1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
13 #include <fdt_region.h>
18 * fit_set_hash_value - set hash value in requested has node
19 * @fit: pointer to the FIT format image header
20 * @noffset: hash node offset
21 * @value: hash value to be set
22 * @value_len: hash value length
24 * fit_set_hash_value() attempts to set hash value in a node at offset
25 * given and returns operation status to the caller.
31 static int fit_set_hash_value(void *fit, int noffset, uint8_t *value,
36 ret = fdt_setprop(fit, noffset, FIT_VALUE_PROP, value, value_len);
38 printf("Can't set hash '%s' property for '%s' node(%s)\n",
39 FIT_VALUE_PROP, fit_get_name(fit, noffset, NULL),
41 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
48 * fit_image_process_hash - Process a single subnode of the images/ node
50 * Check each subnode and process accordingly. For hash nodes we generate
51 * a hash of the supplied data and store it in the node.
53 * @fit: pointer to the FIT format image header
54 * @image_name: name of image being processed (used to display errors)
55 * @noffset: subnode offset
56 * @data: data to process
57 * @size: size of data in bytes
58 * Return: 0 if ok, -1 on error
60 static int fit_image_process_hash(void *fit, const char *image_name,
61 int noffset, const void *data, size_t size)
63 uint8_t value[FIT_MAX_HASH_LEN];
64 const char *node_name;
69 node_name = fit_get_name(fit, noffset, NULL);
71 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
72 printf("Can't get hash algo property for '%s' hash node in '%s' image node\n",
73 node_name, image_name);
77 if (calculate_hash(data, size, algo, value, &value_len)) {
78 printf("Unsupported hash algorithm (%s) for '%s' hash node in '%s' image node\n",
79 algo, node_name, image_name);
80 return -EPROTONOSUPPORT;
83 ret = fit_set_hash_value(fit, noffset, value, value_len);
85 printf("Can't set hash value for '%s' hash node in '%s' image node\n",
86 node_name, image_name);
94 * fit_image_write_sig() - write the signature to a FIT
96 * This writes the signature and signer data to the FIT.
98 * @fit: pointer to the FIT format image header
99 * @noffset: hash node offset
100 * @value: signature value to be set
101 * @value_len: signature value length
102 * @comment: Text comment to write (NULL for none)
106 * -FDT_ERR_..., on failure
108 static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
109 int value_len, const char *comment, const char *region_prop,
110 int region_proplen, const char *cmdname, const char *algo_name)
116 * Get the current string size, before we update the FIT and add
119 string_size = fdt_size_dt_strings(fit);
121 ret = fdt_setprop(fit, noffset, FIT_VALUE_PROP, value, value_len);
123 ret = fdt_setprop_string(fit, noffset, "signer-name",
127 ret = fdt_setprop_string(fit, noffset, "signer-version",
131 ret = fdt_setprop_string(fit, noffset, "comment", comment);
133 time_t timestamp = imagetool_get_source_date(cmdname,
135 uint32_t t = cpu_to_uimage(timestamp);
137 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
140 if (region_prop && !ret) {
143 ret = fdt_setprop(fit, noffset, "hashed-nodes",
144 region_prop, region_proplen);
145 /* This is a legacy offset, it is unused, and must remain 0. */
147 strdata[1] = cpu_to_fdt32(string_size);
149 ret = fdt_setprop(fit, noffset, "hashed-strings",
150 strdata, sizeof(strdata));
153 if (algo_name && !ret)
154 ret = fdt_setprop_string(fit, noffset, "algo", algo_name);
159 static int fit_image_setup_sig(struct image_sign_info *info,
160 const char *keydir, const char *keyfile, void *fit,
161 const char *image_name, int noffset, const char *require_keys,
162 const char *engine_id, const char *algo_name)
164 const char *node_name;
165 const char *padding_name;
167 node_name = fit_get_name(fit, noffset, NULL);
169 if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
170 printf("Can't get algo property for '%s' signature node in '%s' image node\n",
171 node_name, image_name);
176 padding_name = fdt_getprop(fit, noffset, "padding", NULL);
178 memset(info, '\0', sizeof(*info));
179 info->keydir = keydir;
180 info->keyfile = keyfile;
181 info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
183 info->node_offset = noffset;
184 info->name = strdup(algo_name);
185 info->checksum = image_get_checksum_algo(algo_name);
186 info->crypto = image_get_crypto_algo(algo_name);
187 info->padding = image_get_padding_algo(padding_name);
188 info->require_keys = require_keys;
189 info->engine_id = engine_id;
190 if (!info->checksum || !info->crypto) {
191 printf("Unsupported signature algorithm (%s) for '%s' signature node in '%s' image node\n",
192 algo_name, node_name, image_name);
200 * fit_image_process_sig- Process a single subnode of the images/ node
202 * Check each subnode and process accordingly. For signature nodes we
203 * generate a signed hash of the supplied data and store it in the node.
