1 /* 2 * Copyright 2015 Freescale Semiconductor, Inc. 3 * 4 * SPDX-License-Identifier: GPL-2.0+ 5 */ 6 7 #include <common.h> 8 #include <fsl_validate.h> 9 #include <fsl_secboot_err.h> 10 #include <fsl_sfp.h> 11 #include <fsl_sec.h> 12 #include <command.h> 13 #include <malloc.h> 14 #include <dm/uclass.h> 15 #include <u-boot/rsa-mod-exp.h> 16 #include <hash.h> 17 #include <fsl_secboot_err.h> 18 #ifdef CONFIG_LS102XA 19 #include <asm/arch/immap_ls102xa.h> 20 #endif 21 22 #define SHA256_BITS 256 23 #define SHA256_BYTES (256/8) 24 #define SHA256_NIBBLES (256/4) 25 #define NUM_HEX_CHARS (sizeof(ulong) * 2) 26 27 /* This array contains DER value for SHA-256 */ 28 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 29 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 30 0x04, 0x20 31 }; 32 33 static u8 hash_val[SHA256_BYTES]; 34 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 }; 35 36 void branch_to_self(void) __attribute__ ((noreturn)); 37 38 /* 39 * This function will put core in infinite loop. 40 * This will be called when the ESBC can not proceed further due 41 * to some unknown errors. 42 */ 43 void branch_to_self(void) 44 { 45 printf("Core is in infinite loop due to errors.\n"); 46 self: 47 goto self; 48 } 49 50 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 51 static u32 check_ie(struct fsl_secboot_img_priv *img) 52 { 53 if (img->hdr.ie_flag) 54 return 1; 55 56 return 0; 57 } 58 59 /* This function returns the CSF Header Address of uboot 60 * For MPC85xx based platforms, the LAW mapping for NOR 61 * flash changes in uboot code. Hence the offset needs 62 * to be calculated and added to the new NOR flash base 63 * address 64 */ 65 #if defined(CONFIG_MPC85xx) 66 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 67 { 68 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR); 69 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 70 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE); 71 u32 flash_addr, addr; 72 int found = 0; 73 int i = 0; 74 75 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) { 76 flash_addr = flash_info[i].start[0]; 77 addr = flash_info[i].start[0] + csf_flash_offset; 78 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) { 79 debug("Barker found on addr %x\n", addr); 80 found = 1; 81 break; 82 } 83 } 84 85 if (!found) 86 return -1; 87 88 *csf_addr = addr; 89 *flash_base_addr = flash_addr; 90 91 return 0; 92 } 93 #else 94 /* For platforms like LS1020, correct flash address is present in 95 * the header. So the function reqturns flash base address as 0 96 */ 97 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr) 98 { 99 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR); 100 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]); 101 102 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr, 103 barker_code, ESBC_BARKER_LEN)) 104 return -1; 105 106 *csf_addr = csf_hdr_addr; 107 *flash_base_addr = 0; 108 return 0; 109 } 110 #endif 111 112 static int get_ie_info_addr(u32 *ie_addr) 113 { 114 struct fsl_secboot_img_hdr *hdr; 115 struct fsl_secboot_sg_table *sg_tbl; 116 u32 flash_base_addr, csf_addr; 117 118 if (get_csf_base_addr(&csf_addr, &flash_base_addr)) 119 return -1; 120 121 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr; 122 123 /* For SoC's with Trust Architecture v1 with corenet bus 124 * the sg table field in CSF header has absolute address 125 * for sg table in memory. In other Trust Architecture, 126 * this field specifies the offset of sg table from the 127 * base address of CSF Header 128 */ 129 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET) 130 sg_tbl = (struct fsl_secboot_sg_table *) 131 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 132 flash_base_addr); 133 #else 134 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr + 135 (u32)hdr->psgtable); 136 #endif 137 138 /* IE Key Table is the first entry in the SG Table */ 139 #if defined(CONFIG_MPC85xx) 140 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) + 141 flash_base_addr; 142 #else 143 *ie_addr = sg_tbl->src_addr; 144 #endif 145 146 debug("IE Table address is %x\n", *ie_addr); 147 return 0; 148 } 149 150 #endif 151 152 #ifdef CONFIG_KEY_REVOCATION 153 /* This function checks srk_table_flag in header and set/reset srk_flag.