u-boot: fit: add support to decrypt fit with aes
This commit add to u-boot the support to decrypt fit image encrypted with aes. The FIT image contains the key name and the IV name. Then u-boot look for the key and IV in his device tree and decrypt images before moving to the next stage. Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
This commit is contained in:
parent
7298e42250
commit
4df3578119
@ -24,6 +24,7 @@ struct cipher_algo cipher_algos[] = {
|
||||
.calculate_type = EVP_aes_128_cbc,
|
||||
#endif
|
||||
.encrypt = image_aes_encrypt,
|
||||
.decrypt = image_aes_decrypt,
|
||||
.add_cipher_data = image_aes_add_cipher_data
|
||||
},
|
||||
{
|
||||
@ -34,6 +35,7 @@ struct cipher_algo cipher_algos[] = {
|
||||
.calculate_type = EVP_aes_192_cbc,
|
||||
#endif
|
||||
.encrypt = image_aes_encrypt,
|
||||
.decrypt = image_aes_decrypt,
|
||||
.add_cipher_data = image_aes_add_cipher_data
|
||||
},
|
||||
{
|
||||
@ -44,6 +46,7 @@ struct cipher_algo cipher_algos[] = {
|
||||
.calculate_type = EVP_aes_256_cbc,
|
||||
#endif
|
||||
.encrypt = image_aes_encrypt,
|
||||
.decrypt = image_aes_decrypt,
|
||||
.add_cipher_data = image_aes_add_cipher_data
|
||||
}
|
||||
};
|
||||
@ -61,3 +64,104 @@ struct cipher_algo *image_get_cipher_algo(const char *full_name)
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
static int fit_image_setup_decrypt(struct image_cipher_info *info,
|
||||
const void *fit, int image_noffset,
|
||||
int cipher_noffset)
|
||||
{
|
||||
const void *fdt = gd_fdt_blob();
|
||||
const char *node_name;
|
||||
char node_path[128];
|
||||
int noffset;
|
||||
char *algo_name;
|
||||
int ret;
|
||||
|
||||
node_name = fit_get_name(fit, image_noffset, NULL);
|
||||
if (!node_name) {
|
||||
printf("Can't get node name\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (fit_image_cipher_get_algo(fit, cipher_noffset, &algo_name)) {
|
||||
printf("Can't get algo name for cipher '%s' in image '%s'\n",
|
||||
node_name, node_name);
|
||||
return -1;
|
||||
}
|
||||
|
||||
info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL);
|
||||
if (!info->keyname) {
|
||||
printf("Can't get key name\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
info->ivname = fdt_getprop(fit, cipher_noffset, "iv-name-hint", NULL);
|
||||
if (!info->ivname) {
|
||||
printf("Can't get IV name\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
info->fit = fit;
|
||||
info->node_noffset = image_noffset;
|
||||
info->name = algo_name;
|
||||
info->cipher = image_get_cipher_algo(algo_name);
|
||||
if (!info->cipher) {
|
||||
printf("Can't get cipher\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = fit_image_get_data_size_unciphered(fit, image_noffset,
|
||||
&info->size_unciphered);
|
||||
if (ret) {
|
||||
printf("Can't get size of unciphered data\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Search the cipher node in the u-boot fdt
|
||||
* the path should be: /cipher/key-<algo>-<key>-<iv>
|
||||
*/
|
||||
snprintf(node_path, sizeof(node_path), "/%s/key-%s-%s-%s",
|
||||
FIT_CIPHER_NODENAME, algo_name, info->keyname, info->ivname);
|
||||
|
||||
noffset = fdt_path_offset(fdt, node_path);
|
||||
if (noffset < 0) {
|
||||
printf("Can't found cipher node offset\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* read key */
|
||||
info->key = fdt_getprop(fdt, noffset, "key", NULL);
|
||||
if (!info->key) {
|
||||
printf("Can't get key in cipher node '%s'\n", node_path);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* read iv */
|
||||
info->iv = fdt_getprop(fdt, noffset, "iv", NULL);
|
||||
if (!info->iv) {
|
||||
printf("Can't get IV in cipher node '%s'\n", node_path);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int fit_image_decrypt_data(const void *fit,
|
||||
int image_noffset, int cipher_noffset,
|
||||
const void *data_ciphered, size_t size_ciphered,
|
||||
void **data_unciphered, size_t *size_unciphered)
|
||||
{
|
||||
struct image_cipher_info info;
|
||||
int ret;
|
||||
|
||||
ret = fit_image_setup_decrypt(&info, fit, image_noffset,
|
||||
cipher_noffset);
|
||||
if (ret < 0)
|
||||
goto out;
|
||||
|
||||
ret = info.cipher->decrypt(&info, data_ciphered, size_ciphered,
|
||||
data_unciphered, size_unciphered);
|
||||
|
||||
out:
|
||||
return ret;
|
||||
}
|
||||
|
@ -947,6 +947,31 @@ int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get 'data-size-unciphered' property from a given image node.
