u-boot: fit: add support to decrypt fit with aes
[platform/kernel/u-boot.git] / tools / fit_check_sign.c
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * (C) Copyright 2014
4  * DENX Software Engineering
5  * Heiko Schocher <hs@denx.de>
6  *
7  * Based on:
8  * (C) Copyright 2008 Semihalf
9  *
10  * (C) Copyright 2000-2004
11  * DENX Software Engineering
12  * Wolfgang Denk, wd@denx.de
13  *
14  * Updated-by: Prafulla Wadaskar <prafulla@marvell.com>
15  *              FIT image specific code abstracted from mkimage.c
16  *              some functions added to address abstraction
17  *
18  * All rights reserved.
19  */
20
21 #include "mkimage.h"
22 #include "fit_common.h"
23 #include <image.h>
24 #include <u-boot/crc.h>
25
26 void usage(char *cmdname)
27 {
28         fprintf(stderr, "Usage: %s -f fit file -k key file\n"
29                          "          -f ==> set fit file which should be checked'\n"
30                          "          -k ==> set key file which contains the key'\n",
31                 cmdname);
32         exit(EXIT_FAILURE);
33 }
34
35 int main(int argc, char **argv)
36 {
37         int ffd = -1;
38         int kfd = -1;
39         struct stat fsbuf;
40         struct stat ksbuf;
41         void *fit_blob;
42         char *fdtfile = NULL;
43         char *keyfile = NULL;
44         char cmdname[256];
45         int ret;
46         void *key_blob;
47         int c;
48
49         strncpy(cmdname, *argv, sizeof(cmdname) - 1);
50         cmdname[sizeof(cmdname) - 1] = '\0';
51         while ((c = getopt(argc, argv, "f:k:")) != -1)
52                 switch (c) {
53                 case 'f':
54                         fdtfile = optarg;
55                         break;
56                 case 'k':
57                         keyfile = optarg;
58                         break;
59                 default:
60                         usage(cmdname);
61                         break;
62         }
63
64         if (!fdtfile) {
65                 fprintf(stderr, "%s: Missing fdt file\n", *argv);
66                 usage(*argv);
67         }
68         if (!keyfile) {
69                 fprintf(stderr, "%s: Missing key file\n", *argv);
70                 usage(*argv);
71         }
72
73         ffd = mmap_fdt(cmdname, fdtfile, 0, &fit_blob, &fsbuf, false, true);
74         if (ffd < 0)
75                 return EXIT_FAILURE;
76         kfd = mmap_fdt(cmdname, keyfile, 0, &key_blob, &ksbuf, false, true);
77         if (kfd < 0)
78                 return EXIT_FAILURE;
79
80         image_set_host_blob(key_blob);
81         ret = fit_check_sign(fit_blob, key_blob);
82         if (!ret) {
83                 ret = EXIT_SUCCESS;
84                 fprintf(stderr, "Signature check OK\n");
85         } else {
86                 ret = EXIT_FAILURE;
87                 fprintf(stderr, "Signature check Bad (error %d)\n", ret);
88         }
89
90         (void) munmap((void *)fit_blob, fsbuf.st_size);
91         (void) munmap((void *)key_blob, ksbuf.st_size);
92
93         close(ffd);
94         close(kfd);
95         exit(ret);
96 }