*/ 154 static u32 check_srk(struct fsl_secboot_img_priv *img) 155 { 156 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG) 157 return 1; 158 159 return 0; 160 } 161 162 /* This function returns ospr's key_revoc values.*/ 163 static u32 get_key_revoc(void) 164 { 165 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 166 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >> 167 OSPR_KEY_REVOC_SHIFT; 168 } 169 170 /* This function checks if selected key is revoked or not.*/ 171 static u32 is_key_revoked(u32 keynum, u32 rev_flag) 172 { 173 if (keynum == UNREVOCABLE_KEY) 174 return 0; 175 176 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag) 177 return 1; 178 179 return 0; 180 } 181 182 /* It validates srk_table key lengths.*/ 183 static u32 validate_srk_tbl(struct srk_table *tbl, u32 num_entries) 184 { 185 int i = 0; 186 for (i = 0; i < num_entries; i++) { 187 if (!((tbl[i].key_len == 2 * KEY_SIZE_BYTES/4) || 188 (tbl[i].key_len == 2 * KEY_SIZE_BYTES/2) || 189 (tbl[i].key_len == 2 * KEY_SIZE_BYTES))) 190 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN; 191 } 192 return 0; 193 } 194 #endif 195 196 /* This function return length of public key.*/ 197 static inline u32 get_key_len(struct fsl_secboot_img_priv *img) 198 { 199 return img->key_len; 200 } 201 202 /* 203 * Handles the ESBC uboot client header verification failure. 204 * This function handles all the errors which might occur in the 205 * parsing and checking of ESBC uboot client header. It will also 206 * set the error bits in the SEC_MON. 207 */ 208 static void fsl_secboot_header_verification_failure(void) 209 { 210 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 211 (CONFIG_SYS_SEC_MON_ADDR); 212 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 213 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 214 215 /* 29th bit of OSPR is ITS */ 216 u32 its = sfp_in32(&sfp_regs->ospr) >> 2; 217 218 /* 219 * Read the SEC_MON status register 220 * Read SSM_ST field 221 */ 222 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 223 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 224 if (its == 1) 225 change_sec_mon_state(HPSR_SSM_ST_TRUST, 226 HPSR_SSM_ST_SOFT_FAIL); 227 else 228 change_sec_mon_state(HPSR_SSM_ST_TRUST, 229 HPSR_SSM_ST_NON_SECURE); 230 } 231 232 printf("Generating reset request\n"); 233 do_reset(NULL, 0, 0, NULL); 234 } 235 236 /* 237 * Handles the ESBC uboot client image verification failure. 238 * This function handles all the errors which might occur in the 239 * public key hash comparison and signature verification of 240 * ESBC uboot client image. It will also 241 * set the error bits in the SEC_MON. 242 */ 243 static void fsl_secboot_image_verification_failure(void) 244 { 245 struct ccsr_sec_mon_regs *sec_mon_regs = (void *) 246 (CONFIG_SYS_SEC_MON_ADDR); 247 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 248 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 249 250 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT; 251 252 /* 253 * Read the SEC_MON status register 254 * Read SSM_ST field 255 */ 256 sts = sec_mon_in32(&sec_mon_regs->hp_stat); 257 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) { 258 if (its == 1) { 259 change_sec_mon_state(HPSR_SSM_ST_TRUST, 260 HPSR_SSM_ST_SOFT_FAIL); 261 262 printf("Generating reset request\n"); 263 do_reset(NULL, 0, 0, NULL); 264 } else { 265 change_sec_mon_state(HPSR_SSM_ST_TRUST, 266 HPSR_SSM_ST_NON_SECURE); 267 } 268 } 269 } 270 271 static void fsl_secboot_bootscript_parse_failure(void) 272 { 273 fsl_secboot_header_verification_failure(); 274 } 275 276 /* 277 * Handles the errors in esbc boot. 278 * This function handles all the errors which might occur in the 279 * esbc boot phase. It will call the appropriate api to log the 280 * errors and set the error bits in the SEC_MON. 281 */ 282 void fsl_secboot_handle_error(int error) 283 { 284 const struct fsl_secboot_errcode *e; 285 286 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX; 287 e++) { 288 if (e->errcode == error) 289 printf("ERROR :: %x :: %s\n", error, e->name); 290 } 291 292 switch (error) { 293 case ERROR_ESBC_CLIENT_HEADER_BARKER: 294 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE: 295 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN: 296 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN: 297 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN: 298 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1: 299 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2: 300 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD: 301 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP: 302 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD: 303 #ifdef CONFIG_KEY_REVOCATION 304 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED: 305 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY: 306 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM: 307 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN: 308 #endif 309 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 310 /*@fallthrough@*/ 311 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED: 312 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY: 313 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM: 314 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN: 315 case ERROR_IE_TABLE_NOT_FOUND: 316 #endif 317 fsl_secboot_header_verification_failure(); 318 break; 319 case ERROR_ESBC_SEC_RESET: 320 case ERROR_ESBC_SEC_DEQ: 321 case ERROR_ESBC_SEC_ENQ: 322 case ERROR_ESBC_SEC_DEQ_TO: 323 case ERROR_ESBC_SEC_JOBQ_STATUS: 324 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY: 325 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM: 326 fsl_secboot_image_verification_failure(); 327 break; 328 case ERROR_ESBC_MISSING_BOOTM: 329 fsl_secboot_bootscript_parse_failure(); 330 break; 331 case ERROR_ESBC_WRONG_CMD: 332 default: 333 branch_to_self(); 334 break; 335 } 336 } 337 338 static void fsl_secblk_handle_error(int error) 339 { 340 switch (error) { 341 case ERROR_ESBC_SEC_ENQ: 342 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ); 343 break; 344 case ERROR_ESBC_SEC_DEQ: 345 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ); 346 break; 347 case ERROR_ESBC_SEC_DEQ_TO: 348 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO); 349 break; 350 default: 351 printf("Job Queue Output status %x\n", error); 352 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS); 353 break; 354 } 355 } 356 357 /* 358 * Calculate hash of key obtained via offset present in ESBC uboot 359 * client hdr. This function calculates the hash of key which is obtained 360 * through offset present in ESBC uboot client header. 361 */ 362 static int calc_img_key_hash(struct fsl_secboot_img_priv *img) 363 { 364 struct hash_algo *algo; 365 void *ctx; 366 int i, srk = 0; 367 int ret = 0; 368 const char *algo_name = "sha256"; 369 370 /* Calculate hash of the esbc key */ 371 ret = hash_progressive_lookup_algo(algo_name, &algo); 372 if (ret) 373 return ret; 374 375 ret = algo->hash_init(algo, &ctx); 376 if (ret) 377 return ret; 378 379 /* Update hash for ESBC key */ 380 #ifdef CONFIG_KEY_REVOCATION 381 if (check_srk(img)) { 382 ret = algo->hash_update(algo, ctx, 383 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 384 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1); 385 srk = 1; 386 } 387 #endif 388 if (!srk) 389 ret = algo->hash_update(algo, ctx, 390 img->img_key, img->key_len, 1); 391 if (ret) 392 return ret; 393 394 /* Copy hash at destination buffer */ 395 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 396 if (ret) 397 return ret; 398 399 for (i = 0; i < SHA256_BYTES; i++) 400 img->img_key_hash[i] = hash_val[i]; 401 402 return 0; 403 } 404 405 /* 406 * Calculate hash of ESBC hdr and ESBC. This function calculates the 407 * single hash of ESBC header and ESBC image. If SG flag is on, all 408 * SG entries are also hashed alongwith the complete SG table. 