176 printf("create bootrom image from u-boot and boot extensions\n\n");
177
178 printf("Arguments\n");
179 printf(" input_file name of boot image file.\n");
180 printf(" if -p is used, name of the bootrom image file");
181 printf(" to parse.\n");
182 printf(" output_file name of output bootrom image file\n");
183
184 printf("\nOptions\n");
185 printf(" -s target SOC name. supports a8020,a7020\n");
186 printf(" different SOCs may have different boot image\n");
187 printf(" format so it's mandatory to know the target SOC\n");
188 printf(" -i boot I/F name. supports nand, spi, nor\n");
189 printf(" This affects certain parameters coded in the\n");
190 printf(" image header\n");
191 printf(" -l boot image load address. default is 0x0\n");
192 printf(" -e boot image entry address. default is 0x0\n");
193 printf(" -b binary extension image file.\n");
194 printf(" This image is executed before the boot image.\n");
195 printf(" This is typically used to initialize the memory ");
196 printf(" controller.\n");
197 printf(" Currently supports only a single file.\n");
198#ifdef CONFIG_MVEBU_SECURE_BOOT
199 printf(" -c Make trusted boot image using parameters\n");
200 printf(" from the configuration file.\n");
201#endif
202 printf(" -p Parse and display a pre-built boot image\n");
203#ifdef CONFIG_MVEBU_SECURE_BOOT
204 printf(" -k Key index for RSA signatures verification\n");
205 printf(" when parsing the boot image\n");
206#endif
207 printf(" -m Disable prints of bootrom and binary extension\n");
208 printf(" -u UART baudrate used for bootrom prints.\n");
209 printf(" Must be multiple of 1200\n");
210 printf(" -h Show this help message\n");
211 printf(" IO-ROM NFC-NAND boot parameters:\n");
212 printf(" -n NAND device block size in KB [Default is 64KB].\n");
213 printf(" -t NAND cell technology (SLC [Default] or MLC)\n");
214
215 exit(-1);
216}
217
218/* globals */
219options_t opts = {
220 .bin_ext_file = "NA",
221 .sec_cfg_file = "NA",
222 .sec_opts = 0,
223 .load_addr = 0x0,
224 .exec_addr = 0x0,
225 .disable_print = 0,
226 .baudrate = 0,
227 .key_index = -1,
228};
229
230int get_file_size(char *filename)
231{
232 struct stat st;
233
234 if (stat(filename, &st) == 0)
235 return st.st_size;
236
237 return -1;
238}
239
240uint32_t checksum32(uint32_t *start, int len)
241{
242 uint32_t sum = 0;
243 uint32_t *startp = start;
244
245 do {
246 sum += *startp;
247 startp++;
248 len -= 4;
249 } while (len > 0);
250
251 return sum;
252}
253
254/*******************************************************************************
255 * create_rsa_signature (memory buffer content)
256 * Create RSASSA-PSS/SHA-256 signature for memory buffer
257 * using RSA Private Key
258 * INPUT:
259 * pk_ctx Private Key context
260 * input memory buffer
261 * ilen buffer length
262 * pers personalization string for seeding the RNG.
263 * For instance a private key file name.
264 * OUTPUT:
265 * signature RSA-2048 signature
266 * RETURN:
267 * 0 on success
268 */
269#ifdef CONFIG_MVEBU_SECURE_BOOT
270int create_rsa_signature(mbedtls_pk_context *pk_ctx,
271 const unsigned char *input,
272 size_t ilen,
273 const char *pers,
274 uint8_t *signature)
275{
276 mbedtls_entropy_context entropy;
277 mbedtls_ctr_drbg_context ctr_drbg;
278 unsigned char hash[32];
279 unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
280 int rval;
281
282 /* Not sure this is required,
283 * but it's safer to start with empty buffers
284 */
285 memset(hash, 0, sizeof(hash));
286 memset(buf, 0, sizeof(buf));
287
288 mbedtls_ctr_drbg_init(&ctr_drbg);
289 mbedtls_entropy_init(&entropy);
290
291 /* Seed the random number generator */
292 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
293 (const unsigned char *)pers, strlen(pers));
294 if (rval != 0) {
295 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval);
296 goto sign_exit;
297 }
298
299 /* The PK context should be already initialized.
300 * Set the padding type for this PK context
301 */
302 mbedtls_rsa_set_padding(mbedtls_pk_rsa(*pk_ctx),
303 MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
304
305 /* First compute the SHA256 hash for the input blob */
306 mbedtls_sha256(input, ilen, hash, 0);
307
308 /* Then calculate the hash signature */
309 rval = mbedtls_rsa_rsassa_pss_sign(mbedtls_pk_rsa(*pk_ctx),
310 mbedtls_ctr_drbg_random,
311 &ctr_drbg,
312 MBEDTLS_RSA_PRIVATE,
313 MBEDTLS_MD_SHA256, 0, hash, buf);
314 if (rval != 0) {
315 fprintf(stderr,
316 "Failed to create RSA signature for %s. Error %d\n",
317 pers, rval);
318 goto sign_exit;
319 }
320 memcpy(signature, buf, 256);
321
322sign_exit:
323 mbedtls_ctr_drbg_free(&ctr_drbg);
324 mbedtls_entropy_free(&entropy);
325
326 return rval;
327} /* end of create_rsa_signature */
328
329/*******************************************************************************
330 * verify_rsa_signature (memory buffer content)
331 * Verify RSASSA-PSS/SHA-256 signature for memory buffer
332 * using RSA Public Key
333 * INPUT:
334 * pub_key Public Key buffer
335 * ilen Public Key buffer length
336 * input memory buffer
337 * ilen buffer length
338 * pers personalization string for seeding the RNG.
339 * signature RSA-2048 signature
340 * OUTPUT:
341 * none
342 * RETURN:
343 * 0 on success
344 */
345int verify_rsa_signature(const unsigned char *pub_key,
346 size_t klen,
347 const unsigned char *input,
348 size_t ilen,
349 const char *pers,
350 uint8_t *signature)
351{
352 mbedtls_entropy_context entropy;
353 mbedtls_ctr_drbg_context ctr_drbg;
354 mbedtls_pk_context pk_ctx;
355 unsigned char hash[32];
356 int rval;
357
358 /* Not sure this is required,
359 * but it's safer to start with empty buffer
360 */
361 memset(hash, 0, sizeof(hash));
362
363 mbedtls_pk_init(&pk_ctx);
364 mbedtls_ctr_drbg_init(&ctr_drbg);
365 mbedtls_entropy_init(&entropy);
366
367 /* Seed the random number generator */
368 rval = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
369 (const unsigned char *)pers, strlen(pers));
370 if (rval != 0) {
371 fprintf(stderr, " Failed in ctr_drbg_init call (%d)!\n", rval);
372 goto verify_exit;
373 }
374
375 /* Check ability to read the public key */
376 rval = mbedtls_pk_parse_public_key(&pk_ctx, pub_key,
377 MAX_RSA_DER_BYTE_LEN);
378 if (rval != 0) {
379 fprintf(stderr, " Failed in pk_parse_public_key (%#x)!\n",
380 rval);
381 goto verify_exit;
382 }
383
384 /* Set the padding type for the new PK context */
385 mbedtls_rsa_set_padding(mbedtls_pk_rsa(pk_ctx),
386 MBEDTLS_RSA_PKCS_V21,
387 MBEDTLS_MD_SHA256);
388
389 /* Compute the SHA256 hash for the input buffer */
390 mbedtls_sha256(input, ilen, hash, 0);
391
392 rval = mbedtls_rsa_rsassa_pss_verify(mbedtls_pk_rsa(pk_ctx),
393 mbedtls_ctr_drbg_random,
394 &ctr_drbg,
395 MBEDTLS_RSA_PUBLIC,
396 MBEDTLS_MD_SHA256, 0,
397 hash, signature);
398 if (rval != 0)
399 fprintf(stderr, "Failed to verify signature (%d)!\n", rval);
400
401verify_exit:
402
403 mbedtls_pk_free(&pk_ctx);
404 mbedtls_ctr_drbg_free(&ctr_drbg);
405 mbedtls_entropy_free(&entropy);
406 return rval;
407} /* end of verify_rsa_signature */
408
409/*******************************************************************************
410 * image_encrypt
411 * Encrypt image buffer using AES-256-CBC scheme.
