1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013, Google Inc.
5 * (C) Copyright 2008 Semihalf
7 * (C) Copyright 2000-2006
8 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
13 #include <fdt_region.h>
18 * fit_set_hash_value - set hash value in requested has node
19 * @fit: pointer to the FIT format image header
20 * @noffset: hash node offset
21 * @value: hash value to be set
22 * @value_len: hash value length
24 * fit_set_hash_value() attempts to set hash value in a node at offset
25 * given and returns operation status to the caller.
31 static int fit_set_hash_value(void *fit, int noffset, uint8_t *value,
36 ret = fdt_setprop(fit, noffset, FIT_VALUE_PROP, value, value_len);
38 printf("Can't set hash '%s' property for '%s' node(%s)\n",
39 FIT_VALUE_PROP, fit_get_name(fit, noffset, NULL),
41 return ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
48 * fit_image_process_hash - Process a single subnode of the images/ node
50 * Check each subnode and process accordingly. For hash nodes we generate
51 * a hash of the supplied data and store it in the node.
53 * @fit: pointer to the FIT format image header
54 * @image_name: name of image being processed (used to display errors)
55 * @noffset: subnode offset
56 * @data: data to process
57 * @size: size of data in bytes
58 * Return: 0 if ok, -1 on error
60 static int fit_image_process_hash(void *fit, const char *image_name,
61 int noffset, const void *data, size_t size)
63 uint8_t value[FIT_MAX_HASH_LEN];
64 const char *node_name;
69 node_name = fit_get_name(fit, noffset, NULL);
71 if (fit_image_hash_get_algo(fit, noffset, &algo)) {
72 printf("Can't get hash algo property for '%s' hash node in '%s' image node\n",
73 node_name, image_name);
77 if (calculate_hash(data, size, algo, value, &value_len)) {
78 printf("Unsupported hash algorithm (%s) for '%s' hash node in '%s' image node\n",
79 algo, node_name, image_name);
80 return -EPROTONOSUPPORT;
83 ret = fit_set_hash_value(fit, noffset, value, value_len);
85 printf("Can't set hash value for '%s' hash node in '%s' image node\n",
86 node_name, image_name);
94 * fit_image_write_sig() - write the signature to a FIT
96 * This writes the signature and signer data to the FIT.
98 * @fit: pointer to the FIT format image header
99 * @noffset: hash node offset
100 * @value: signature value to be set
101 * @value_len: signature value length
102 * @comment: Text comment to write (NULL for none)
106 * -FDT_ERR_..., on failure
108 static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
109 int value_len, const char *comment, const char *region_prop,
110 int region_proplen, const char *cmdname, const char *algo_name)
116 * Get the current string size, before we update the FIT and add
119 string_size = fdt_size_dt_strings(fit);
121 ret = fdt_setprop(fit, noffset, FIT_VALUE_PROP, value, value_len);
123 ret = fdt_setprop_string(fit, noffset, "signer-name",
127 ret = fdt_setprop_string(fit, noffset, "signer-version",
131 ret = fdt_setprop_string(fit, noffset, "comment", comment);
133 time_t timestamp = imagetool_get_source_date(cmdname,
135 uint32_t t = cpu_to_uimage(timestamp);
137 ret = fdt_setprop(fit, noffset, FIT_TIMESTAMP_PROP, &t,
140 if (region_prop && !ret) {
143 ret = fdt_setprop(fit, noffset, "hashed-nodes",
144 region_prop, region_proplen);
145 /* This is a legacy offset, it is unused, and must remain 0. */
147 strdata[1] = cpu_to_fdt32(string_size);
149 ret = fdt_setprop(fit, noffset, "hashed-strings",
150 strdata, sizeof(strdata));
153 if (algo_name && !ret)
154 ret = fdt_setprop_string(fit, noffset, "algo", algo_name);
159 static int fit_image_setup_sig(struct image_sign_info *info,
160 const char *keydir, const char *keyfile, void *fit,
161 const char *image_name, int noffset, const char *require_keys,
162 const char *engine_id, const char *algo_name)
164 const char *node_name;
165 const char *padding_name;
167 node_name = fit_get_name(fit, noffset, NULL);
169 if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
170 printf("Can't get algo property for '%s' signature node in '%s' image node\n",
171 node_name, image_name);
176 padding_name = fdt_getprop(fit, noffset, "padding", NULL);
178 memset(info, '\0', sizeof(*info));
179 info->keydir = keydir;
180 info->keyfile = keyfile;
181 info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
183 info->node_offset = noffset;
184 info->name = strdup(algo_name);
185 info->checksum = image_get_checksum_algo(algo_name);
186 info->crypto = image_get_crypto_algo(algo_name);
187 info->padding = image_get_padding_algo(padding_name);
188 info->require_keys = require_keys;
189 info->engine_id = engine_id;
190 if (!info->checksum || !info->crypto) {
191 printf("Unsupported signature algorithm (%s) for '%s' signature node in '%s' image node\n",
192 algo_name, node_name, image_name);
200 * fit_image_process_sig- Process a single subnode of the images/ node
202 * Check each subnode and process accordingly. For signature nodes we
203 * generate a signed hash of the supplied data and store it in the node.