409 */ 410 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img) 411 { 412 struct hash_algo *algo; 413 void *ctx; 414 int ret = 0; 415 int key_hash = 0; 416 const char *algo_name = "sha256"; 417 418 /* Calculate the hash of the ESBC */ 419 ret = hash_progressive_lookup_algo(algo_name, &algo); 420 if (ret) 421 return ret; 422 423 ret = algo->hash_init(algo, &ctx); 424 /* Copy hash at destination buffer */ 425 if (ret) 426 return ret; 427 428 /* Update hash for CSF Header */ 429 ret = algo->hash_update(algo, ctx, 430 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0); 431 if (ret) 432 return ret; 433 434 /* Update the hash with that of srk table if srk flag is 1 435 * If IE Table is selected, key is not added in the hash 436 * If neither srk table nor IE key table available, add key 437 * from header in the hash calculation 438 */ 439 #ifdef CONFIG_KEY_REVOCATION 440 if (check_srk(img)) { 441 ret = algo->hash_update(algo, ctx, 442 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off), 443 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0); 444 key_hash = 1; 445 } 446 #endif 447 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 448 if (!key_hash && check_ie(img)) 449 key_hash = 1; 450 #endif 451 if (!key_hash) 452 ret = algo->hash_update(algo, ctx, 453 img->img_key, img->hdr.key_len, 0); 454 if (ret) 455 return ret; 456 457 /* Update hash for actual Image */ 458 #ifdef CONFIG_ESBC_ADDR_64BIT 459 ret = algo->hash_update(algo, ctx, 460 (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1); 461 #else 462 ret = algo->hash_update(algo, ctx, 463 (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1); 464 #endif 465 if (ret) 466 return ret; 467 468 /* Copy hash at destination buffer */ 469 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size); 470 if (ret) 471 return ret; 472 473 return 0; 474 } 475 476 /* 477 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the 478 * pointers for padding, DER value and hash. And finally, constructs EM' 479 * which includes hash of complete CSF header and ESBC image. If SG flag 480 * is on, hash of SG table and entries is also included. 481 */ 482 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img) 483 { 484 /* 485 * RSA PKCSv1.5 encoding format for encoded message is below 486 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash 487 * PS is Padding String 488 * DER is DER value for SHA-256 489 * Hash is SHA-256 hash 490 * ********************************************************* 491 * representative points to first byte of EM initially and is 492 * filled with 0x0 493 * representative is incremented by 1 and second byte is filled 494 * with 0x1 495 * padding points to third byte of EM 496 * digest points to full length of EM - 32 bytes 497 * hash_id (DER value) points to 19 bytes before pDigest 498 * separator is one byte which separates padding and DER 499 */ 500 501 size_t len; 502 u8 *representative; 503 u8 *padding, *digest; 504 u8 *hash_id, *separator; 505 int i; 506 507 len = (get_key_len(img) / 2) - 1; 508 representative = img->img_encoded_hash_second; 509 representative[0] = 0; 510 representative[1] = 1; /* block type 1 */ 511 512 padding = &representative[2]; 513 digest = &representative[1] + len - 32; 514 hash_id = digest - sizeof(hash_identifier); 515 separator = hash_id - 1; 516 517 /* fill padding area pointed by padding with 0xff */ 518 memset(padding, 0xff, separator - padding); 519 520 /* fill byte pointed by separator */ 521 *separator = 0; 522 523 /* fill SHA-256 DER value pointed by HashId */ 524 memcpy(hash_id, hash_identifier, sizeof(hash_identifier)); 525 526 /* fill hash pointed by Digest */ 527 for (i = 0; i < SHA256_BYTES; i++) 528 digest[i] = hash_val[i]; 529 } 530 531 /* 532 * Reads and validates the ESBC client header. 533 * This function reads key and signature from the ESBC client header. 