412 * The resulting image is saved into opts.sec_opts->encrypted_image
413 * and the adjusted image size into opts.sec_opts->enc_image_sz
414 * First AES_BLOCK_SZ bytes of the output image contain IV
415 * INPUT:
416 * buf Source buffer to encrypt
417 * blen Source buffer length
418 * OUTPUT:
419 * none
420 * RETURN:
421 * 0 on success
422 */
423int image_encrypt(uint8_t *buf, uint32_t blen)
424{
425 struct timeval tv;
426 char *ptmp = (char *)&tv;
427 unsigned char digest[32];
428 unsigned char IV[AES_BLOCK_SZ];
429 int i, k;
430 mbedtls_aes_context aes_ctx;
431 int rval = -1;
432 uint8_t *test_img = 0;
433
434 if (AES_BLOCK_SZ > 32) {
435 fprintf(stderr, "Unsupported AES block size %d\n",
436 AES_BLOCK_SZ);
437 return rval;
438 }
439
440 mbedtls_aes_init(&aes_ctx);
441 memset(IV, 0, AES_BLOCK_SZ);
442 memset(digest, 0, 32);
443
444 /* Generate initialization vector and init the AES engine
445 * Use file name XOR current time and finally SHA-256
446 * [0...AES_BLOCK_SZ-1]
447 */
448 k = strlen(opts.sec_opts->aes_key_file);
449 if (k > AES_BLOCK_SZ)
450 k = AES_BLOCK_SZ;
451 memcpy(IV, opts.sec_opts->aes_key_file, k);
452 gettimeofday(&tv, 0);
453
454 for (i = 0, k = 0; i < AES_BLOCK_SZ; i++,
455 k = (k+1) % sizeof(struct timeval))
456 IV[i] ^= ptmp[k];
457
458 /* compute SHA-256 digest of the results
459 * and use it as the init vector (IV)
460 */
461 mbedtls_sha256(IV, AES_BLOCK_SZ, digest, 0);
462 memcpy(IV, digest, AES_BLOCK_SZ);
463 mbedtls_aes_setkey_enc(&aes_ctx, opts.sec_opts->aes_key,
464 AES_KEY_BIT_LEN);
465
466 /* The output image has to include extra space for IV
467 * and to be aligned to the AES block size.
468 * The input image buffer has to be already aligned to AES_BLOCK_SZ
469 * and padded with zeroes
470 */
471 opts.sec_opts->enc_image_sz = (blen + 2 * AES_BLOCK_SZ - 1) &
472 ~(AES_BLOCK_SZ - 1);
473 opts.sec_opts->encrypted_image = calloc(opts.sec_opts->enc_image_sz, 1);
474 if (opts.sec_opts->encrypted_image == 0) {
475 fprintf(stderr, "Failed to allocate encrypted image!\n");
476 goto encrypt_exit;
477 }
478
479 /* Put IV into the output buffer next to the encrypted image
480 * Since the IV is modified by the encryption function,
481 * this should be done now
482 */
483 memcpy(opts.sec_opts->encrypted_image +
484 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
485 IV, AES_BLOCK_SZ);
486 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT,
487 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
488 IV, buf, opts.sec_opts->encrypted_image);
489 if (rval != 0) {
490 fprintf(stderr, "Failed to encrypt the image! Error %d\n",
491 rval);
492 goto encrypt_exit;
493 }
494
495 mbedtls_aes_free(&aes_ctx);
496
497 /* Try to decrypt the image and compare it with the original data */
498 mbedtls_aes_init(&aes_ctx);
499 mbedtls_aes_setkey_dec(&aes_ctx, opts.sec_opts->aes_key,
500 AES_KEY_BIT_LEN);
501
502 test_img = calloc(opts.sec_opts->enc_image_sz - AES_BLOCK_SZ, 1);
503 if (test_img == 0) {
504 fprintf(stderr, "Failed to allocate test image!d\n");
505 rval = -1;
506 goto encrypt_exit;
507 }
508
509 memcpy(IV, opts.sec_opts->encrypted_image +
510 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
511 AES_BLOCK_SZ);
512 rval = mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT,
513 opts.sec_opts->enc_image_sz - AES_BLOCK_SZ,
514 IV, opts.sec_opts->encrypted_image, test_img);
515 if (rval != 0) {
516 fprintf(stderr, "Failed to decrypt the image! Error %d\n",
517 rval);
518 goto encrypt_exit;
519 }
520
521 for (i = 0; i < blen; i++) {
522 if (buf[i] != test_img[i]) {
523 fprintf(stderr, "Failed to compare the image after");
524 fprintf(stderr, " decryption! Byte count is %d\n", i);
525 rval = -1;
526 goto encrypt_exit;
527 }
528 }
529
530encrypt_exit:
531
532 mbedtls_aes_free(&aes_ctx);
533 if (test_img)
534 free(test_img);
535
536 return rval;
537} /* end of image_encrypt */
538
539/*******************************************************************************
540 * verify_secure_header_signatures
541 * Verify CSK array, header and image signatures and print results
542 * INPUT:
543 * main_hdr Main header
544 * sec_ext Secure extension
545 * OUTPUT:
546 * none
547 * RETURN:
548 * 0 on success
549 */
550int verify_secure_header_signatures(header_t *main_hdr, sec_entry_t *sec_ext)
551{
552 uint8_t *image = (uint8_t *)main_hdr + main_hdr->prolog_size;
553 uint8_t signature[RSA_SIGN_BYTE_LEN];
554 int rval = -1;
555
556 /* Save headers signature and reset it in the secure header */
557 memcpy(signature, sec_ext->header_sign, RSA_SIGN_BYTE_LEN);
558 memset(sec_ext->header_sign, 0, RSA_SIGN_BYTE_LEN);
559
560 fprintf(stdout, "\nCheck RSA Signatures\n");
561 fprintf(stdout, "#########################\n");
562 fprintf(stdout, "CSK Block Signature: ");
563 if (verify_rsa_signature(sec_ext->kak_key,
564 MAX_RSA_DER_BYTE_LEN,
565 &sec_ext->csk_keys[0][0],
566 sizeof(sec_ext->csk_keys),
567 "CSK Block Signature: ",
568 sec_ext->csk_sign) != 0) {
569 fprintf(stdout, "ERROR\n");
570 goto ver_error;
571 }
572 fprintf(stdout, "OK\n");
573
574 if (opts.key_index != -1) {
575 fprintf(stdout, "Image Signature: ");
576 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index],
577 MAX_RSA_DER_BYTE_LEN,
578 image, main_hdr->boot_image_size,
579 "Image Signature: ",
580 sec_ext->image_sign) != 0) {
581 fprintf(stdout, "ERROR\n");
582 goto ver_error;
583 }
584 fprintf(stdout, "OK\n");
585
586 fprintf(stdout, "Header Signature: ");
587 if (verify_rsa_signature(sec_ext->csk_keys[opts.key_index],
588 MAX_RSA_DER_BYTE_LEN,
589 (uint8_t *)main_hdr,
590 main_hdr->prolog_size,
591 "Header Signature: ",
592 signature) != 0) {
593 fprintf(stdout, "ERROR\n");
594 goto ver_error;
595 }
596 fprintf(stdout, "OK\n");
597 } else {
598 fprintf(stdout, "SKIP Image and Header Signatures");
