1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright 2015 Freescale Semiconductor, Inc.
9 #include <fsl_validate.h>
10 #include <fsl_secboot_err.h>
16 #include <u-boot/rsa-mod-exp.h>
18 #include <fsl_secboot_err.h>
19 #ifdef CONFIG_ARCH_LS1021A
20 #include <asm/arch/immap_ls102xa.h>
23 #define SHA256_BITS 256
24 #define SHA256_BYTES (256/8)
25 #define SHA256_NIBBLES (256/4)
26 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
28 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
29 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
30 ((key_len) == 2 * KEY_SIZE_BYTES))
31 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
32 /* Global data structure */
33 static struct fsl_secboot_glb glb;
36 /* This array contains DER value for SHA-256 */
37 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
38 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
42 static u8 hash_val[SHA256_BYTES];
44 #ifdef CONFIG_ESBC_HDR_LS
45 /* New Barker Code for LS ESBC Header */
46 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 };
48 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
51 void branch_to_self(void) __attribute__ ((noreturn));
54 * This function will put core in infinite loop.
55 * This will be called when the ESBC can not proceed further due
56 * to some unknown errors.
58 void branch_to_self(void)
60 printf("Core is in infinite loop due to errors.\n");
65 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
66 static u32 check_ie(struct fsl_secboot_img_priv *img)
68 if (img->hdr.ie_flag & IE_FLAG_MASK)
74 /* This function returns the CSF Header Address of uboot
75 * For MPC85xx based platforms, the LAW mapping for NOR
76 * flash changes in uboot code. Hence the offset needs
77 * to be calculated and added to the new NOR flash base
80 #if defined(CONFIG_MPC85xx)
83 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
85 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
86 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
87 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
92 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
93 flash_addr = flash_info[i].start[0];
94 addr = flash_info[i].start[0] + csf_flash_offset;
95 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
96 debug("Barker found on addr %x\n", addr);
106 *flash_base_addr = flash_addr;
111 /* For platforms like LS1020, correct flash address is present in
112 * the header. So the function reqturns flash base address as 0
114 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
116 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
117 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
119 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
120 barker_code, ESBC_BARKER_LEN))
123 *csf_addr = csf_hdr_addr;
124 *flash_base_addr = 0;
129 #if defined(CONFIG_ESBC_HDR_LS)
130 static int get_ie_info_addr(uintptr_t *ie_addr)
132 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
133 /* For LS-CH3, the address of IE Table is
134 * stated in Scratch13 and scratch14 of DCFG.
135 * Bootrom validates this table while validating uboot.
137 *ie_addr = in_le32(&gur->scratchrw[SCRATCH_IE_HIGH_ADR - 1]);
138 *ie_addr = *ie_addr << 32;
139 *ie_addr |= in_le32(&gur->scratchrw[SCRATCH_IE_LOW_ADR - 1]);
142 #else /* CONFIG_ESBC_HDR_LS */
143 static int get_ie_info_addr(uintptr_t *ie_addr)
145 struct fsl_secboot_img_hdr *hdr;
146 struct fsl_secboot_sg_table *sg_tbl;
147 u32 flash_base_addr, csf_addr;
149 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
152 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
154 /* For SoC's with Trust Architecture v1 with corenet bus
155 * the sg table field in CSF header has absolute address
156 * for sg table in memory. In other Trust Architecture,
157 * this field specifies the offset of sg table from the
158 * base address of CSF Header
160 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
161 sg_tbl = (struct fsl_secboot_sg_table *)
162 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
165 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
169 /* IE Key Table is the first entry in the SG Table */
170 #if defined(CONFIG_MPC85xx)
171 *ie_addr = (uintptr_t)((sg_tbl->src_addr &
172 ~(CONFIG_SYS_PBI_FLASH_BASE)) +
175 *ie_addr = (uintptr_t)sg_tbl->src_addr;
178 debug("IE Table address is %lx\n", *ie_addr);
181 #endif /* CONFIG_ESBC_HDR_LS */
184 #ifdef CONFIG_KEY_REVOCATION
185 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
186 static u32 check_srk(struct fsl_secboot_img_priv *img)
188 #ifdef CONFIG_ESBC_HDR_LS
189 /* In LS, No SRK Flag as SRK is always present if IE not present*/
190 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
191 return !check_ie(img);
195 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
202 /* This function returns ospr's key_revoc values.*/
203 static u32 get_key_revoc(void)
205 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