205 * @keydir: Directory containing keys to use for signing
206 * @keydest: Destination FDT blob to write public keys into (NULL if none)
207 * @fit: pointer to the FIT format image header
208 * @image_name: name of image being processed (used to display errors)
209 * @noffset: subnode offset
210 * @data: data to process
211 * @size: size of data in bytes
212 * @comment: Comment to add to signature nodes
213 * @require_keys: Mark all keys as 'required'
214 * @engine_id: Engine to use for signing
215 * Return: 0 if ok, -1 on error
217 static int fit_image_process_sig(const char *keydir, const char *keyfile,
218 void *keydest, void *fit, const char *image_name,
219 int noffset, const void *data, size_t size,
220 const char *comment, int require_keys, const char *engine_id,
221 const char *cmdname, const char *algo_name)
223 struct image_sign_info info;
224 struct image_region region;
225 const char *node_name;
230 if (fit_image_setup_sig(&info, keydir, keyfile, fit, image_name,
231 noffset, require_keys ? "image" : NULL,
232 engine_id, algo_name))
235 node_name = fit_get_name(fit, noffset, NULL);
238 ret = info.crypto->sign(&info, ®ion, 1, &value, &value_len);
240 printf("Failed to sign '%s' signature node in '%s' image node: %d\n",
241 node_name, image_name, ret);
243 /* We allow keys to be missing */
249 ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
250 NULL, 0, cmdname, algo_name);
252 if (ret == -FDT_ERR_NOSPACE)
254 printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
255 node_name, image_name, fdt_strerror(ret));
260 /* Get keyname again, as FDT has changed and invalidated our pointer */
261 info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
264 * Write the public key into the supplied FDT file; this might fail
265 * several times, since we try signing with successively increasing
269 ret = info.crypto->add_verify_data(&info, keydest);
271 printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
272 node_name, image_name);
280 static int fit_image_read_data(char *filename, unsigned char *data,
288 fd = open(filename, O_RDONLY | O_BINARY);
290 printf("Can't open file %s (err=%d => %s)\n",
291 filename, errno, strerror(errno));
295 /* Compute file size */
296 if (fstat(fd, &sbuf) < 0) {
297 printf("Can't fstat file %s (err=%d => %s)\n",
298 filename, errno, strerror(errno));
302 /* Check file size */
303 if (sbuf.st_size != expected_size) {
304 printf("File %s don't have the expected size (size=%lld, expected=%d)\n",
305 filename, (long long)sbuf.st_size, expected_size);
310 n = read(fd, data, sbuf.st_size);
312 printf("Can't read file %s (err=%d => %s)\n",
313 filename, errno, strerror(errno));
317 /* Check that we have read all the file */
318 if (n != sbuf.st_size) {
319 printf("Can't read all file %s (read %zd bytes, expected %lld)\n",
320 filename, n, (long long)sbuf.st_size);
331 static int get_random_data(void *data, int size)
333 unsigned char *tmp = data;
334 struct timespec date;
338 printf("%s: pointer data is NULL\n", __func__);
343 ret = clock_gettime(CLOCK_MONOTONIC, &date);
345 printf("%s: clock_gettime has failed (%s)\n", __func__,
350 srandom(date.tv_nsec);
352 for (i = 0; i < size; i++) {
353 *tmp = random() & 0xff;
361 static int fit_image_setup_cipher(struct image_cipher_info *info,
362 const char *keydir, void *fit,
363 const char *image_name, int image_noffset,
370 if (fit_image_cipher_get_algo(fit, noffset, &algo_name)) {
371 printf("Can't get algo name for cipher in image '%s'\n",
376 info->keydir = keydir;
378 /* Read the key name */