205 * @keydir: Directory containing keys to use for signing
206 * @keydest: Destination FDT blob to write public keys into (NULL if none)
207 * @fit: pointer to the FIT format image header
208 * @image_name: name of image being processed (used to display errors)
209 * @noffset: subnode offset
210 * @data: data to process
211 * @size: size of data in bytes
212 * @comment: Comment to add to signature nodes
213 * @require_keys: Mark all keys as 'required'
214 * @engine_id: Engine to use for signing
215 * Return: keydest node if @keydest is non-NULL, else 0 if none; -ve error code
218 static int fit_image_process_sig(const char *keydir, const char *keyfile,
219 void *keydest, void *fit, const char *image_name,
220 int noffset, const void *data, size_t size,
221 const char *comment, int require_keys, const char *engine_id,
222 const char *cmdname, const char *algo_name)
224 struct image_sign_info info;
225 struct image_region region;
226 const char *node_name;
231 if (fit_image_setup_sig(&info, keydir, keyfile, fit, image_name,
232 noffset, require_keys ? "image" : NULL,
233 engine_id, algo_name))
236 node_name = fit_get_name(fit, noffset, NULL);
239 ret = info.crypto->sign(&info, ®ion, 1, &value, &value_len);
241 printf("Failed to sign '%s' signature node in '%s' image node: %d\n",
242 node_name, image_name, ret);
244 /* We allow keys to be missing */
250 ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
251 NULL, 0, cmdname, algo_name);
253 if (ret == -FDT_ERR_NOSPACE)
255 printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
256 node_name, image_name, fdt_strerror(ret));
261 /* Get keyname again, as FDT has changed and invalidated our pointer */
262 info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
265 * Write the public key into the supplied FDT file; this might fail
266 * several times, since we try signing with successively increasing
270 ret = info.crypto->add_verify_data(&info, keydest);
272 printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
273 node_name, image_name);
276 /* Return the node that was written to */
283 static int fit_image_read_data(char *filename, unsigned char *data,
291 fd = open(filename, O_RDONLY | O_BINARY);
293 printf("Can't open file %s (err=%d => %s)\n",
294 filename, errno, strerror(errno));
298 /* Compute file size */
299 if (fstat(fd, &sbuf) < 0) {
300 printf("Can't fstat file %s (err=%d => %s)\n",
301 filename, errno, strerror(errno));
305 /* Check file size */
306 if (sbuf.st_size != expected_size) {
307 printf("File %s don't have the expected size (size=%lld, expected=%d)\n",
308 filename, (long long)sbuf.st_size, expected_size);
313 n = read(fd, data, sbuf.st_size);
315 printf("Can't read file %s (err=%d => %s)\n",
316 filename, errno, strerror(errno));
320 /* Check that we have read all the file */
321 if (n != sbuf.st_size) {
322 printf("Can't read all file %s (read %zd bytes, expected %lld)\n",
323 filename, n, (long long)sbuf.st_size);
334 static int get_random_data(void *data, int size)
336 unsigned char *tmp = data;
337 struct timespec date;
341 printf("%s: pointer data is NULL\n", __func__);
346 ret = clock_gettime(CLOCK_MONOTONIC, &date);
348 printf("%s: clock_gettime has failed (%s)\n", __func__,
353 srandom(date.tv_nsec);
355 for (i = 0; i < size; i++) {
356 *tmp = random() & 0xff;
364 static int fit_image_setup_cipher(struct image_cipher_info *info,
365 const char *keydir, void *fit,
366 const char *image_name, int image_noffset,
373 if (fit_image_cipher_get_algo(fit, noffset, &algo_name)) {
374 printf("Can't get algo name for cipher in image '%s'\n",
379 info->keydir = keydir;
381 /* Read the key name */
382 info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
383 if (!info->keyname) {
384 printf("Can't get key name for cipher in image '%s'\n",
392 * If this property is not provided then mkimage will generate
393 * a random IV and store it in the FIT image
395 info->ivname = fdt_getprop(fit, noffset, "iv-name-hint", NULL);
398 info->node_noffset = noffset;