206 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
207 OSPR_KEY_REVOC_SHIFT;
210 /* This function checks if selected key is revoked or not.*/
211 static u32 is_key_revoked(u32 keynum, u32 rev_flag)
213 if (keynum == UNREVOCABLE_KEY)
216 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
222 /* It read validates srk_table key lengths.*/
223 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
226 u32 ret, key_num, key_revoc_flag, size;
227 struct fsl_secboot_img_hdr *hdr = &img->hdr;
228 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
230 if ((hdr->len_kr.num_srk == 0) ||
231 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
232 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
234 key_num = hdr->len_kr.srk_sel;
235 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
236 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
238 /* Get revoc key from sfp */
239 key_revoc_flag = get_key_revoc();
240 ret = is_key_revoked(key_num, key_revoc_flag);
242 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
244 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
246 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
248 for (i = 0; i < hdr->len_kr.num_srk; i++) {
249 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
250 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
253 img->key_len = img->srk_tbl[key_num - 1].key_len;
255 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
262 #ifndef CONFIG_ESBC_HDR_LS
263 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
265 struct fsl_secboot_img_hdr *hdr = &img->hdr;
266 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
268 /* check key length */
269 if (!CHECK_KEY_LEN(hdr->key_len))
270 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
272 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
274 img->key_len = hdr->key_len;
278 #endif /* CONFIG_ESBC_HDR_LS */
280 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
282 static void install_ie_tbl(uintptr_t ie_tbl_addr,
283 struct fsl_secboot_img_priv *img)
285 /* Copy IE tbl to Global Data */
286 memcpy(&glb.ie_tbl, (u8 *)ie_tbl_addr, sizeof(struct ie_key_info));
287 img->ie_addr = (uintptr_t)&glb.ie_tbl;
288 glb.ie_addr = img->ie_addr;
291 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
293 struct fsl_secboot_img_hdr *hdr = &img->hdr;
294 u32 ie_key_len, ie_revoc_flag, ie_num;
295 struct ie_key_info *ie_info;
298 if (get_ie_info_addr(&img->ie_addr))
299 return ERROR_IE_TABLE_NOT_FOUND;
301 install_ie_tbl(img->ie_addr, img);
304 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
305 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
306 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
308 ie_num = hdr->ie_key_sel;
309 if (ie_num == 0 || ie_num > ie_info->num_keys)
310 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
312 ie_revoc_flag = ie_info->key_revok;
313 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
314 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
316 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
318 if (!CHECK_KEY_LEN(ie_key_len))
319 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
321 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
324 img->key_len = ie_key_len;
330 /* This function return length of public key.*/
331 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
337 * Handles the ESBC uboot client header verification failure.
338 * This function handles all the errors which might occur in the
339 * parsing and checking of ESBC uboot client header. It will also
340 * set the error bits in the SEC_MON.
342 static void fsl_secboot_header_verification_failure(void)
344 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
346 /* 29th bit of OSPR is ITS */
347 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
350 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
352 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
354 printf("Generating reset request\n");
355 do_reset(NULL, 0, 0, NULL);
356 /* If reset doesn't coocur, halt execution */
357 do_esbc_halt(NULL, 0, 0, NULL);
361 * Handles the ESBC uboot client image verification failure.
362 * This function handles all the errors which might occur in the
363 * public key hash comparison and signature verification of
364 * ESBC uboot client image. It will also
365 * set the error bits in the SEC_MON.
367 static void fsl_secboot_image_verification_failure(void)
369 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
371 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
374 set_sec_mon_state(HPSR_SSM_ST_SOFT_FAIL);
376 printf("Generating reset request\n");
377 do_reset(NULL, 0, 0, NULL);
378 /* If reset doesn't coocur, halt execution */
379 do_esbc_halt(NULL, 0, 0, NULL);
382 set_sec_mon_state(HPSR_SSM_ST_NON_SECURE);
386 static void fsl_secboot_bootscript_parse_failure(void)
388 fsl_secboot_header_verification_failure();
392 * Handles the errors in esbc boot.