599 fprintf(stdout, " check (undefined key index)\n");
600 }
601
602 rval = 0;
603
604ver_error:
605 memcpy(sec_ext->header_sign, signature, RSA_SIGN_BYTE_LEN);
606 return rval;
607}
608
609/*******************************************************************************
610 * verify_and_copy_file_name_entry
611 * INPUT:
612 * element_name
613 * element
614 * OUTPUT:
615 * copy_to
616 * RETURN:
617 * 0 on success
618 */
619int verify_and_copy_file_name_entry(const char *element_name,
620 const char *element, char *copy_to)
621{
622 int element_length = strlen(element);
623
624 if (element_length >= MAX_FILENAME) {
625 fprintf(stderr, "The file name %s for %s is too long (%d). ",
626 element, element_name, element_length);
627 fprintf(stderr, "Maximum allowed %d characters!\n",
628 MAX_FILENAME);
629 return -1;
630 } else if (element_length == 0) {
631 fprintf(stderr, "The file name for %s is empty!\n",
632 element_name);
633 return -1;
634 }
635 memcpy(copy_to, element, element_length);
636
637 return 0;
638}
639
640/*******************************************************************************
641 * parse_sec_config_file
642 * Read the secure boot configuration from a file
643 * into internal structures
644 * INPUT:
645 * filename File name
646 * OUTPUT:
647 * none
648 * RETURN:
649 * 0 on success
650 */
651int parse_sec_config_file(char *filename)
652{
653 config_t sec_cfg;
654 int array_sz, element, rval = -1;
655 const char *cfg_string;
656 int32_t cfg_int32;
657 const config_setting_t *csk_array, *control_array;
658 sec_options *sec_opt = 0;
659
660 config_init(&sec_cfg);
661
662 if (config_read_file(&sec_cfg, filename) != CONFIG_TRUE) {
663 fprintf(stderr, "Failed to read data from config file ");
664 fprintf(stderr, "%s\n\t%s at line %d\n",
665 filename, config_error_text(&sec_cfg),
666 config_error_line(&sec_cfg));
667 goto exit_parse;
668 }
669
670 sec_opt = (sec_options *)calloc(sizeof(sec_options), 1);
671 if (sec_opt == 0) {
672 fprintf(stderr,
673 "Cannot allocate memory for secure boot options!\n");
674 goto exit_parse;
675 }
676
677 /* KAK file name */
678 if (config_lookup_string(&sec_cfg, "kak_key_file",
679 &cfg_string) != CONFIG_TRUE) {
680 fprintf(stderr, "The \"kak_key_file\" undefined!\n");
681 goto exit_parse;
682 }
683 if (verify_and_copy_file_name_entry("kak_key_file",
684 cfg_string, sec_opt->kak_key_file))
685 goto exit_parse;
686
687
688 /* AES file name - can be empty/undefined */
689 if (config_lookup_string(&sec_cfg, "aes_key_file",
690 &cfg_string) == CONFIG_TRUE) {
691 if (verify_and_copy_file_name_entry("aes_key_file",
692 cfg_string,
693 sec_opt->aes_key_file))
694 goto exit_parse;
695 }
696
697 /* CSK file names array */
698 csk_array = config_lookup(&sec_cfg, "csk_key_file");
699 if (csk_array == NULL) {
700 fprintf(stderr, "The \"csk_key_file\" undefined!\n");
701 goto exit_parse;
702 }
703 array_sz = config_setting_length(csk_array);
704 if (array_sz > CSK_ARR_SZ) {
705 fprintf(stderr, "The \"csk_key_file\" array is too big! ");
706 fprintf(stderr, "Only first %d elements will be used\n",
707 CSK_ARR_SZ);
708 array_sz = CSK_ARR_SZ;
709 } else if (array_sz == 0) {
710 fprintf(stderr, "The \"csk_key_file\" array is empty!\n");
711 goto exit_parse;
712 }
713
714 for (element = 0; element < array_sz; element++) {
715 cfg_string = config_setting_get_string_elem(csk_array, element);
716 if (verify_and_copy_file_name_entry(
717 "csk_key_file", cfg_string,
718 sec_opt->csk_key_file[element])) {
719 fprintf(stderr, "Bad csk_key_file[%d] entry!\n",
720 element);
721 goto exit_parse;
722 }
723 }
724
725 /* JTAG options */
726 if (config_lookup_bool(&sec_cfg, "jtag.enable",
727 &cfg_int32) != CONFIG_TRUE) {
728 fprintf(stderr, "Error obtaining \"jtag.enable\" element. ");
729 fprintf(stderr, "Using default - FALSE\n");
730 cfg_int32 = 0;
731 }
732 sec_opt->jtag_enable = cfg_int32;
733
734 if (config_lookup_int(&sec_cfg, "jtag.delay",
735 &cfg_int32) != CONFIG_TRUE) {
736 fprintf(stderr, "Error obtaining \"jtag.delay\" element. ");
737 fprintf(stderr, "Using default - 0us\n");
738 cfg_int32 = 0;
739 }
740 sec_opt->jtag_delay = cfg_int32;
741
742 /* eFUSE option */
743 if (config_lookup_bool(&sec_cfg, "efuse_disable",
744 &cfg_int32) != CONFIG_TRUE) {
745 fprintf(stderr, "Error obtaining \"efuse_disable\" element. ");
746 fprintf(stderr, "Using default - TRUE\n");
747 cfg_int32 = 1;
748 }
749 sec_opt->efuse_disable = cfg_int32;
750
751 /* Box ID option */
752 if (config_lookup_int(&sec_cfg, "box_id", &cfg_int32) != CONFIG_TRUE) {
753 fprintf(stderr, "Error obtaining \"box_id\" element. ");
754 fprintf(stderr, "Using default - 0x0\n");
755 cfg_int32 = 0;
756 }
757 sec_opt->box_id = cfg_int32;
758
759 /* Flash ID option */
760 if (config_lookup_int(&sec_cfg, "flash_id",
761 &cfg_int32) != CONFIG_TRUE) {
762 fprintf(stderr, "Error obtaining \"flash_id\" element. ");
763 fprintf(stderr, "Using default - 0x0\n");
764 cfg_int32 = 0;
765 }
766 sec_opt->flash_id = cfg_int32;
767
768 /* CSK index option */
769 if (config_lookup_int(&sec_cfg, "csk_key_index",
770 &cfg_int32) != CONFIG_TRUE) {
Konstantin Porotchkincfa897e2018-08-16 13:57:18 +0300771 fprintf(stderr, "Error obtaining \"flash_id\" element. ");
Konstantin Porotchkinbf58b8a2018-02-26 16:28:40 +0200772 fprintf(stderr, "Using default - 0x0\n");
773 cfg_int32 = 0;
774 }
775 sec_opt->csk_index = cfg_int32;
776
777 /* Secure boot control array */
778 control_array = config_lookup(&sec_cfg, "control");
779 if (control_array != NULL) {
780 array_sz = config_setting_length(control_array);
781 if (array_sz == 0)
782 fprintf(stderr, "The \"control\" array is empty!\n");
783 } else {
784 fprintf(stderr, "The \"control\" is undefined!\n");
785 array_sz = 0;
786 }
787
788 for (element = 0; element < CP_CTRL_EL_ARRAY_SZ; element++) {