379 info->keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
380 if (!info->keyname) {
381 printf("Can't get key name for cipher in image '%s'\n",
389 * If this property is not provided then mkimage will generate
390 * a random IV and store it in the FIT image
392 info->ivname = fdt_getprop(fit, noffset, "iv-name-hint", NULL);
395 info->node_noffset = noffset;
396 info->name = algo_name;
398 info->cipher = image_get_cipher_algo(algo_name);
400 printf("Can't get algo for cipher '%s'\n", image_name);
404 /* Read the key in the file */
405 snprintf(filename, sizeof(filename), "%s/%s%s",
406 info->keydir, info->keyname, ".bin");
407 info->key = malloc(info->cipher->key_len);
409 printf("Can't allocate memory for key\n");
413 ret = fit_image_read_data(filename, (unsigned char *)info->key,
414 info->cipher->key_len);
418 info->iv = malloc(info->cipher->iv_len);
420 printf("Can't allocate memory for iv\n");
426 /* Read the IV in the file */
427 snprintf(filename, sizeof(filename), "%s/%s%s",
428 info->keydir, info->ivname, ".bin");
429 ret = fit_image_read_data(filename, (unsigned char *)info->iv,
430 info->cipher->iv_len);
432 /* Generate an ramdom IV */
433 ret = get_random_data((void *)info->iv, info->cipher->iv_len);
440 int fit_image_write_cipher(void *fit, int image_noffset, int noffset,
441 const void *data, size_t size,
442 unsigned char *data_ciphered, int data_ciphered_len)
446 /* Replace data with ciphered data */
447 ret = fdt_setprop(fit, image_noffset, FIT_DATA_PROP,
448 data_ciphered, data_ciphered_len);
449 if (ret == -FDT_ERR_NOSPACE) {
454 printf("Can't replace data with ciphered data (err = %d)\n", ret);
458 /* add non ciphered data size */
459 ret = fdt_setprop_u32(fit, image_noffset, "data-size-unciphered", size);
460 if (ret == -FDT_ERR_NOSPACE) {
465 printf("Can't add unciphered data size (err = %d)\n", ret);
474 fit_image_process_cipher(const char *keydir, void *keydest, void *fit,
475 const char *image_name, int image_noffset,
476 int node_noffset, const void *data, size_t size,
479 struct image_cipher_info info;
480 unsigned char *data_ciphered = NULL;
481 int data_ciphered_len;
484 memset(&info, 0, sizeof(info));
486 ret = fit_image_setup_cipher(&info, keydir, fit, image_name,
487 image_noffset, node_noffset);
491 ret = info.cipher->encrypt(&info, data, size,
492 &data_ciphered, &data_ciphered_len);
497 * Write the public key into the supplied FDT file; this might fail
498 * several times, since we try signing with successively increasing
500 * And, if needed, write the iv in the FIT file
503 ret = info.cipher->add_cipher_data(&info, keydest, fit, node_noffset);
505 printf("Failed to add verification data for cipher '%s' in image '%s'\n",
506 info.keyname, image_name);
511 ret = fit_image_write_cipher(fit, image_noffset, node_noffset,
513 data_ciphered, data_ciphered_len);
517 free((void *)info.key);
518 free((void *)info.iv);
522 int fit_image_cipher_data(const char *keydir, void *keydest,
523 void *fit, int image_noffset, const char *comment,
524 int require_keys, const char *engine_id,
527 const char *image_name;
530 int cipher_node_offset, len;
533 image_name = fit_get_name(fit, image_noffset, NULL);
535 printf("Can't get image name\n");
539 /* Get image data and data length */
540 if (fit_image_get_data(fit, image_noffset, &data, &size)) {
541 printf("Can't get image data/size\n");
546 * Don't cipher ciphered data.
548 * If the data-size-unciphered property is present the data for this
549 * image is already encrypted. This is important as 'mkimage -F' can be
550 * run multiple times on a FIT image.