393 * This function handles all the errors which might occur in the
394 * esbc boot phase. It will call the appropriate api to log the
395 * errors and set the error bits in the SEC_MON.
397 void fsl_secboot_handle_error(int error)
399 #ifndef CONFIG_SPL_BUILD
400 const struct fsl_secboot_errcode *e;
402 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
404 if (e->errcode == error)
405 printf("ERROR :: %x :: %s\n", error, e->name);
408 printf("ERROR :: %x\n", error);
411 /* If Boot Mode is secure, transition the SNVS state and issue
412 * reset based on type of failure and ITS setting.
413 * If Boot mode is non-secure, return from this function.
415 if (fsl_check_boot_mode_secure() == 0)
419 case ERROR_ESBC_CLIENT_HEADER_BARKER:
420 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
421 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
422 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
423 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
424 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
425 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
426 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
427 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
428 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
429 case ERROR_KEY_TABLE_NOT_FOUND:
430 #ifdef CONFIG_KEY_REVOCATION
431 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
432 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
433 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
434 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
436 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
438 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
439 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
440 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
441 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
442 case ERROR_IE_TABLE_NOT_FOUND:
444 fsl_secboot_header_verification_failure();
446 case ERROR_ESBC_SEC_RESET:
447 case ERROR_ESBC_SEC_DEQ:
448 case ERROR_ESBC_SEC_ENQ:
449 case ERROR_ESBC_SEC_DEQ_TO:
450 case ERROR_ESBC_SEC_JOBQ_STATUS:
451 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
452 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
453 fsl_secboot_image_verification_failure();
455 case ERROR_ESBC_MISSING_BOOTM:
456 fsl_secboot_bootscript_parse_failure();
458 case ERROR_ESBC_WRONG_CMD:
465 static void fsl_secblk_handle_error(int error)
468 case ERROR_ESBC_SEC_ENQ:
469 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
471 case ERROR_ESBC_SEC_DEQ:
472 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
474 case ERROR_ESBC_SEC_DEQ_TO:
475 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
478 printf("Job Queue Output status %x\n", error);
479 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
485 * Calculate hash of key obtained via offset present in ESBC uboot
486 * client hdr. This function calculates the hash of key which is obtained
487 * through offset present in ESBC uboot client header.
489 static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
491 struct hash_algo *algo;
495 const char *algo_name = "sha256";
497 /* Calculate hash of the esbc key */
498 ret = hash_progressive_lookup_algo(algo_name, &algo);
502 ret = algo->hash_init(algo, &ctx);
505 /* Update hash for ESBC key */
506 #ifdef CONFIG_KEY_REVOCATION
507 if (check_srk(img)) {
508 ret = algo->hash_update(algo, ctx,
509 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
510 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
515 ret = algo->hash_update(algo, ctx,
516 img->img_key, img->key_len, 1);
519 /* Copy hash at destination buffer */
520 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
525 for (i = 0; i < SHA256_BYTES; i++)
526 img->img_key_hash[i] = hash_val[i];
532 * Calculate hash of ESBC hdr and ESBC. This function calculates the
533 * single hash of ESBC header and ESBC image. If SG flag is on, all
534 * SG entries are also hashed alongwith the complete SG table.
536 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
538 struct hash_algo *algo;
542 const char *algo_name = "sha256";
544 /* Calculate the hash of the ESBC */
545 ret = hash_progressive_lookup_algo(algo_name, &algo);
549 ret = algo->hash_init(algo, &ctx);
550 /* Copy hash at destination buffer */
554 /* Update hash for CSF Header */
555 ret = algo->hash_update(algo, ctx,
556 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
560 /* Update the hash with that of srk table if srk flag is 1
561 * If IE Table is selected, key is not added in the hash
562 * If neither srk table nor IE key table available, add key
563 * from header in the hash calculation
565 #ifdef CONFIG_KEY_REVOCATION
566 if (check_srk(img)) {
567 ret = algo->hash_update(algo, ctx,
568 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
569 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
573 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
574 if (!key_hash && check_ie(img))
577 #ifndef CONFIG_ESBC_HDR_LS
578 /* No single key support in LS ESBC header */
580 ret = algo->hash_update(algo, ctx,
581 img->img_key, img->hdr.key_len, 0);
589 return ERROR_KEY_TABLE_NOT_FOUND;
591 /* Update hash for actual Image */
592 ret = algo->hash_update(algo, ctx,
593 (u8 *)(*(img->img_addr_ptr)), img->img_size, 1);
597 /* Copy hash at destination buffer */
598 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
607 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
608 * pointers for padding, DER value and hash. And finally, constructs EM'
609 * which includes hash of complete CSF header and ESBC image. If SG flag
610 * is on, hash of SG table and entries is also included.