399 info->name = algo_name;
401 info->cipher = image_get_cipher_algo(algo_name);
403 printf("Can't get algo for cipher '%s'\n", image_name);
407 /* Read the key in the file */
408 snprintf(filename, sizeof(filename), "%s/%s%s",
409 info->keydir, info->keyname, ".bin");
410 info->key = malloc(info->cipher->key_len);
412 printf("Can't allocate memory for key\n");
416 ret = fit_image_read_data(filename, (unsigned char *)info->key,
417 info->cipher->key_len);
421 info->iv = malloc(info->cipher->iv_len);
423 printf("Can't allocate memory for iv\n");
429 /* Read the IV in the file */
430 snprintf(filename, sizeof(filename), "%s/%s%s",
431 info->keydir, info->ivname, ".bin");
432 ret = fit_image_read_data(filename, (unsigned char *)info->iv,
433 info->cipher->iv_len);
435 /* Generate an ramdom IV */
436 ret = get_random_data((void *)info->iv, info->cipher->iv_len);
443 int fit_image_write_cipher(void *fit, int image_noffset, int noffset,
444 const void *data, size_t size,
445 unsigned char *data_ciphered, int data_ciphered_len)
449 /* Replace data with ciphered data */
450 ret = fdt_setprop(fit, image_noffset, FIT_DATA_PROP,
451 data_ciphered, data_ciphered_len);
452 if (ret == -FDT_ERR_NOSPACE) {
457 printf("Can't replace data with ciphered data (err = %d)\n", ret);
461 /* add non ciphered data size */
462 ret = fdt_setprop_u32(fit, image_noffset, "data-size-unciphered", size);
463 if (ret == -FDT_ERR_NOSPACE) {
468 printf("Can't add unciphered data size (err = %d)\n", ret);
477 fit_image_process_cipher(const char *keydir, void *keydest, void *fit,
478 const char *image_name, int image_noffset,
479 int node_noffset, const void *data, size_t size,
482 struct image_cipher_info info;
483 unsigned char *data_ciphered = NULL;
484 int data_ciphered_len;
487 memset(&info, 0, sizeof(info));
489 ret = fit_image_setup_cipher(&info, keydir, fit, image_name,
490 image_noffset, node_noffset);
494 ret = info.cipher->encrypt(&info, data, size,
495 &data_ciphered, &data_ciphered_len);
500 * Write the public key into the supplied FDT file; this might fail
501 * several times, since we try signing with successively increasing
503 * And, if needed, write the iv in the FIT file
506 ret = info.cipher->add_cipher_data(&info, keydest, fit, node_noffset);
508 printf("Failed to add verification data for cipher '%s' in image '%s'\n",
509 info.keyname, image_name);
514 ret = fit_image_write_cipher(fit, image_noffset, node_noffset,
516 data_ciphered, data_ciphered_len);
520 free((void *)info.key);
521 free((void *)info.iv);
525 int fit_image_cipher_data(const char *keydir, void *keydest,
526 void *fit, int image_noffset, const char *comment,
527 int require_keys, const char *engine_id,
530 const char *image_name;
533 int cipher_node_offset, len;
536 image_name = fit_get_name(fit, image_noffset, NULL);
538 printf("Can't get image name\n");
542 /* Get image data and data length */
543 if (fit_image_get_data(fit, image_noffset, &data, &size)) {
544 printf("Can't get image data/size\n");
549 * Don't cipher ciphered data.
551 * If the data-size-unciphered property is present the data for this
552 * image is already encrypted. This is important as 'mkimage -F' can be
553 * run multiple times on a FIT image.
555 if (fdt_getprop(fit, image_noffset, "data-size-unciphered", &len))
557 if (len != -FDT_ERR_NOTFOUND) {
558 printf("Failure testing for data-size-unciphered\n");
562 /* Process cipher node if present */
563 cipher_node_offset = fdt_subnode_offset(fit, image_noffset,
564 FIT_CIPHER_NODENAME);
565 if (cipher_node_offset == -FDT_ERR_NOTFOUND)
567 if (cipher_node_offset < 0) {
568 printf("Failure getting cipher node\n");
571 if (!IMAGE_ENABLE_ENCRYPT || !keydir)
573 return fit_image_process_cipher(keydir, keydest, fit, image_name,
574 image_noffset, cipher_node_offset, data, size, cmdname);
578 * fit_image_add_verification_data() - calculate/set verig. data for image node
580 * This adds hash and signature values for an component image node.