789 sec_opt->cp_ctrl_arr[element] =
790 config_setting_get_int_elem(control_array, element * 2);
791 sec_opt->cp_efuse_arr[element] =
792 config_setting_get_int_elem(control_array,
793 element * 2 + 1);
794 }
795
796 opts.sec_opts = sec_opt;
797 rval = 0;
798
799exit_parse:
800 config_destroy(&sec_cfg);
801 if (sec_opt && (rval != 0))
802 free(sec_opt);
803 return rval;
804} /* end of parse_sec_config_file */
805
806int format_sec_ext(char *filename, FILE *out_fd)
807{
808 ext_header_t header;
809 sec_entry_t sec_ext;
810 int index;
811 int written;
812
813#define DER_BUF_SZ 1600
814
815 /* First, parse the configuration file */
816 if (parse_sec_config_file(filename)) {
817 fprintf(stderr,
818 "failed parsing configuration file %s\n", filename);
819 return 1;
820 }
821
822 /* Everything except signatures can be created at this stage */
823 header.type = EXT_TYPE_SECURITY;
824 header.offset = 0;
825 header.size = sizeof(sec_entry_t);
826 header.reserved = 0;
827
828 /* Bring up RSA context and read private keys from their files */
829 for (index = 0; index < (CSK_ARR_SZ + 1); index++) {
830 /* for every private key file */
831 mbedtls_pk_context *pk_ctx = (index == CSK_ARR_SZ) ?
832 &opts.sec_opts->kak_pk :
833 &opts.sec_opts->csk_pk[index];
834 char *fname = (index == CSK_ARR_SZ) ?
835 opts.sec_opts->kak_key_file :
836 opts.sec_opts->csk_key_file[index];
837 uint8_t *out_der_key = (index == CSK_ARR_SZ) ?
838 sec_ext.kak_key :
839 sec_ext.csk_keys[index];
840 size_t output_len;
841 unsigned char output_buf[DER_BUF_SZ];
842 unsigned char *der_buf_start;
843
844 /* Handle invalid/reserved file names */
845 if (strncmp(CSK_ARR_EMPTY_FILE, fname,
846 strlen(CSK_ARR_EMPTY_FILE)) == 0) {
847 if (opts.sec_opts->csk_index == index) {
848 fprintf(stderr,
849 "CSK file with index %d cannot be %s\n",
850 index, CSK_ARR_EMPTY_FILE);
851 return 1;
852 } else if (index == CSK_ARR_SZ) {
853 fprintf(stderr, "KAK file name cannot be %s\n",
854 CSK_ARR_EMPTY_FILE);
855 return 1;
856 }
857 /* this key will be empty in CSK array */
858 continue;
859 }
860
861 mbedtls_pk_init(pk_ctx);
862 /* Read the private RSA key into the context
863 * and verify it (no password)
864 */
865 if (mbedtls_pk_parse_keyfile(pk_ctx, fname, "") != 0) {
866 fprintf(stderr,
867 "Cannot read RSA private key file %s\n", fname);
868 return 1;
869 }
870
871 /* Create a public key out of private one
872 * and store it in DER format
873 */
874 output_len = mbedtls_pk_write_pubkey_der(pk_ctx,
875 output_buf,
876 DER_BUF_SZ);
877 if (output_len < 0) {
878 fprintf(stderr,
879 "Failed to create DER coded PUB key (%s)\n",
880 fname);
881 return 1;
882 }
883 /* Data in the output buffer is aligned to the buffer end */
884 der_buf_start = output_buf + sizeof(output_buf) - output_len;
885 /* In the header DER data is aligned
886 * to the start of appropriate field
887 */
888 memcpy(out_der_key, der_buf_start, output_len);
889
890 } /* for every private key file */
891
892 /* The CSK block signature can be created here */
893 if (create_rsa_signature(&opts.sec_opts->kak_pk,
894 &sec_ext.csk_keys[0][0],
895 sizeof(sec_ext.csk_keys),
896 opts.sec_opts->csk_key_file[
897 opts.sec_opts->csk_index],
898 sec_ext.csk_sign) != 0) {
899 fprintf(stderr, "Failed to sign CSK keys block!\n");
900 return 1;
901 }
902 /* Check that everything is correct */
903 if (verify_rsa_signature(sec_ext.kak_key, MAX_RSA_DER_BYTE_LEN,
904 &sec_ext.csk_keys[0][0],
905 sizeof(sec_ext.csk_keys),
906 opts.sec_opts->kak_key_file,
907 sec_ext.csk_sign) != 0) {
908 fprintf(stderr, "Failed to verify CSK keys block signature!\n");
909 return 1;
910 }
911
912 /* AES encryption stuff */
913 if (strlen(opts.sec_opts->aes_key_file) != 0) {
914 FILE *in_fd;
915
916 in_fd = fopen(opts.sec_opts->aes_key_file, "rb");
917 if (in_fd == NULL) {
918 fprintf(stderr, "Failed to open AES key file %s\n",
919 opts.sec_opts->aes_key_file);
920 return 1;
921 }
922
923 /* Read the AES key in ASCII format byte by byte */
924 for (index = 0; index < AES_KEY_BYTE_LEN; index++) {
925 if (fscanf(in_fd, "%02hhx",
926 opts.sec_opts->aes_key + index) != 1) {
927 fprintf(stderr,
928 "Failed to read AES key byte %d ",
929 index);
930 fprintf(stderr,
931 "from file %s\n",
932 opts.sec_opts->aes_key_file);
933 fclose(in_fd);
934 return 1;
935 }
936 }
937 fclose(in_fd);
938 sec_ext.encrypt_en = 1;
939 } else {
940 sec_ext.encrypt_en = 0;
941 }
942
943 /* Fill the rest of the trusted boot extension fields */
944 sec_ext.box_id = opts.sec_opts->box_id;
945 sec_ext.flash_id = opts.sec_opts->flash_id;
946 sec_ext.efuse_dis = opts.sec_opts->efuse_disable;
947 sec_ext.jtag_delay = opts.sec_opts->jtag_delay;
948 sec_ext.jtag_en = opts.sec_opts->jtag_enable;
949
950 memcpy(sec_ext.cp_ctrl_arr,
951 opts.sec_opts->cp_ctrl_arr,
952 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ);
953 memcpy(sec_ext.cp_efuse_arr,
954 opts.sec_opts->cp_efuse_arr,
955 sizeof(uint32_t) * CP_CTRL_EL_ARRAY_SZ);
956
957 /* Write the resulting extension to file
958 * (image and header signature fields are still empty)
959 */
960
961 /* Write extension header */
962 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd);
963 if (written != 1) {
964 fprintf(stderr,
965 "Failed to write SEC extension header to the file\n");
966 return 1;
967 }
968 /* Write extension body */
969 written = fwrite(&sec_ext, sizeof(sec_entry_t), 1, out_fd);
970 if (written != 1) {
971 fprintf(stderr,
972 "Failed to write SEC extension body to the file\n");
973 return 1;
974 }
975
976 return 0;
977}
978
979/*******************************************************************************
980 * finalize_secure_ext
981 * Make final changes to secure extension - calculate image and header
982 * signatures and encrypt the image if needed.