612 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
615 * RSA PKCSv1.5 encoding format for encoded message is below
616 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
617 * PS is Padding String
618 * DER is DER value for SHA-256
619 * Hash is SHA-256 hash
620 * *********************************************************
621 * representative points to first byte of EM initially and is
623 * representative is incremented by 1 and second byte is filled
625 * padding points to third byte of EM
626 * digest points to full length of EM - 32 bytes
627 * hash_id (DER value) points to 19 bytes before pDigest
628 * separator is one byte which separates padding and DER
633 u8 *padding, *digest;
634 u8 *hash_id, *separator;
637 len = (get_key_len(img) / 2) - 1;
638 representative = img->img_encoded_hash_second;
639 representative[0] = 0;
640 representative[1] = 1; /* block type 1 */
642 padding = &representative[2];
643 digest = &representative[1] + len - 32;
644 hash_id = digest - sizeof(hash_identifier);
645 separator = hash_id - 1;
647 /* fill padding area pointed by padding with 0xff */
648 memset(padding, 0xff, separator - padding);
650 /* fill byte pointed by separator */
653 /* fill SHA-256 DER value pointed by HashId */
654 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
656 /* fill hash pointed by Digest */
657 for (i = 0; i < SHA256_BYTES; i++)
658 digest[i] = hash_val[i];
662 * Reads and validates the ESBC client header.
663 * This function reads key and signature from the ESBC client header.
664 * If Scatter/Gather flag is on, lengths and offsets of images
665 * present as SG entries are also read. This function also checks
666 * whether the header is valid or not.
668 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
670 struct fsl_secboot_img_hdr *hdr = &img->hdr;
671 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
677 /* check barker code */
678 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
679 return ERROR_ESBC_CLIENT_HEADER_BARKER;
681 /* If Image Address is not passed as argument to function,
682 * then Address and Size must be read from the Header.
684 if (*(img->img_addr_ptr) == 0) {
685 #ifdef CONFIG_ESBC_ADDR_64BIT
686 *(img->img_addr_ptr) = hdr->pimg64;
688 *(img->img_addr_ptr) = hdr->pimg;
693 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
695 img->img_size = hdr->img_size;
698 #ifdef CONFIG_KEY_REVOCATION
699 if (check_srk(img)) {
700 ret = read_validate_srk_tbl(img);
707 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
708 if (!key_found && check_ie(img)) {
709 ret = read_validate_ie_tbl(img);
715 #ifndef CONFIG_ESBC_HDR_LS
716 /* Single Key Feature not available in LS ESBC Header */
717 if (key_found == 0) {
718 ret = read_validate_single_key(img);
725 return ERROR_KEY_TABLE_NOT_FOUND;
728 if (get_key_len(img) == 2 * hdr->sign_len) {
729 /* check signature length */
730 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
731 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
732 (hdr->sign_len == KEY_SIZE_BYTES)))
733 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
735 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
738 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
739 /* No SG support in LS-CH3 */
740 #ifndef CONFIG_ESBC_HDR_LS
743 return ERROR_ESBC_CLIENT_HEADER_SG;
746 /* modulus most significant bit should be set */
747 k = (u8 *)&img->img_key;
749 if ((k[0] & 0x80) == 0)
750 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
752 /* modulus value should be odd */
753 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
754 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
756 /* Check signature value < modulus value */
757 s = (u8 *)&img->img_sign;
759 if (!(memcmp(s, k, hdr->sign_len) < 0))
760 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
762 return ESBC_VALID_HDR;
765 static inline int str2longbe(const char *p, ulong *num)
773 tmp = hextoul(p, &endptr);
774 if (sizeof(ulong) == 4)
775 *num = cpu_to_be32(tmp);
777 *num = cpu_to_be64(tmp);
780 return *p != '\0' && *endptr == '\0';
782 /* Function to calculate the ESBC Image Hash
783 * and hash from Digital signature.