582 * All existing hash subnodes are checked, if algorithm property is set to
583 * one of the supported hash algorithms, hash value is computed and
584 * corresponding hash node property is set, for example:
586 * Input component image node structure:
588 * o image-1 (at image_noffset)
589 * | - data = [binary data]
593 * Output component image node structure:
595 * o image-1 (at image_noffset)
596 * | - data = [binary data]
599 * |- value = sha1(data)
601 * For signature details, please see doc/uImage.FIT/signature.txt
603 * @keydir Directory containing *.key and *.crt files (or NULL)
604 * @keydest FDT Blob to write public keys into (NULL if none)
605 * @fit: Pointer to the FIT format image header
606 * @image_noffset: Requested component image node
607 * @comment: Comment to add to signature nodes
608 * @require_keys: Mark all keys as 'required'
609 * @engine_id: Engine to use for signing
610 * @return: 0 on success, <0 on failure
612 int fit_image_add_verification_data(const char *keydir, const char *keyfile,
613 void *keydest, void *fit, int image_noffset,
614 const char *comment, int require_keys, const char *engine_id,
615 const char *cmdname, const char* algo_name)
617 const char *image_name;
622 /* Get image data and data length */
623 if (fit_image_get_data(fit, image_noffset, &data, &size)) {
624 printf("Can't get image data/size\n");
628 image_name = fit_get_name(fit, image_noffset, NULL);
630 /* Process all hash subnodes of the component image node */
631 for (noffset = fdt_first_subnode(fit, image_noffset);
633 noffset = fdt_next_subnode(fit, noffset)) {
634 const char *node_name;
638 * Check subnode name, must be equal to "hash" or "signature".
639 * Multiple hash nodes require unique unit node
640 * names, e.g. hash-1, hash-2, signature-1, etc.
642 node_name = fit_get_name(fit, noffset, NULL);
643 if (!strncmp(node_name, FIT_HASH_NODENAME,
644 strlen(FIT_HASH_NODENAME))) {
645 ret = fit_image_process_hash(fit, image_name, noffset,
647 } else if (IMAGE_ENABLE_SIGN && (keydir || keyfile) &&
648 !strncmp(node_name, FIT_SIG_NODENAME,
649 strlen(FIT_SIG_NODENAME))) {
650 ret = fit_image_process_sig(keydir, keyfile, keydest,
651 fit, image_name, noffset, data, size,
652 comment, require_keys, engine_id, cmdname,
667 static void strlist_init(struct strlist *list)
669 memset(list, '\0', sizeof(*list));
672 static void strlist_free(struct strlist *list)
676 for (i = 0; i < list->count; i++)
677 free(list->strings[i]);
681 static int strlist_add(struct strlist *list, const char *str)
686 list->strings = realloc(list->strings,
687 (list->count + 1) * sizeof(char *));
690 list->strings[list->count++] = dup;
695 static const char *fit_config_get_image_list(const void *fit, int noffset,
696 int *lenp, int *allow_missingp)
698 static const char default_list[] = FIT_KERNEL_PROP "\0"
702 /* If there is an "sign-image" property, use that */
703 prop = fdt_getprop(fit, noffset, "sign-images", lenp);
706 return *lenp ? prop : NULL;
709 /* Default image list */
711 *lenp = sizeof(default_list);
717 * fit_config_add_hash() - Add a list of nodes to hash for an image
719 * This adds a list of paths to image nodes (as referred to by a particular
720 * offset) that need to be hashed, to protect a configuration
722 * @fit: Pointer to the FIT format image header
723 * @image_noffset: Offset of image to process (e.g. /images/kernel-1)
724 * @node_inc: List of nodes to add to
725 * @conf_name Configuration-node name, child of /configurations node (only
726 * used for error messages)
727 * @sig_name Signature-node name (only used for error messages)
728 * @iname: Name of image being processed (e.g. "kernel-1" (only used
729 * for error messages)
731 static int fit_config_add_hash(const void *fit, int image_noffset,
732 struct strlist *node_inc, const char *conf_name,
733 const char *sig_name, const char *iname)
740 ret = fdt_get_path(fit, image_noffset, path, sizeof(path));
743 if (strlist_add(node_inc, path))