983 * The main header checksum and image size fields updated accordingly
984 * INPUT:
985 * header Main header
986 * prolog_buf the entire prolog buffer
987 * prolog_size prolog buffer length
988 * image_buf buffer containing the input binary image
989 * image_size image buffer size.
990 * OUTPUT:
991 * none
992 * RETURN:
993 * 0 on success
994 */
995int finalize_secure_ext(header_t *header,
996 uint8_t *prolog_buf, uint32_t prolog_size,
997 uint8_t *image_buf, int image_size)
998{
999 int cur_ext, offset;
1000 uint8_t *final_image = image_buf;
1001 uint32_t final_image_sz = image_size;
1002 uint8_t hdr_sign[RSA_SIGN_BYTE_LEN];
1003 sec_entry_t *sec_ext = 0;
1004
1005 /* Find the Trusted Boot Header between available extensions */
1006 for (cur_ext = 0, offset = sizeof(header_t);
1007 cur_ext < header->ext_count; cur_ext++) {
1008 ext_header_t *ext_hdr = (ext_header_t *)(prolog_buf + offset);
1009
1010 if (ext_hdr->type == EXT_TYPE_SECURITY) {
1011 sec_ext = (sec_entry_t *)(prolog_buf + offset +
1012 sizeof(ext_header_t) + ext_hdr->offset);
1013 break;
1014 }
1015
1016 offset += sizeof(ext_header_t);
1017 /* If offset is Zero, the extension follows its header */
1018 if (ext_hdr->offset == 0)
1019 offset += ext_hdr->size;
1020 }
1021
1022 if (sec_ext == 0) {
1023 fprintf(stderr, "Error: No Trusted Boot extension found!\n");
1024 return -1;
1025 }
1026
1027 if (sec_ext->encrypt_en) {
1028 /* Encrypt the image if needed */
1029 fprintf(stdout, "Encrypting the image...\n");
1030
1031 if (image_encrypt(image_buf, image_size) != 0) {
1032 fprintf(stderr, "Failed to encrypt the image!\n");
1033 return -1;
1034 }
1035
1036 /* Image size and checksum should be updated after encryption.
1037 * This way the image could be verified by the BootROM
1038 * before decryption.
1039 */
1040 final_image = opts.sec_opts->encrypted_image;
1041 final_image_sz = opts.sec_opts->enc_image_sz;
1042
1043 header->boot_image_size = final_image_sz;
1044 header->boot_image_checksum =
1045 checksum32((uint32_t *)final_image, final_image_sz);
1046 } /* AES encryption */
1047
1048 /* Create the image signature first, since it will be later
1049 * signed along with the header signature
1050 */
1051 if (create_rsa_signature(&opts.sec_opts->csk_pk[
1052 opts.sec_opts->csk_index],
1053 final_image, final_image_sz,
1054 opts.sec_opts->csk_key_file[
1055 opts.sec_opts->csk_index],
1056 sec_ext->image_sign) != 0) {
1057 fprintf(stderr, "Failed to sign image!\n");
1058 return -1;
1059 }
1060 /* Check that the image signature is correct */
1061 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index],
1062 MAX_RSA_DER_BYTE_LEN,
1063 final_image, final_image_sz,
1064 opts.sec_opts->csk_key_file[
1065 opts.sec_opts->csk_index],
1066 sec_ext->image_sign) != 0) {
1067 fprintf(stderr, "Failed to verify image signature!\n");
1068 return -1;
1069 }
1070
1071 /* Sign the headers and all the extensions block
1072 * when the header signature field is empty
1073 */
1074 if (create_rsa_signature(&opts.sec_opts->csk_pk[
1075 opts.sec_opts->csk_index],
1076 prolog_buf, prolog_size,
1077 opts.sec_opts->csk_key_file[
1078 opts.sec_opts->csk_index],
1079 hdr_sign) != 0) {
1080 fprintf(stderr, "Failed to sign header!\n");
1081 return -1;
1082 }
1083 /* Check that the header signature is correct */
1084 if (verify_rsa_signature(sec_ext->csk_keys[opts.sec_opts->csk_index],
1085 MAX_RSA_DER_BYTE_LEN,
1086 prolog_buf, prolog_size,
1087 opts.sec_opts->csk_key_file[
1088 opts.sec_opts->csk_index],
1089 hdr_sign) != 0) {
1090 fprintf(stderr, "Failed to verify header signature!\n");
1091 return -1;
1092 }
1093
1094 /* Finally, copy the header signature into the trusted boot extension */
1095 memcpy(sec_ext->header_sign, hdr_sign, RSA_SIGN_BYTE_LEN);
1096
1097 return 0;
1098}
1099
1100#endif /* CONFIG_MVEBU_SECURE_BOOT */
1101
1102
1103#define FMT_HEX 0
1104#define FMT_DEC 1
1105#define FMT_BIN 2
1106#define FMT_NONE 3
1107
1108void do_print_field(unsigned int value, char *name,
1109 int start, int size, int format)
1110{
1111 fprintf(stdout, "[0x%05x : 0x%05x] %-26s",
1112 start, start + size - 1, name);
1113
1114 switch (format) {
1115 case FMT_HEX:
1116 printf("0x%x\n", value);
1117 break;
1118 case FMT_DEC:
1119 printf("%d\n", value);
1120 break;
1121 default:
1122 printf("\n");
1123 break;
1124 }
1125}
1126
1127#define print_field(st, type, field, hex, base) \
1128 do_print_field((int)st->field, #field, \
1129 base + offsetof(type, field), sizeof(st->field), hex)
1130
1131int print_header(uint8_t *buf, int base)
1132{
1133 header_t *main_hdr;
1134
1135 main_hdr = (header_t *)buf;
1136
1137 fprintf(stdout, "########### Header ##############\n");
1138 print_field(main_hdr, header_t, magic, FMT_HEX, base);
1139 print_field(main_hdr, header_t, prolog_size, FMT_DEC, base);
1140 print_field(main_hdr, header_t, prolog_checksum, FMT_HEX, base);
1141 print_field(main_hdr, header_t, boot_image_size, FMT_DEC, base);
1142 print_field(main_hdr, header_t, boot_image_checksum, FMT_HEX, base);
1143 print_field(main_hdr, header_t, rsrvd0, FMT_HEX, base);
1144 print_field(main_hdr, header_t, load_addr, FMT_HEX, base);
1145 print_field(main_hdr, header_t, exec_addr, FMT_HEX, base);
1146 print_field(main_hdr, header_t, uart_cfg, FMT_HEX, base);
1147 print_field(main_hdr, header_t, baudrate, FMT_HEX, base);
1148 print_field(main_hdr, header_t, ext_count, FMT_DEC, base);
1149 print_field(main_hdr, header_t, aux_flags, FMT_HEX, base);
1150 print_field(main_hdr, header_t, io_arg_0, FMT_HEX, base);