534 * If Scatter/Gather flag is on, lengths and offsets of images 535 * present as SG entries are also read. This function also checks 536 * whether the header is valid or not. 537 */ 538 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img) 539 { 540 char buf[20]; 541 struct fsl_secboot_img_hdr *hdr = &img->hdr; 542 void *esbc = (u8 *)(uintptr_t)img->ehdrloc; 543 u8 *k, *s; 544 #ifdef CONFIG_KEY_REVOCATION 545 u32 ret; 546 u32 key_num, key_revoc_flag, size; 547 #endif 548 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 549 struct ie_key_info *ie_info; 550 u32 ie_num, ie_revoc_flag, ie_key_len; 551 #endif 552 int key_found = 0; 553 554 /* check barker code */ 555 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN)) 556 return ERROR_ESBC_CLIENT_HEADER_BARKER; 557 558 #ifdef CONFIG_ESBC_ADDR_64BIT 559 sprintf(buf, "%llx", hdr->pimg64); 560 #else 561 sprintf(buf, "%x", hdr->pimg); 562 #endif 563 setenv("img_addr", buf); 564 565 if (!hdr->img_size) 566 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE; 567 568 /* Key checking*/ 569 #ifdef CONFIG_KEY_REVOCATION 570 if (check_srk(img)) { 571 if ((hdr->len_kr.num_srk == 0) || 572 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES)) 573 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY; 574 575 key_num = hdr->len_kr.srk_sel; 576 if (key_num == 0 || key_num > hdr->len_kr.num_srk) 577 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM; 578 579 /* Get revoc key from sfp */ 580 key_revoc_flag = get_key_revoc(); 581 ret = is_key_revoked(key_num, key_revoc_flag); 582 if (ret) 583 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED; 584 585 size = hdr->len_kr.num_srk * sizeof(struct srk_table); 586 587 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size); 588 589 ret = validate_srk_tbl(img->srk_tbl, hdr->len_kr.num_srk); 590 591 if (ret != 0) 592 return ret; 593 594 img->key_len = img->srk_tbl[key_num - 1].key_len; 595 596 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey), 597 img->key_len); 598 599 key_found = 1; 600 } 601 #endif 602 603 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 604 if (!key_found && check_ie(img)) { 605 if (get_ie_info_addr(&img->ie_addr)) 606 return ERROR_IE_TABLE_NOT_FOUND; 607 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr; 608 if (ie_info->num_keys == 0 || ie_info->num_keys > 32) 609 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY; 610 611 ie_num = hdr->ie_key_sel; 612 if (ie_num == 0 || ie_num > ie_info->num_keys) 613 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM; 614 615 ie_revoc_flag = ie_info->key_revok; 616 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag) 617 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED; 618 619 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len; 620 621 if (!((ie_key_len == 2 * KEY_SIZE_BYTES / 4) || 622 (ie_key_len == 2 * KEY_SIZE_BYTES / 2) || 623 (ie_key_len == 2 * KEY_SIZE_BYTES))) 624 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN; 625 626 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey), 627 ie_key_len); 628 629 img->key_len = ie_key_len; 630 key_found = 1; 631 } 632 #endif 633 634 if (key_found == 0) { 635 /* check key length */ 636 if (!((hdr->key_len == 2 * KEY_SIZE_BYTES / 4) || 637 (hdr->key_len == 2 * KEY_SIZE_BYTES / 2) || 638 (hdr->key_len == 2 * KEY_SIZE_BYTES))) 639 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN; 640 641 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len); 642 643 img->key_len = hdr->key_len; 644 645 key_found = 1; 646 } 647 648 /* check signaure */ 649 if (get_key_len(img) == 2 * hdr->sign_len) { 650 /* check signature length */ 651 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) || 652 (hdr->sign_len == KEY_SIZE_BYTES / 2) || 653 (hdr->sign_len == KEY_SIZE_BYTES))) 654 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN; 655 } else { 656 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN; 657 } 658 659 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len); 660 661 /* No SG support */ 662 if (hdr->sg_flag) 663 return ERROR_ESBC_CLIENT_HEADER_SG; 664 665 /* modulus most significant bit should be set */ 666 k = (u8 *)&img->img_key; 667 668 if ((k[0] & 0x80) == 0) 669 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1; 670 671 /* modulus value should be odd */ 672 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0) 673 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2; 674 675 /* Check signature value < modulus value */ 676 s = (u8 *)&img->img_sign; 677 678 if (!