746 /* Add all this image's hashes */
748 for (noffset = fdt_first_subnode(fit, image_noffset);
750 noffset = fdt_next_subnode(fit, noffset)) {
751 const char *name = fit_get_name(fit, noffset, NULL);
753 if (strncmp(name, FIT_HASH_NODENAME,
754 strlen(FIT_HASH_NODENAME)))
756 ret = fdt_get_path(fit, noffset, path, sizeof(path));
759 if (strlist_add(node_inc, path))
765 printf("Failed to find any hash nodes in configuration '%s/%s' image '%s' - without these it is not possible to verify this image\n",
766 conf_name, sig_name, iname);
770 /* Add this image's cipher node if present */
771 noffset = fdt_subnode_offset(fit, image_noffset,
772 FIT_CIPHER_NODENAME);
773 if (noffset != -FDT_ERR_NOTFOUND) {
775 printf("Failed to get cipher node in configuration '%s/%s' image '%s': %s\n",
776 conf_name, sig_name, iname,
777 fdt_strerror(noffset));
780 ret = fdt_get_path(fit, noffset, path, sizeof(path));
783 if (strlist_add(node_inc, path))
790 printf("Out of memory processing configuration '%s/%s'\n", conf_name,
795 printf("Failed to get path for image '%s' in configuration '%s/%s': %s\n",
796 iname, conf_name, sig_name, fdt_strerror(ret));
801 * fit_config_get_hash_list() - Get the regions to sign
803 * This calculates a list of nodes to hash for this particular configuration,
804 * returning it as a string list (struct strlist, not a devicetree string list)
806 * @fit: Pointer to the FIT format image header
807 * @conf_noffset: Offset of configuration node to sign (child of
808 * /configurations node)
809 * @sig_offset: Offset of signature node containing info about how to sign it
810 * (child of 'signatures' node)
811 * @return 0 if OK, -ENOENT if an image referred to by the configuration cannot
812 * be found, -ENOMSG if ther were no images in the configuration
814 static int fit_config_get_hash_list(const void *fit, int conf_noffset,
815 int sig_offset, struct strlist *node_inc)
818 const char *prop, *iname, *end;
819 const char *conf_name, *sig_name;
824 conf_name = fit_get_name(fit, conf_noffset, NULL);
825 sig_name = fit_get_name(fit, sig_offset, NULL);
828 * Build a list of nodes we need to hash. We always need the root
829 * node and the configuration.
831 strlist_init(node_inc);
832 snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH, conf_name);
833 if (strlist_add(node_inc, "/") ||
834 strlist_add(node_inc, name))
837 /* Get a list of images that we intend to sign */
838 prop = fit_config_get_image_list(fit, sig_offset, &len,
843 /* Locate the images */
846 for (iname = prop; iname < end; iname += strlen(iname) + 1) {
848 int index, max_index;
850 max_index = fdt_stringlist_count(fit, conf_noffset, iname);
852 for (index = 0; index < max_index; index++) {
853 image_noffset = fit_conf_get_prop_node_index(fit, conf_noffset,
856 if (image_noffset < 0) {
857 printf("Failed to find image '%s' in configuration '%s/%s'\n",
858 iname, conf_name, sig_name);
865 ret = fit_config_add_hash(fit, image_noffset, node_inc,
866 conf_name, sig_name, iname);
875 printf("Failed to find any images for configuration '%s/%s'\n",
876 conf_name, sig_name);
883 printf("Out of memory processing configuration '%s/%s'\n", conf_name,
889 * fit_config_get_regions() - Get the regions to sign
891 * This calculates a list of node to hash for this particular configuration,
892 * then finds which regions of the devicetree they correspond to.
894 * @fit: Pointer to the FIT format image header
895 * @conf_noffset: Offset of configuration node to sign (child of
896 * /configurations node)
897 * @sig_offset: Offset of signature node containing info about how to sign it
898 * (child of 'signatures' node)
899 * @regionp: Returns list of regions that need to be hashed (allocated; must be
900 * freed by the caller)
901 * @region_count: Returns number of regions
902 * @region_propp: Returns string-list property containing the list of nodes
903 * that correspond to the regions. Each entry is a full path to the node.