1151 print_field(main_hdr, header_t, io_arg_1, FMT_HEX, base);
1152 print_field(main_hdr, header_t, io_arg_2, FMT_HEX, base);
1153 print_field(main_hdr, header_t, io_arg_3, FMT_HEX, base);
1154 print_field(main_hdr, header_t, rsrvd1, FMT_HEX, base);
1155 print_field(main_hdr, header_t, rsrvd2, FMT_HEX, base);
1156 print_field(main_hdr, header_t, rsrvd3, FMT_HEX, base);
1157
1158 return sizeof(header_t);
1159}
1160
1161int print_ext_hdr(ext_header_t *ext_hdr, int base)
1162{
1163 print_field(ext_hdr, ext_header_t, type, FMT_HEX, base);
1164 print_field(ext_hdr, ext_header_t, offset, FMT_HEX, base);
1165 print_field(ext_hdr, ext_header_t, reserved, FMT_HEX, base);
1166 print_field(ext_hdr, ext_header_t, size, FMT_DEC, base);
1167
1168 return base + sizeof(ext_header_t);
1169}
1170
1171void print_sec_ext(ext_header_t *ext_hdr, int base)
1172{
1173 sec_entry_t *sec_entry;
1174 uint32_t new_base;
1175
1176 fprintf(stdout, "\n########### Secure extension ###########\n");
1177
1178 new_base = print_ext_hdr(ext_hdr, base);
1179
1180 sec_entry = (sec_entry_t *)(ext_hdr + 1);
1181
1182 do_print_field(0, "KAK key", new_base, MAX_RSA_DER_BYTE_LEN, FMT_NONE);
1183 new_base += MAX_RSA_DER_BYTE_LEN;
1184 print_field(sec_entry, sec_entry_t, jtag_delay, FMT_DEC, base);
1185 print_field(sec_entry, sec_entry_t, box_id, FMT_HEX, base);
1186 print_field(sec_entry, sec_entry_t, flash_id, FMT_HEX, base);
1187 print_field(sec_entry, sec_entry_t, encrypt_en, FMT_DEC, base);
1188 print_field(sec_entry, sec_entry_t, efuse_dis, FMT_DEC, base);
1189 new_base += 6 * sizeof(uint32_t);
1190 do_print_field(0, "header signature",
1191 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1192 new_base += RSA_SIGN_BYTE_LEN;
1193 do_print_field(0, "image signature",
1194 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1195 new_base += RSA_SIGN_BYTE_LEN;
1196 do_print_field(0, "CSK keys", new_base,
1197 CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN, FMT_NONE);
1198 new_base += CSK_ARR_SZ * MAX_RSA_DER_BYTE_LEN;
1199 do_print_field(0, "CSK block signature",
1200 new_base, RSA_SIGN_BYTE_LEN, FMT_NONE);
1201 new_base += RSA_SIGN_BYTE_LEN;
1202 do_print_field(0, "control", new_base,
1203 CP_CTRL_EL_ARRAY_SZ * 2, FMT_NONE);
1204
1205}
1206
1207void print_bin_ext(ext_header_t *ext_hdr, int base)
1208{
1209 fprintf(stdout, "\n########### Binary extension ###########\n");
1210 base = print_ext_hdr(ext_hdr, base);
1211 do_print_field(0, "binary image", base, ext_hdr->size, FMT_NONE);
1212}
1213
1214int print_extension(void *buf, int base, int count, int ext_size)
1215{
1216 ext_header_t *ext_hdr = buf;
1217 int pad = ext_size;
1218 int curr_size;
1219
1220 while (count--) {
1221 if (ext_hdr->type == EXT_TYPE_BINARY)
1222 print_bin_ext(ext_hdr, base);
1223 else if (ext_hdr->type == EXT_TYPE_SECURITY)
1224 print_sec_ext(ext_hdr, base);
1225
1226 curr_size = sizeof(ext_header_t) + ext_hdr->size;
1227 base += curr_size;
1228 pad -= curr_size;
1229 ext_hdr = (ext_header_t *)((uintptr_t)ext_hdr + curr_size);
1230 }
1231
1232 if (pad)
1233 do_print_field(0, "padding", base, pad, FMT_NONE);
1234
1235 return ext_size;
1236}
1237
1238int parse_image(uint8_t *buf, int size)
1239{
1240 int base = 0;
1241 int ret = 1;
1242 header_t *main_hdr;
1243 uint32_t checksum, prolog_checksum;
1244
1245
1246 fprintf(stdout,
1247 "################### Prolog Start ######################\n\n");
1248 main_hdr = (header_t *)buf;
1249 base += print_header(buf, base);
1250
1251 if (main_hdr->ext_count)
1252 base += print_extension(buf + base, base,
1253 main_hdr->ext_count,
1254 main_hdr->prolog_size -
1255 sizeof(header_t));
1256
1257 if (base < main_hdr->prolog_size) {
1258 fprintf(stdout, "\n########### Padding ##############\n");
1259 do_print_field(0, "prolog padding",
1260 base, main_hdr->prolog_size - base, FMT_HEX);
1261 base = main_hdr->prolog_size;
1262 }
1263 fprintf(stdout,
1264 "\n################### Prolog End ######################\n");
1265
1266 fprintf(stdout,
1267 "\n################### Boot image ######################\n");
1268
1269 do_print_field(0, "boot image", base, size - base - 4, FMT_NONE);
1270
1271 fprintf(stdout,
1272 "################### Image end ########################\n");
1273
1274 /* Check sanity for certain values */
1275 printf("\nChecking values:\n");
1276
1277 if (main_hdr->magic == MAIN_HDR_MAGIC) {
1278 fprintf(stdout, "Headers magic: OK!\n");
1279 } else {
1280 fprintf(stderr,
1281 "\n****** ERROR: HEADER MAGIC 0x%08x != 0x%08x\n",
1282 main_hdr->magic, MAIN_HDR_MAGIC);
1283 goto error;
1284 }
1285
1286 /* headers checksum */
1287 /* clear the checksum field in header to calculate checksum */
1288 prolog_checksum = main_hdr->prolog_checksum;
1289 main_hdr->prolog_checksum = 0;
1290 checksum = checksum32((uint32_t *)buf, main_hdr->prolog_size);
1291
1292 if (checksum == prolog_checksum) {
1293 fprintf(stdout, "Headers checksum: OK!\n");
1294 } else {
1295 fprintf(stderr,
1296 "\n***** ERROR: BAD HEADER CHECKSUM 0x%08x != 0x%08x\n",
1297 checksum, prolog_checksum);
1298 goto error;
1299 }
1300
1301 /* boot image checksum */
1302 checksum = checksum32((uint32_t *)(buf + main_hdr->prolog_size),
1303 main_hdr->boot_image_size);
1304 if (checksum == main_hdr->boot_image_checksum) {
1305 fprintf(stdout, "Image checksum: OK!\n");
1306 } else {
1307 fprintf(stderr,
1308 "\n****** ERROR: BAD IMAGE CHECKSUM 0x%08x != 0x%08x\n",
1309 checksum, main_hdr->boot_image_checksum);
1310 goto error;
1311 }
1312
1313#ifdef CONFIG_MVEBU_SECURE_BOOT
1314 /* RSA signatures */
1315 if (main_hdr->ext_count) {