552 if (fdt_getprop(fit, image_noffset, "data-size-unciphered", &len))
554 if (len != -FDT_ERR_NOTFOUND) {
555 printf("Failure testing for data-size-unciphered\n");
559 /* Process cipher node if present */
560 cipher_node_offset = fdt_subnode_offset(fit, image_noffset,
561 FIT_CIPHER_NODENAME);
562 if (cipher_node_offset == -FDT_ERR_NOTFOUND)
564 if (cipher_node_offset < 0) {
565 printf("Failure getting cipher node\n");
568 if (!IMAGE_ENABLE_ENCRYPT || !keydir)
570 return fit_image_process_cipher(keydir, keydest, fit, image_name,
571 image_noffset, cipher_node_offset, data, size, cmdname);
575 * fit_image_add_verification_data() - calculate/set verig. data for image node
577 * This adds hash and signature values for an component image node.
579 * All existing hash subnodes are checked, if algorithm property is set to
580 * one of the supported hash algorithms, hash value is computed and
581 * corresponding hash node property is set, for example:
583 * Input component image node structure:
585 * o image-1 (at image_noffset)
586 * | - data = [binary data]
590 * Output component image node structure:
592 * o image-1 (at image_noffset)
593 * | - data = [binary data]
596 * |- value = sha1(data)
598 * For signature details, please see doc/uImage.FIT/signature.txt
600 * @keydir Directory containing *.key and *.crt files (or NULL)
601 * @keydest FDT Blob to write public keys into (NULL if none)
602 * @fit: Pointer to the FIT format image header
603 * @image_noffset: Requested component image node
604 * @comment: Comment to add to signature nodes
605 * @require_keys: Mark all keys as 'required'
606 * @engine_id: Engine to use for signing
607 * @return: 0 on success, <0 on failure
609 int fit_image_add_verification_data(const char *keydir, const char *keyfile,
610 void *keydest, void *fit, int image_noffset,
611 const char *comment, int require_keys, const char *engine_id,
612 const char *cmdname, const char* algo_name)
614 const char *image_name;
619 /* Get image data and data length */
620 if (fit_image_get_data(fit, image_noffset, &data, &size)) {
621 printf("Can't get image data/size\n");
625 image_name = fit_get_name(fit, image_noffset, NULL);
627 /* Process all hash subnodes of the component image node */
628 for (noffset = fdt_first_subnode(fit, image_noffset);
630 noffset = fdt_next_subnode(fit, noffset)) {
631 const char *node_name;
635 * Check subnode name, must be equal to "hash" or "signature".
636 * Multiple hash nodes require unique unit node
637 * names, e.g. hash-1, hash-2, signature-1, etc.
639 node_name = fit_get_name(fit, noffset, NULL);
640 if (!strncmp(node_name, FIT_HASH_NODENAME,
641 strlen(FIT_HASH_NODENAME))) {
642 ret = fit_image_process_hash(fit, image_name, noffset,
644 } else if (IMAGE_ENABLE_SIGN && (keydir || keyfile) &&
645 !strncmp(node_name, FIT_SIG_NODENAME,
646 strlen(FIT_SIG_NODENAME))) {
647 ret = fit_image_process_sig(keydir, keyfile, keydest,
648 fit, image_name, noffset, data, size,
649 comment, require_keys, engine_id, cmdname,
664 static void strlist_init(struct strlist *list)
666 memset(list, '\0', sizeof(*list));
669 static void strlist_free(struct strlist *list)
673 for (i = 0; i < list->count; i++)
674 free(list->strings[i]);
678 static int strlist_add(struct strlist *list, const char *str)
683 list->strings = realloc(list->strings,
684 (list->count + 1) * sizeof(char *));
687 list->strings[list->count++] = dup;
692 static const char *fit_config_get_image_list(const void *fit, int noffset,
693 int *lenp, int *allow_missingp)
695 static const char default_list[] = FIT_KERNEL_PROP "\0"
699 /* If there is an "sign-image" property, use that */
700 prop = fdt_getprop(fit, noffset, "sign-images", lenp);
703 return *lenp ? prop : NULL;
706 /* Default image list */
708 *lenp = sizeof(default_list);
714 * fit_config_add_hash() - Add a list of nodes to hash for an image
716 * This adds a list of paths to image nodes (as referred to by a particular
717 * offset) that need to be hashed, to protect a configuration
719 * @fit: Pointer to the FIT format image header