904 * This is in devicetree format, i.e. a \0 between each string. This is
905 * allocated and must be freed by the caller.
906 * @region_proplen: Returns length of *@@region_propp in bytes
907 * @return 0 if OK, -ENOMEM if out of memory, -EIO if the regions to hash could
908 * not be found, -EINVAL if no registers were found to hash
910 static int fit_config_get_regions(const void *fit, int conf_noffset,
911 int sig_offset, struct image_region **regionp,
912 int *region_countp, char **region_propp,
915 char * const exc_prop[] = {"data"};
916 struct strlist node_inc;
917 struct image_region *region;
918 struct fdt_region fdt_regions[100];
919 const char *conf_name, *sig_name;
925 conf_name = fit_get_name(fit, conf_noffset, NULL);
926 sig_name = fit_get_name(fit, sig_offset, NULL);
927 debug("%s: conf='%s', sig='%s'\n", __func__, conf_name, sig_name);
929 /* Get a list of nodes we want to hash */
930 ret = fit_config_get_hash_list(fit, conf_noffset, sig_offset,
935 /* Get a list of regions to hash */
936 count = fdt_find_regions(fit, node_inc.strings, node_inc.count,
937 exc_prop, ARRAY_SIZE(exc_prop),
938 fdt_regions, ARRAY_SIZE(fdt_regions),
939 path, sizeof(path), 1);
941 printf("Failed to hash configuration '%s/%s': %s\n", conf_name,
942 sig_name, fdt_strerror(ret));
946 printf("No data to hash for configuration '%s/%s': %s\n",
947 conf_name, sig_name, fdt_strerror(ret));
951 /* Build our list of data blocks */
952 region = fit_region_make_list(fit, fdt_regions, count, NULL);
954 printf("Out of memory hashing configuration '%s/%s'\n",
955 conf_name, sig_name);
959 /* Create a list of all hashed properties */
960 debug("Hash nodes:\n");
961 for (i = len = 0; i < node_inc.count; i++) {
962 debug(" %s\n", node_inc.strings[i]);
963 len += strlen(node_inc.strings[i]) + 1;
965 region_prop = malloc(len);
967 printf("Out of memory setting up regions for configuration '%s/%s'\n",
968 conf_name, sig_name);
971 for (i = len = 0; i < node_inc.count;
972 len += strlen(node_inc.strings[i]) + 1, i++)
973 strcpy(region_prop + len, node_inc.strings[i]);
974 strlist_free(&node_inc);
976 *region_countp = count;
978 *region_propp = region_prop;
979 *region_proplen = len;
985 * fit_config_process_sig - Process a single subnode of the configurations/ node
987 * Generate a signed hash of the supplied data and store it in the node.
989 * @keydir: Directory containing keys to use for signing
990 * @keydest: Destination FDT blob to write public keys into (NULL if none)
991 * @fit: pointer to the FIT format image header
992 * @conf_name name of config being processed (used to display errors)
993 * @conf_noffset: Offset of configuration node, e.g. '/configurations/conf-1'
994 * @noffset: subnode offset, e.g. '/configurations/conf-1/sig-1'
995 * @comment: Comment to add to signature nodes
996 * @require_keys: Mark all keys as 'required'
997 * @engine_id: Engine to use for signing
998 * @cmdname: Command name used when reporting errors
999 * @return keydest node if @keydest is non-NULL, else 0 if none; -ve error code
1002 static int fit_config_process_sig(const char *keydir, const char *keyfile,
1003 void *keydest, void *fit, const char *conf_name,
1004 int conf_noffset, int noffset, const char *comment,
1005 int require_keys, const char *engine_id, const char *cmdname,
1006 const char *algo_name)
1008 struct image_sign_info info;
1009 const char *node_name;
1010 struct image_region *region;
1018 node_name = fit_get_name(fit, noffset, NULL);
1019 if (fit_config_get_regions(fit, conf_noffset, noffset, ®ion,
1020 ®ion_count, ®ion_prop,
1024 if (fit_image_setup_sig(&info, keydir, keyfile, fit, conf_name, noffset,
1025 require_keys ? "conf" : NULL, engine_id,
1029 ret = info.crypto->sign(&info, region, region_count, &value,
1033 printf("Failed to sign '%s' signature node in '%s' conf node\n",
1034 node_name, conf_name);
1036 /* We allow keys to be missing */
1042 ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
1043 region_prop, region_proplen, cmdname,
1046 if (ret == -FDT_ERR_NOSPACE)
1048 printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