1316 uint8_t ext_num = main_hdr->ext_count;
1317 ext_header_t *ext_hdr = (ext_header_t *)(main_hdr + 1);
1318 unsigned char hash[32];
1319 int i;
1320
1321 while (ext_num--) {
1322 if (ext_hdr->type == EXT_TYPE_SECURITY) {
1323 sec_entry_t *sec_entry =
1324 (sec_entry_t *)(ext_hdr + 1);
1325
1326 ret = verify_secure_header_signatures(
1327 main_hdr, sec_entry);
1328 if (ret != 0) {
1329 fprintf(stderr,
1330 "\n****** FAILED TO VERIFY ");
1331 fprintf(stderr,
1332 "RSA SIGNATURES ********\n");
1333 goto error;
1334 }
1335
1336 mbedtls_sha256(sec_entry->kak_key,
1337 MAX_RSA_DER_BYTE_LEN, hash, 0);
1338 fprintf(stdout,
1339 ">>>>>>>>>> KAK KEY HASH >>>>>>>>>>\n");
1340 fprintf(stdout, "SHA256: ");
1341 for (i = 0; i < 32; i++)
1342 fprintf(stdout, "%02X", hash[i]);
1343
1344 fprintf(stdout,
1345 "\n<<<<<<<<< KAK KEY HASH <<<<<<<<<\n");
1346
1347 break;
1348 }
1349 ext_hdr =
1350 (ext_header_t *)((uint8_t *)(ext_hdr + 1) +
1351 ext_hdr->size);
1352 }
1353 }
1354#endif
1355
1356 ret = 0;
1357error:
1358 return ret;
1359}
1360
1361int format_bin_ext(char *filename, FILE *out_fd)
1362{
1363 ext_header_t header;
1364 FILE *in_fd;
1365 int size, written;
1366 int aligned_size, pad_bytes;
1367 char c;
1368
1369 in_fd = fopen(filename, "rb");
1370 if (in_fd == NULL) {
1371 fprintf(stderr, "failed to open bin extension file %s\n",
1372 filename);
1373 return 1;
1374 }
1375
1376 size = get_file_size(filename);
1377 if (size <= 0) {
1378 fprintf(stderr, "bin extension file size is bad\n");
1379 return 1;
1380 }
1381
1382 /* Align extension size to 8 bytes */
1383 aligned_size = (size + 7) & (~7);
1384 pad_bytes = aligned_size - size;
1385
1386 header.type = EXT_TYPE_BINARY;
1387 header.offset = 0;
1388 header.size = aligned_size;
1389 header.reserved = 0;
1390
1391 /* Write header */
1392 written = fwrite(&header, sizeof(ext_header_t), 1, out_fd);
1393 if (written != 1) {
1394 fprintf(stderr, "failed writing header to extension file\n");
1395 return 1;
1396 }
1397
1398 /* Write image */
1399 while (size--) {
1400 c = getc(in_fd);
1401 fputc(c, out_fd);
1402 }
1403
1404 while (pad_bytes--)
1405 fputc(0, out_fd);
1406
1407 fclose(in_fd);
1408
1409 return 0;
1410}
1411
1412/* ****************************************
1413 *
1414 * Write all extensions (binary, secure
1415 * extensions) to file
1416 *
1417 * ****************************************/
1418
1419int format_extensions(char *ext_filename)
1420{
1421 FILE *out_fd;
1422 int ret = 0;
1423
1424 out_fd = fopen(ext_filename, "wb");
1425 if (out_fd == NULL) {
1426 fprintf(stderr, "failed to open extension output file %s",
1427 ext_filename);
1428 return 1;
1429 }
1430
1431 if (strncmp(opts.bin_ext_file, "NA", MAX_FILENAME)) {
1432 if (format_bin_ext(opts.bin_ext_file, out_fd)) {
1433 ret = 1;
1434 goto error;
1435 }
1436 }
1437#ifdef CONFIG_MVEBU_SECURE_BOOT
1438 if (strncmp(opts.sec_cfg_file, "NA", MAX_FILENAME)) {
1439 if (format_sec_ext(opts.sec_cfg_file, out_fd)) {
1440 ret = 1;
1441 goto error;
1442 }
1443 }
1444#endif
1445
1446error:
1447 fflush(out_fd);
1448 fclose(out_fd);
1449 return ret;
1450}
1451
1452void update_uart(header_t *header)
1453{
1454 header->uart_cfg = 0;
1455 header->baudrate = 0;
1456
1457 if (opts.disable_print)
1458 uart_set_mode(header->uart_cfg, UART_MODE_DISABLE);
1459
1460 if (opts.baudrate)
1461 header->baudrate = (opts.baudrate / 1200);
1462}
1463
1464/* ****************************************
1465 *
1466 * Write the image prolog, i.e.
1467 * main header and extensions, to file
1468 *
1469 * ****************************************/
1470
1471int write_prolog(int ext_cnt, char *ext_filename,
1472 uint8_t *image_buf, int image_size, FILE *out_fd)
1473{
1474 header_t *header;
1475 int main_hdr_size = sizeof(header_t);
1476 int prolog_size = main_hdr_size;
1477 FILE *ext_fd;
1478 char *buf;
1479 int written, read;
1480 int ret = 1;
1481
1482
1483 if (ext_cnt)
1484 prolog_size += get_file_size(ext_filename);
1485
1486 prolog_size = ((prolog_size + PROLOG_ALIGNMENT) &
1487 (~(PROLOG_ALIGNMENT-1)));
1488
1489 /* Allocate a zeroed buffer to zero the padding bytes */
1490 buf = calloc(prolog_size, 1);
1491 if (buf == NULL) {
1492 fprintf(stderr, "Error: failed allocating checksum buffer\n");
1493 return 1;
1494 }
1495
1496 header = (header_t *)buf;
1497 header->magic = MAIN_HDR_MAGIC;
1498 header->prolog_size = prolog_size;
1499 header->load_addr = opts.load_addr;
1500 header->exec_addr = opts.exec_addr;
1501 header->io_arg_0 = opts.nfc_io_args;
1502 header->ext_count = ext_cnt;
1503 header->aux_flags = 0;
1504 header->boot_image_size = (image_size + 3) & (~0x3);
1505 header->boot_image_checksum = checksum32((uint32_t *)image_buf,
1506 image_size);
1507
1508 update_uart(header);
1509
1510 /* Populate buffer with main header and extensions */
1511 if (ext_cnt) {
1512 ext_fd = fopen(ext_filename, "rb");
1513 if (ext_fd == NULL) {
1514 fprintf(stderr,
1515 "Error: failed to open extensions file\n");
1516 goto error;
1517 }
1518
1519 read = fread(&buf[main_hdr_size],
1520 get_file_size(ext_filename), 1, ext_fd);
1521 if (read != 1) {
1522 fprintf(stderr,
1523 "Error: failed to open extensions file\n");
1524 goto error;
1525 }
1526
1527#ifdef CONFIG_MVEBU_SECURE_BOOT
1528 /* Secure boot mode? */
1529 if (opts.sec_opts != 0) {
1530 ret = finalize_secure_ext(header, (uint8_t *)buf,
1531 prolog_size, image_buf,
1532 image_size);
1533 if (ret != 0) {
1534 fprintf(stderr, "Error: failed to handle ");
1535 fprintf(stderr, "secure extension!\n");
1536 goto error;
1537 }