720 * @image_noffset: Offset of image to process (e.g. /images/kernel-1)
721 * @node_inc: List of nodes to add to
722 * @conf_name Configuration-node name, child of /configurations node (only
723 * used for error messages)
724 * @sig_name Signature-node name (only used for error messages)
725 * @iname: Name of image being processed (e.g. "kernel-1" (only used
726 * for error messages)
728 static int fit_config_add_hash(const void *fit, int image_noffset,
729 struct strlist *node_inc, const char *conf_name,
730 const char *sig_name, const char *iname)
737 ret = fdt_get_path(fit, image_noffset, path, sizeof(path));
740 if (strlist_add(node_inc, path))
743 /* Add all this image's hashes */
745 for (noffset = fdt_first_subnode(fit, image_noffset);
747 noffset = fdt_next_subnode(fit, noffset)) {
748 const char *name = fit_get_name(fit, noffset, NULL);
750 if (strncmp(name, FIT_HASH_NODENAME,
751 strlen(FIT_HASH_NODENAME)))
753 ret = fdt_get_path(fit, noffset, path, sizeof(path));
756 if (strlist_add(node_inc, path))
762 printf("Failed to find any hash nodes in configuration '%s/%s' image '%s' - without these it is not possible to verify this image\n",
763 conf_name, sig_name, iname);
767 /* Add this image's cipher node if present */
768 noffset = fdt_subnode_offset(fit, image_noffset,
769 FIT_CIPHER_NODENAME);
770 if (noffset != -FDT_ERR_NOTFOUND) {
772 printf("Failed to get cipher node in configuration '%s/%s' image '%s': %s\n",
773 conf_name, sig_name, iname,
774 fdt_strerror(noffset));
777 ret = fdt_get_path(fit, noffset, path, sizeof(path));
780 if (strlist_add(node_inc, path))
787 printf("Out of memory processing configuration '%s/%s'\n", conf_name,
792 printf("Failed to get path for image '%s' in configuration '%s/%s': %s\n",
793 iname, conf_name, sig_name, fdt_strerror(ret));
798 * fit_config_get_hash_list() - Get the regions to sign
800 * This calculates a list of nodes to hash for this particular configuration,
801 * returning it as a string list (struct strlist, not a devicetree string list)
803 * @fit: Pointer to the FIT format image header
804 * @conf_noffset: Offset of configuration node to sign (child of
805 * /configurations node)
806 * @sig_offset: Offset of signature node containing info about how to sign it
807 * (child of 'signatures' node)
808 * @return 0 if OK, -ENOENT if an image referred to by the configuration cannot
809 * be found, -ENOMSG if ther were no images in the configuration
811 static int fit_config_get_hash_list(const void *fit, int conf_noffset,
812 int sig_offset, struct strlist *node_inc)
815 const char *prop, *iname, *end;
816 const char *conf_name, *sig_name;
821 conf_name = fit_get_name(fit, conf_noffset, NULL);
822 sig_name = fit_get_name(fit, sig_offset, NULL);
825 * Build a list of nodes we need to hash. We always need the root
826 * node and the configuration.
828 strlist_init(node_inc);
829 snprintf(name, sizeof(name), "%s/%s", FIT_CONFS_PATH, conf_name);
830 if (strlist_add(node_inc, "/") ||
831 strlist_add(node_inc, name))
834 /* Get a list of images that we intend to sign */
835 prop = fit_config_get_image_list(fit, sig_offset, &len,
840 /* Locate the images */
843 for (iname = prop; iname < end; iname += strlen(iname) + 1) {
845 int index, max_index;
847 max_index = fdt_stringlist_count(fit, conf_noffset, iname);
849 for (index = 0; index < max_index; index++) {
850 image_noffset = fit_conf_get_prop_node_index(fit, conf_noffset,
853 if (image_noffset < 0) {
854 printf("Failed to find image '%s' in configuration '%s/%s'\n",
855 iname, conf_name, sig_name);
862 ret = fit_config_add_hash(fit, image_noffset, node_inc,
863 conf_name, sig_name, iname);
872 printf("Failed to find any images for configuration '%s/%s'\n",
873 conf_name, sig_name);
880 printf("Out of memory processing configuration '%s/%s'\n", conf_name,
886 * fit_config_get_regions() - Get the regions to sign
888 * This calculates a list of node to hash for this particular configuration,
889 * then finds which regions of the devicetree they correspond to.