|
||||
*
|
||||
* @fit: pointer to the FIT image header
|
||||
* @noffset: component image node offset
|
||||
* @data_size: holds the data-size property
|
||||
*
|
||||
* returns:
|
||||
* 0, on success
|
||||
* -ENOENT if the property could not be found
|
||||
*/
|
||||
int fit_image_get_data_size_unciphered(const void *fit, int noffset,
|
||||
size_t *data_size)
|
||||
{
|
||||
const fdt32_t *val;
|
||||
|
||||
val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
|
||||
if (!val)
|
||||
return -ENOENT;
|
||||
|
||||
*data_size = (size_t)fdt32_to_cpu(*val);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* fit_image_get_data_and_size - get data and its size including
|
||||
* both embedded and external data
|
||||
@ -1381,6 +1406,32 @@ int fit_all_image_verify(const void *fit)
|
||||
return 1;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_FIT_CIPHER
|
||||
static int fit_image_uncipher(const void *fit, int image_noffset,
|
||||
void **data, size_t *size)
|
||||
{
|
||||
int cipher_noffset, ret;
|
||||
void *dst;
|
||||
size_t size_dst;
|
||||
|
||||
cipher_noffset = fdt_subnode_offset(fit, image_noffset,
|
||||
FIT_CIPHER_NODENAME);
|
||||
if (cipher_noffset < 0)
|
||||
return 0;
|
||||
|
||||
ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
|
||||
*data, *size, &dst, &size_dst);
|
||||
if (ret)
|
||||
goto out;
|
||||
|
||||
*data = dst;
|
||||
*size = size_dst;
|
||||
|
||||
out:
|
||||
return ret;
|
||||
}
|
||||
#endif /* CONFIG_FIT_CIPHER */
|
||||
|
||||
/**
|
||||
* fit_image_check_os - check whether image node is of a given os type
|
||||
* @fit: pointer to the FIT format image header
|
||||
@ -1981,6 +2032,18 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
|
||||
return -ENOENT;
|
||||
}
|
||||
|
||||
#ifdef CONFIG_FIT_CIPHER
|
||||
/* Decrypt data before uncompress/move */
|
||||
if (IMAGE_ENABLE_DECRYPT) {
|
||||
puts(" Decrypting Data ... ");
|
||||
if (fit_image_uncipher(fit, noffset, &buf, &size)) {
|
||||
puts("Error\n");
|
||||
return -EACCES;
|
||||
}
|
||||
puts("OK\n");
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(USE_HOSTCC) && defined(CONFIG_FIT_IMAGE_POST_PROCESS)
|
||||
/* perform any post-processing on the image data */
|
||||
board_fit_image_post_process(&buf, &size);
|
||||
|
@ -1023,6 +1023,8 @@ int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset);
|
||||
int fit_image_get_data_position(const void *fit, int noffset,
|
||||
int *data_position);
|
||||
int fit_image_get_data_size(const void *fit, int noffset, int *data_size);
|
||||
int fit_image_get_data_size_unciphered(const void *fit, int noffset,
|
||||
size_t *data_size);
|
||||
int fit_image_get_data_and_size(const void *fit, int noffset,
|
||||
const void **data, size_t *size);
|
||||
|
||||
@ -1066,6 +1068,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
|
||||
int fit_image_verify(const void *fit, int noffset);
|
||||
int fit_config_verify(const void *fit, int conf_noffset);
|
||||
int fit_all_image_verify(const void *fit);
|
||||
int fit_config_decrypt(const void *fit, int conf_noffset);
|
||||
int fit_image_check_os(const void *fit, int noffset, uint8_t os);
|
||||
int fit_image_check_arch(const void *fit, int noffset, uint8_t arch);
|
||||
int fit_image_check_type(const void *fit, int noffset, uint8_t type);
|
||||
@ -1293,6 +1296,11 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
|
||||
int fit_image_check_sig(const void *fit, int noffset, const void *data,