1538 } /* secure boot mode */
1539#endif
1540 }
1541
1542 /* Update the total prolog checksum */
1543 header->prolog_checksum = checksum32((uint32_t *)buf, prolog_size);
1544
1545 /* Now spill everything to output file */
1546 written = fwrite(buf, prolog_size, 1, out_fd);
1547 if (written != 1) {
1548 fprintf(stderr,
1549 "Error: failed to write prolog to output file\n");
1550 goto error;
1551 }
1552
1553 ret = 0;
1554
1555error:
1556 free(buf);
1557 return ret;
1558}
1559
1560int write_boot_image(uint8_t *buf, uint32_t image_size, FILE *out_fd)
1561{
1562 int aligned_size;
1563 int written;
1564
1565 /* Image size must be aligned to 4 bytes */
1566 aligned_size = (image_size + 3) & (~0x3);
1567
1568 written = fwrite(buf, aligned_size, 1, out_fd);
1569 if (written != 1) {
1570 fprintf(stderr, "Error: Failed to write boot image\n");
1571 goto error;
1572 }
1573
1574 return 0;
1575error:
1576 return 1;
1577}
1578
1579int main(int argc, char *argv[])
1580{
1581 char in_file[MAX_FILENAME+1];
1582 char out_file[MAX_FILENAME+1];
1583 char ext_file[MAX_FILENAME+1];
1584 FILE *in_fd = NULL;
1585 FILE *out_fd = NULL;
1586 int parse = 0;
1587 int ext_cnt = 0;
1588 int opt;
1589 int ret = 0;
1590 int image_size;
1591 uint8_t *image_buf = NULL;
1592 int read;
1593 uint32_t nand_block_size_kb, mlc_nand;
1594
1595 /* Create temporary file for building extensions
1596 * Use process ID for allowing multiple parallel runs
1597 */
1598 snprintf(ext_file, MAX_FILENAME, "/tmp/ext_file-%x", getpid());
1599
1600 while ((opt = getopt(argc, argv, "hpms:i:l:e:a:b:u:n:t:c:k:")) != -1) {
1601 switch (opt) {
1602 case 'h':
1603 usage();
1604 break;
1605 case 'l':
1606 opts.load_addr = strtoul(optarg, NULL, 0);
1607 break;
1608 case 'e':
1609 opts.exec_addr = strtoul(optarg, NULL, 0);
1610 break;
1611 case 'm':
1612 opts.disable_print = 1;
1613 break;
1614 case 'u':
1615 opts.baudrate = strtoul(optarg, NULL, 0);
1616 break;
1617 case 'b':
1618 strncpy(opts.bin_ext_file, optarg, MAX_FILENAME);
1619 ext_cnt++;
1620 break;
1621 case 'p':
1622 parse = 1;
1623 break;
1624 case 'n':
1625 nand_block_size_kb = strtoul(optarg, NULL, 0);
1626 opts.nfc_io_args |= (nand_block_size_kb / 64);
1627 break;
1628 case 't':
1629 mlc_nand = 0;
1630 if (!strncmp("MLC", optarg, 3))
1631 mlc_nand = 1;
1632 opts.nfc_io_args |= (mlc_nand << 8);
1633 break;
1634#ifdef CONFIG_MVEBU_SECURE_BOOT
1635 case 'c': /* SEC extension */
1636 strncpy(opts.sec_cfg_file, optarg, MAX_FILENAME);
1637 ext_cnt++;
1638 break;
1639 case 'k':
1640 opts.key_index = strtoul(optarg, NULL, 0);
1641 break;
1642#endif
1643 default: /* '?' */
1644 usage_err("Unknown argument");
1645 exit(EXIT_FAILURE);
1646 }
1647 }
1648
1649 /* Check validity of inputes */
1650 if (opts.load_addr % 8)
1651 usage_err("Load address must be 8 bytes aligned");
1652
1653 if (opts.baudrate % 1200)
1654 usage_err("Baudrate must be a multiple of 1200");
1655
1656 /* The remaining arguments are the input
1657 * and potentially output file
1658 */
1659 /* Input file must exist so exit if not */
1660 if (optind >= argc)
1661 usage_err("missing input file name");
1662
1663 strncpy(in_file, argv[optind], MAX_FILENAME);
1664 optind++;
1665
1666 /* Output file must exist in non parse mode */
1667 if (optind < argc)
1668 strncpy(out_file, argv[optind], MAX_FILENAME);
1669 else if (!parse)
1670 usage_err("missing output file name");
1671
1672 /* open the input file */
1673 in_fd = fopen(in_file, "rb");
1674 if (in_fd == NULL) {
1675 printf("Error: Failed to open input file %s\n", in_file);
1676 goto main_exit;
1677 }
1678
1679 /* Read the input file to buffer */
1680 image_size = get_file_size(in_file);
1681 image_buf = calloc((image_size + AES_BLOCK_SZ - 1) &
1682 ~(AES_BLOCK_SZ - 1), 1);
1683 if (image_buf == NULL) {
1684 fprintf(stderr, "Error: failed allocating input buffer\n");
1685 return 1;
1686 }
1687
1688 read = fread(image_buf, image_size, 1, in_fd);
1689 if (read != 1) {
1690 fprintf(stderr, "Error: failed to read input file\n");
1691 goto main_exit;
1692 }
1693
1694 /* Parse the input image and leave */
1695 if (parse) {
1696 if (opts.key_index >= CSK_ARR_SZ) {
1697 fprintf(stderr,
1698 "Wrong key IDX value. Valid values 0 - %d\n",
1699 CSK_ARR_SZ - 1);
1700 goto main_exit;
1701 }
1702 ret = parse_image(image_buf, image_size);
1703 goto main_exit;
1704 }
1705
1706 /* Create a blob file from all extensions */
1707 if (ext_cnt) {
1708 ret = format_extensions(ext_file);
1709 if (ret)
1710 goto main_exit;
1711 }
1712
1713 out_fd = fopen(out_file, "wb");
1714 if (out_fd == NULL) {
1715 fprintf(stderr,
1716 "Error: Failed to open output file %s\n", out_file);
1717 goto main_exit;
1718 }
1719
1720 ret = write_prolog(ext_cnt, ext_file, image_buf, image_size, out_fd);
1721 if (ret)
1722 goto main_exit;
1723
1724#ifdef CONFIG_MVEBU_SECURE_BOOT
1725 if (opts.sec_opts && (opts.sec_opts->encrypted_image != 0) &&
1726 (opts.sec_opts->enc_image_sz != 0)) {
1727 ret = write_boot_image(opts.sec_opts->encrypted_image,
1728 opts.sec_opts->enc_image_sz, out_fd);
1729 } else
1730#endif
1731 ret = write_boot_image(image_buf, image_size, out_fd);
1732 if (ret)
1733 goto main_exit;
1734
1735main_exit:
1736 if (in_fd)
1737 fclose(in_fd);
1738
1739 if (out_fd)
1740 fclose(out_fd);
1741
1742 if (image_buf)
1743 free(image_buf);
1744
1745 unlink(ext_file);
1746
1747#ifdef CONFIG_MVEBU_SECURE_BOOT
1748 if (opts.sec_opts) {
1749 if (opts.sec_opts->encrypted_image)
1750 free(opts.sec_opts->encrypted_image);
1751 free(opts.sec_opts);
1752 }
1753#endif
1754 exit(ret);
1755}