891 * @fit: Pointer to the FIT format image header
892 * @conf_noffset: Offset of configuration node to sign (child of
893 * /configurations node)
894 * @sig_offset: Offset of signature node containing info about how to sign it
895 * (child of 'signatures' node)
896 * @regionp: Returns list of regions that need to be hashed (allocated; must be
897 * freed by the caller)
898 * @region_count: Returns number of regions
899 * @region_propp: Returns string-list property containing the list of nodes
900 * that correspond to the regions. Each entry is a full path to the node.
901 * This is in devicetree format, i.e. a \0 between each string. This is
902 * allocated and must be freed by the caller.
903 * @region_proplen: Returns length of *@@region_propp in bytes
904 * @return 0 if OK, -ENOMEM if out of memory, -EIO if the regions to hash could
905 * not be found, -EINVAL if no registers were found to hash
907 static int fit_config_get_regions(const void *fit, int conf_noffset,
908 int sig_offset, struct image_region **regionp,
909 int *region_countp, char **region_propp,
912 char * const exc_prop[] = {"data"};
913 struct strlist node_inc;
914 struct image_region *region;
915 struct fdt_region fdt_regions[100];
916 const char *conf_name, *sig_name;
922 conf_name = fit_get_name(fit, conf_noffset, NULL);
923 sig_name = fit_get_name(fit, sig_offset, NULL);
924 debug("%s: conf='%s', sig='%s'\n", __func__, conf_name, sig_name);
926 /* Get a list of nodes we want to hash */
927 ret = fit_config_get_hash_list(fit, conf_noffset, sig_offset,
932 /* Get a list of regions to hash */
933 count = fdt_find_regions(fit, node_inc.strings, node_inc.count,
934 exc_prop, ARRAY_SIZE(exc_prop),
935 fdt_regions, ARRAY_SIZE(fdt_regions),
936 path, sizeof(path), 1);
938 printf("Failed to hash configuration '%s/%s': %s\n", conf_name,
939 sig_name, fdt_strerror(ret));
943 printf("No data to hash for configuration '%s/%s': %s\n",
944 conf_name, sig_name, fdt_strerror(ret));
948 /* Build our list of data blocks */
949 region = fit_region_make_list(fit, fdt_regions, count, NULL);
951 printf("Out of memory hashing configuration '%s/%s'\n",
952 conf_name, sig_name);
956 /* Create a list of all hashed properties */
957 debug("Hash nodes:\n");
958 for (i = len = 0; i < node_inc.count; i++) {
959 debug(" %s\n", node_inc.strings[i]);
960 len += strlen(node_inc.strings[i]) + 1;
962 region_prop = malloc(len);
964 printf("Out of memory setting up regions for configuration '%s/%s'\n",
965 conf_name, sig_name);
968 for (i = len = 0; i < node_inc.count;
969 len += strlen(node_inc.strings[i]) + 1, i++)
970 strcpy(region_prop + len, node_inc.strings[i]);
971 strlist_free(&node_inc);
973 *region_countp = count;
975 *region_propp = region_prop;
976 *region_proplen = len;
981 static int fit_config_process_sig(const char *keydir, const char *keyfile,
982 void *keydest, void *fit, const char *conf_name,
983 int conf_noffset, int noffset, const char *comment,
984 int require_keys, const char *engine_id, const char *cmdname,
985 const char *algo_name)
987 struct image_sign_info info;
988 const char *node_name;
989 struct image_region *region;
997 node_name = fit_get_name(fit, noffset, NULL);
998 if (fit_config_get_regions(fit, conf_noffset, noffset, ®ion,
999 ®ion_count, ®ion_prop,
1003 if (fit_image_setup_sig(&info, keydir, keyfile, fit, conf_name, noffset,
1004 require_keys ? "conf" : NULL, engine_id,
1008 ret = info.crypto->sign(&info, region, region_count, &value,
1012 printf("Failed to sign '%s' signature node in '%s' conf node\n",
1013 node_name, conf_name);
1015 /* We allow keys to be missing */
1021 ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
1022 region_prop, region_proplen, cmdname,
1025 if (ret == -FDT_ERR_NOSPACE)
1027 printf("Can't write signature for '%s' signature node in '%s' conf node: %s\n",
1028 node_name, conf_name, fdt_strerror(ret));
1034 /* Get keyname again, as FDT has changed and invalidated our pointer */