784 * The Two hash's are compared to yield the
785 * result of signature validation.
787 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
791 struct key_prop prop;
792 #if !defined(USE_HOSTCC)
793 struct udevice *mod_exp_dev;
795 ret = calc_esbchdr_esbc_hash(img);
799 /* Construct encoded hash EM' wrt PKCSv1.5 */
800 construct_img_encoded_hash_second(img);
802 /* Fill prop structure for public key */
803 memset(&prop, 0, sizeof(struct key_prop));
804 key_len = get_key_len(img) / 2;
805 prop.modulus = img->img_key;
806 prop.public_exponent = img->img_key + key_len;
807 prop.num_bits = key_len * 8;
808 prop.exp_len = key_len;
810 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
812 printf("RSA: Can't find Modular Exp implementation\n");
816 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
817 &prop, img->img_encoded_hash);
822 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
823 * memcmp returns zero on success
824 * memcmp returns non-zero on failure
826 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
830 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
834 /* Function to initialize img priv and global data structure
836 static int secboot_init(struct fsl_secboot_img_priv **img_ptr)
838 *img_ptr = malloc(sizeof(struct fsl_secboot_img_priv));
840 struct fsl_secboot_img_priv *img = *img_ptr;
844 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
846 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
848 img->ie_addr = glb.ie_addr;
854 /* haddr - Address of the header of image to be validated.
855 * arg_hash_str - Option hash string. If provided, this
856 * overrides the key hash in the SFP fuses.
857 * img_addr_ptr - Optional pointer to address of image to be validated.
858 * If non zero addr, this overrides the addr of image in header,
859 * otherwise updated to image addr in header.
860 * Acts as both input and output of function.
861 * This pointer shouldn't be NULL.
863 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
864 uintptr_t *img_addr_ptr)
866 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
867 ulong hash[SHA256_BYTES/sizeof(ulong)];
868 char hash_str[NUM_HEX_CHARS + 1];
869 struct fsl_secboot_img_priv *img;
870 struct fsl_secboot_img_hdr *hdr;
872 int ret, i, hash_cmd = 0;
875 if (strlen(arg_hash_str) != 0) {
876 const char *cp = arg_hash_str;
879 if (*cp == '0' && *(cp + 1) == 'x')
882 /* The input string expected is in hex, where
883 * each 4 bits would be represented by a hex
884 * sha256 hash is 256 bits long, which would mean
885 * num of characters = 256 / 4
887 if (strlen(cp) != SHA256_NIBBLES) {
888 printf("%s is not a 256 bits hex string as expected\n",
893 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
894 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
896 hash_str[NUM_HEX_CHARS] = '\0';
897 if (!str2longbe(hash_str, &hash[i])) {
898 printf("%s is not a 256 bits hex string ",
907 ret = secboot_init(&img);
911 /* Update the information in Private Struct */
913 img->ehdrloc = haddr;
914 img->img_addr_ptr = img_addr_ptr;
915 esbc = (u8 *)img->ehdrloc;
917 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
919 /* read and validate esbc header */
920 ret = read_validate_esbc_client_header(img);
922 if (ret != ESBC_VALID_HDR) {
923 fsl_secboot_handle_error(ret);
927 /* SRKH present in SFP */
928 for (i = 0; i < NUM_SRKH_REGS; i++)
929 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
932 * Calculate hash of key obtained via offset present in
933 * ESBC uboot client hdr
935 ret = calc_img_key_hash(img);
937 fsl_secblk_handle_error(ret);
941 /* Compare hash obtained above with SRK hash present in SFP */
943 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
945 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
947 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
948 if (!hash_cmd && check_ie(img))
953 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
957 ret = calculate_cmp_img_sig(img);
959 fsl_secboot_handle_error(ret);
964 /* Free Img as it was malloc'ed*/