1049 node_name, conf_name, fdt_strerror(ret));
1055 /* Get keyname again, as FDT has changed and invalidated our pointer */
1056 info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
1058 /* Write the public key into the supplied FDT file */
1060 ret = info.crypto->add_verify_data(&info, keydest);
1062 printf("Failed to add verification data for '%s' signature node in '%s' configuration node\n",
1063 node_name, conf_name);
1071 static int fit_config_add_verification_data(const char *keydir,
1072 const char *keyfile, void *keydest, void *fit, int conf_noffset,
1073 const char *comment, int require_keys, const char *engine_id,
1074 const char *cmdname, const char *algo_name)
1076 const char *conf_name;
1079 conf_name = fit_get_name(fit, conf_noffset, NULL);
1081 /* Process all hash subnodes of the configuration node */
1082 for (noffset = fdt_first_subnode(fit, conf_noffset);
1084 noffset = fdt_next_subnode(fit, noffset)) {
1085 const char *node_name;
1088 node_name = fit_get_name(fit, noffset, NULL);
1089 if (!strncmp(node_name, FIT_SIG_NODENAME,
1090 strlen(FIT_SIG_NODENAME))) {
1091 ret = fit_config_process_sig(keydir, keyfile, keydest,
1092 fit, conf_name, conf_noffset, noffset, comment,
1093 require_keys, engine_id, cmdname, algo_name);
1102 int fit_cipher_data(const char *keydir, void *keydest, void *fit,
1103 const char *comment, int require_keys,
1104 const char *engine_id, const char *cmdname)
1110 /* Find images parent node offset */
1111 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1112 if (images_noffset < 0) {
1113 printf("Can't find images parent node '%s' (%s)\n",
1114 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1115 return images_noffset;
1118 /* Process its subnodes, print out component images details */
1119 for (noffset = fdt_first_subnode(fit, images_noffset);
1121 noffset = fdt_next_subnode(fit, noffset)) {
1123 * Direct child node of the images parent node,
1124 * i.e. component image node.
1126 ret = fit_image_cipher_data(keydir, keydest,
1127 fit, noffset, comment,
1128 require_keys, engine_id,
1137 int fit_add_verification_data(const char *keydir, const char *keyfile,
1138 void *keydest, void *fit, const char *comment,
1139 int require_keys, const char *engine_id,
1140 const char *cmdname, const char *algo_name)
1142 int images_noffset, confs_noffset;
1146 /* Find images parent node offset */
1147 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1148 if (images_noffset < 0) {
1149 printf("Can't find images parent node '%s' (%s)\n",
1150 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1151 return images_noffset;
1154 /* Process its subnodes, print out component images details */
1155 for (noffset = fdt_first_subnode(fit, images_noffset);
1157 noffset = fdt_next_subnode(fit, noffset)) {
1159 * Direct child node of the images parent node,
1160 * i.e. component image node.
1162 ret = fit_image_add_verification_data(keydir, keyfile, keydest,
1163 fit, noffset, comment, require_keys, engine_id,
1164 cmdname, algo_name);
1169 /* If there are no keys, we can't sign configurations */
1170 if (!IMAGE_ENABLE_SIGN || !(keydir || keyfile))
1173 /* Find configurations parent node offset */
1174 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1175 if (confs_noffset < 0) {
1176 printf("Can't find images parent node '%s' (%s)\n",
1177 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1181 /* Process its subnodes, print out component images details */
1182 for (noffset = fdt_first_subnode(fit, confs_noffset);
1184 noffset = fdt_next_subnode(fit, noffset)) {
1185 ret = fit_config_add_verification_data(keydir, keyfile, keydest,
1186 fit, noffset, comment,
1197 #ifdef CONFIG_FIT_SIGNATURE
1198 int fit_check_sign(const void *fit, const void *key,
1199 const char *fit_uname_config)
1204 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
1208 printf("Verifying Hash Integrity for node '%s'... ",
1209 fdt_get_name(fit, cfg_noffset, NULL));
1210 ret = fit_config_verify(fit, cfg_noffset);
1213 printf("Verified OK, loading images\n");
1214 ret = bootm_host_load_images(fit, cfg_noffset);
projects / platform / kernel / u-boot.git / blob