1035 info.keyname = fdt_getprop(fit, noffset, FIT_KEY_HINT, NULL);
1037 /* Write the public key into the supplied FDT file */
1039 ret = info.crypto->add_verify_data(&info, keydest);
1041 printf("Failed to add verification data for '%s' signature node in '%s' configuration node\n",
1042 node_name, conf_name);
1049 static int fit_config_add_verification_data(const char *keydir,
1050 const char *keyfile, void *keydest, void *fit, int conf_noffset,
1051 const char *comment, int require_keys, const char *engine_id,
1052 const char *cmdname, const char *algo_name)
1054 const char *conf_name;
1057 conf_name = fit_get_name(fit, conf_noffset, NULL);
1059 /* Process all hash subnodes of the configuration node */
1060 for (noffset = fdt_first_subnode(fit, conf_noffset);
1062 noffset = fdt_next_subnode(fit, noffset)) {
1063 const char *node_name;
1066 node_name = fit_get_name(fit, noffset, NULL);
1067 if (!strncmp(node_name, FIT_SIG_NODENAME,
1068 strlen(FIT_SIG_NODENAME))) {
1069 ret = fit_config_process_sig(keydir, keyfile, keydest,
1070 fit, conf_name, conf_noffset, noffset, comment,
1071 require_keys, engine_id, cmdname, algo_name);
1080 int fit_cipher_data(const char *keydir, void *keydest, void *fit,
1081 const char *comment, int require_keys,
1082 const char *engine_id, const char *cmdname)
1088 /* Find images parent node offset */
1089 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1090 if (images_noffset < 0) {
1091 printf("Can't find images parent node '%s' (%s)\n",
1092 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1093 return images_noffset;
1096 /* Process its subnodes, print out component images details */
1097 for (noffset = fdt_first_subnode(fit, images_noffset);
1099 noffset = fdt_next_subnode(fit, noffset)) {
1101 * Direct child node of the images parent node,
1102 * i.e. component image node.
1104 ret = fit_image_cipher_data(keydir, keydest,
1105 fit, noffset, comment,
1106 require_keys, engine_id,
1115 int fit_add_verification_data(const char *keydir, const char *keyfile,
1116 void *keydest, void *fit, const char *comment,
1117 int require_keys, const char *engine_id,
1118 const char *cmdname, const char *algo_name)
1120 int images_noffset, confs_noffset;
1124 /* Find images parent node offset */
1125 images_noffset = fdt_path_offset(fit, FIT_IMAGES_PATH);
1126 if (images_noffset < 0) {
1127 printf("Can't find images parent node '%s' (%s)\n",
1128 FIT_IMAGES_PATH, fdt_strerror(images_noffset));
1129 return images_noffset;
1132 /* Process its subnodes, print out component images details */
1133 for (noffset = fdt_first_subnode(fit, images_noffset);
1135 noffset = fdt_next_subnode(fit, noffset)) {
1137 * Direct child node of the images parent node,
1138 * i.e. component image node.
1140 ret = fit_image_add_verification_data(keydir, keyfile, keydest,
1141 fit, noffset, comment, require_keys, engine_id,
1142 cmdname, algo_name);
1147 /* If there are no keys, we can't sign configurations */
1148 if (!IMAGE_ENABLE_SIGN || !(keydir || keyfile))
1151 /* Find configurations parent node offset */
1152 confs_noffset = fdt_path_offset(fit, FIT_CONFS_PATH);
1153 if (confs_noffset < 0) {
1154 printf("Can't find images parent node '%s' (%s)\n",
1155 FIT_CONFS_PATH, fdt_strerror(confs_noffset));
1159 /* Process its subnodes, print out component images details */
1160 for (noffset = fdt_first_subnode(fit, confs_noffset);
1162 noffset = fdt_next_subnode(fit, noffset)) {
1163 ret = fit_config_add_verification_data(keydir, keyfile, keydest,
1164 fit, noffset, comment,
1175 #ifdef CONFIG_FIT_SIGNATURE
1176 int fit_check_sign(const void *fit, const void *key,
1177 const char *fit_uname_config)
1182 cfg_noffset = fit_conf_get_node(fit, fit_uname_config);
1186 printf("Verifying Hash Integrity for node '%s'... ",
1187 fdt_get_name(fit, cfg_noffset, NULL));
1188 ret = fit_config_verify(fit, cfg_noffset);
1191 printf("Verified OK, loading images\n");
1192 ret = bootm_host_load_images(fit, cfg_noffset);