(memcmp(s, k, hdr->sign_len) < 0)) 679 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD; 680 681 return ESBC_VALID_HDR; 682 } 683 684 static inline int str2longbe(const char *p, ulong *num) 685 { 686 char *endptr; 687 ulong tmp; 688 689 if (!p) { 690 return 0; 691 } else { 692 tmp = simple_strtoul(p, &endptr, 16); 693 if (sizeof(ulong) == 4) 694 *num = cpu_to_be32(tmp); 695 else 696 *num = cpu_to_be64(tmp); 697 } 698 699 return *p != '\0' && *endptr == '\0'; 700 } 701 702 int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc, 703 char * const argv[]) 704 { 705 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR); 706 ulong hash[SHA256_BYTES/sizeof(ulong)]; 707 char hash_str[NUM_HEX_CHARS + 1]; 708 ulong addr = simple_strtoul(argv[1], NULL, 16); 709 struct fsl_secboot_img_priv *img; 710 struct fsl_secboot_img_hdr *hdr; 711 void *esbc; 712 int ret, i, hash_cmd = 0; 713 u32 srk_hash[8]; 714 uint32_t key_len; 715 struct key_prop prop; 716 #if !defined(USE_HOSTCC) 717 struct udevice *mod_exp_dev; 718 #endif 719 720 if (argc == 3) { 721 char *cp = argv[2]; 722 int i = 0; 723 724 if (*cp == '0' && *(cp + 1) == 'x') 725 cp += 2; 726 727 /* The input string expected is in hex, where 728 * each 4 bits would be represented by a hex 729 * sha256 hash is 256 bits long, which would mean 730 * num of characters = 256 / 4 731 */ 732 if (strlen(cp) != SHA256_NIBBLES) { 733 printf("%s is not a 256 bits hex string as expected\n", 734 argv[2]); 735 return -1; 736 } 737 738 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) { 739 strncpy(hash_str, cp + (i * NUM_HEX_CHARS), 740 NUM_HEX_CHARS); 741 hash_str[NUM_HEX_CHARS] = '\0'; 742 if (!str2longbe(hash_str, &hash[i])) { 743 printf("%s is not a 256 bits hex string ", 744 argv[2]); 745 return -1; 746 } 747 } 748 749 hash_cmd = 1; 750 } 751 752 img = malloc(sizeof(struct fsl_secboot_img_priv)); 753 754 if (!img) 755 return -1; 756 757 memset(img, 0, sizeof(struct fsl_secboot_img_priv)); 758 759 hdr = &img->hdr; 760 img->ehdrloc = addr; 761 esbc = (u8 *)(uintptr_t)img->ehdrloc; 762 763 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr)); 764 765 /* read and validate esbc header */ 766 ret = read_validate_esbc_client_header(img); 767 768 if (ret != ESBC_VALID_HDR) { 769 fsl_secboot_handle_error(ret); 770 goto exit; 771 } 772 773 /* SRKH present in SFP */ 774 for (i = 0; i < NUM_SRKH_REGS; i++) 775 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]); 776 777 /* 778 * Calculate hash of key obtained via offset present in 779 * ESBC uboot client hdr 780 */ 781 ret = calc_img_key_hash(img); 782 if (ret) { 783 fsl_secblk_handle_error(ret); 784 goto exit; 785 } 786 787 /* Compare hash obtained above with SRK hash present in SFP */ 788 if (hash_cmd) 789 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES); 790 else 791 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES); 792 793 #if defined(CONFIG_FSL_ISBC_KEY_EXT) 794 if (!hash_cmd && check_ie(img)) 795 ret = 0; 796 #endif 797 798 if (ret != 0) { 799 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY); 800 goto exit; 801 } 802 803 ret = calc_esbchdr_esbc_hash(img); 804 if (ret) { 805 fsl_secblk_handle_error(ret); 806 goto exit; 807 } 808 809 /* Construct encoded hash EM' wrt PKCSv1.5 */ 810 construct_img_encoded_hash_second(img); 811 812 /* Fill prop structure for public key */ 813 memset(&prop, 0, sizeof(struct key_prop)); 814 key_len = get_key_len(img) / 2; 815 prop.modulus = img->img_key; 816 prop.public_exponent = img->img_key + key_len; 817 prop.num_bits = key_len * 8; 818 prop.exp_len = key_len; 819 820 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev); 821 if (ret) { 822 printf("RSA: Can't find Modular Exp implementation\n"); 823 return -EINVAL; 824 } 825 826 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len, 827 &prop, img->img_encoded_hash); 828 if (ret) { 829 fsl_secblk_handle_error(ret); 830 goto exit; 831 } 832 833 /* 834 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5 835 * memcmp returns zero on success 836 * memcmp returns non-zero on failure 837 */ 838 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash, 839 img->hdr.sign_len); 840 841 if (ret) { 842 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_EM); 843 goto exit; 844 } 845 846 printf("esbc_validate command successful\n"); 847 848 exit: 849 return 0; 850 } 851