|
||||
size_t size, int required_keynode, char **err_msgp);
|
||||
|
||||
int fit_image_decrypt_data(const void *fit,
|
||||
int image_noffset, int cipher_noffset,
|
||||
const void *data, size_t size,
|
||||
void **data_unciphered, size_t *size_unciphered);
|
||||
|
||||
/**
|
||||
* fit_region_make_list() - Make a list of regions to hash
|
||||
*
|
||||
@ -1367,6 +1375,10 @@ struct cipher_algo {
|
||||
|
||||
int (*add_cipher_data)(struct image_cipher_info *info,
|
||||
void *keydest);
|
||||
|
||||
int (*decrypt)(struct image_cipher_info *info,
|
||||
const void *cipher, size_t cipher_len,
|
||||
void **data, size_t *data_len);
|
||||
};
|
||||
|
||||
int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo);
|
||||
|
@ -28,4 +28,17 @@ int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
|
||||
}
|
||||
#endif /* IMAGE_ENABLE_ENCRYPT */
|
||||
|
||||
#if IMAGE_ENABLE_DECRYPT
|
||||
int image_aes_decrypt(struct image_cipher_info *info,
|
||||
const void *cipher, size_t cipher_len,
|
||||
void **data, size_t *size);
|
||||
#else
|
||||
int image_aes_decrypt(struct image_cipher_info *info,
|
||||
const void *cipher, size_t cipher_len,
|
||||
void **data, size_t *size)
|
||||
{
|
||||
return -ENXIO;
|
||||
}
|
||||
#endif /* IMAGE_ENABLE_DECRYPT */
|
||||
|
||||
#endif
|
||||
|
@ -21,6 +21,7 @@ obj-$(CONFIG_ASN1_DECODER) += asn1_decoder.o
|
||||
obj-y += crypto/
|
||||
|
||||
obj-$(CONFIG_AES) += aes.o
|
||||
obj-$(CONFIG_AES) += aes/
|
||||
obj-$(CONFIG_$(SPL_TPL_)BINMAN_FDT) += binman.o
|
||||
|
||||
ifndef API_BUILD
|
||||
|
5
lib/aes/Makefile
Normal file
5
lib/aes/Makefile
Normal file
@ -0,0 +1,5 @@
|
||||
# SPDX-License-Identifier: GPL-2.0+
|
||||
#
|
||||
# Copyright (c) 2019, Softathome
|
||||
|
||||
obj-$(CONFIG_$(SPL_)FIT_CIPHER) += aes-decrypt.o
|
41
lib/aes/aes-decrypt.c
Normal file
41
lib/aes/aes-decrypt.c
Normal file
@ -0,0 +1,41 @@
|
||||
// SPDX-License-Identifier: GPL-2.0+
|
||||
/*
|
||||
* Copyright (c) 2019, softathome
|
||||
*/
|
||||
|
||||
#ifndef USE_HOSTCC
|
||||
#include <common.h>
|
||||
#include <malloc.h>
|
||||
#endif
|
||||
#include <image.h>
|
||||
#include <uboot_aes.h>
|
||||
|
||||
int image_aes_decrypt(struct image_cipher_info *info,
|
||||
const void *cipher, size_t cipher_len,
|
||||
void **data, size_t *size)
|
||||
{
|
||||
#ifndef USE_HOSTCC
|
||||
unsigned char key_exp[AES256_EXPAND_KEY_LENGTH];
|
||||
unsigned int aes_blocks, key_len = info->cipher->key_len;
|
||||
|
||||
*data = malloc(cipher_len);
|
||||
if (!*data) {
|
||||
printf("Can't allocate memory to decrypt\n");
|
||||
return -ENOMEM;
|
||||
}
|
||||
*size = info->size_unciphered;
|
||||
|
||||
memcpy(&key_exp[0], info->key, key_len);
|
||||
|
||||
/* First we expand the key. */
|
||||
aes_expand_key((u8 *)info->key, key_len, key_exp);
|
||||
|
||||
/* Calculate the number of AES blocks to encrypt. */
|
||||
aes_blocks = DIV_ROUND_UP(cipher_len, AES_BLOCK_LENGTH);
|
||||
|
||||
aes_cbc_decrypt_blocks(key_len, key_exp, (u8 *)info->iv,
|
||||
(u8 *)cipher, *data, aes_blocks);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
@ -77,7 +77,7 @@ RSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/rsa/, \
|
||||
rsa-mod-exp.o)
|
||||
|
||||
AES_OBJS-$(CONFIG_FIT_CIPHER) := $(addprefix lib/aes/, \
|
||||
aes-encrypt.o)
|
||||
aes-encrypt.o aes-decrypt.o)
|
||||
|
||||
ROCKCHIP_OBS = lib/rc4.o rkcommon.o rkimage.o rksd.o rkspi.o
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user