fit: cipher: aes: allow to store the IV in the FIT image
authorPhilippe Reynes <philippe.reynes@softathome.com>
Thu, 17 Sep 2020 13:01:46 +0000 (15:01 +0200)
committerTom Rini <trini@konsulko.com>
Tue, 13 Oct 2020 01:30:37 +0000 (21:30 -0400)
Binaries may be encrypted in a FIT image with AES. This
algo needs a key and an IV (Initialization Vector). The
IV is provided in a file (pointer by iv-name-hint in the
ITS file) when building the ITB file.

This commits adds provide an alternative way to manage
the IV. If the property iv-name-hint is not provided in
the ITS file, the tool mkimage will generate an random
IV and store it in the FIT image.

Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
include/image.h
include/u-boot/aes.h
lib/aes/aes-encrypt.c
tools/image-host.c

index 9a5a87d..10995b8 100644 (file)
@@ -1463,7 +1463,7 @@ struct cipher_algo {
                       unsigned char **cipher, int *cipher_len);
 
        int (*add_cipher_data)(struct image_cipher_info *info,
-                              void *keydest);
+                              void *keydest, void *fit, int node_noffset);
 
        int (*decrypt)(struct image_cipher_info *info,
                       const void *cipher, size_t cipher_len,
index 3228104..acbc50b 100644 (file)
@@ -13,7 +13,8 @@
 int image_aes_encrypt(struct image_cipher_info *info,
                      const unsigned char *data, int size,
                      unsigned char **cipher, int *cipher_len);
-int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest);
+int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest,
+                             void *fit, int node_noffset);
 #else
 int image_aes_encrypt(struct image_cipher_info *info,
                      const unsigned char *data, int size,
@@ -22,7 +23,8 @@ int image_aes_encrypt(struct image_cipher_info *info,
        return -ENXIO;
 }
 
-int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
+int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest,
+                             void *fit, int node_noffset)
 {
        return -ENXIO;
 }
index de00a83..a6d1720 100644 (file)
@@ -74,7 +74,8 @@ int image_aes_encrypt(struct image_cipher_info *info,
        return ret;
 }
 
-int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
+int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest,
+                             void *fit, int node_noffset)
 {
        int parent, node;
        char name[128];
@@ -97,8 +98,13 @@ int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
                goto done;
 
        /* Either create or overwrite the named key node */
-       snprintf(name, sizeof(name), "key-%s-%s-%s",
-                info->name, info->keyname, info->ivname);
+       if (info->ivname)
+               snprintf(name, sizeof(name), "key-%s-%s-%s",
+                        info->name, info->keyname, info->ivname);
+       else
+               snprintf(name, sizeof(name), "key-%s-%s",
+                        info->name, info->keyname);
+
        node = fdt_subnode_offset(keydest, parent, name);
        if (node == -FDT_ERR_NOTFOUND) {
                node = fdt_add_subnode(keydest, parent, name);
@@ -116,9 +122,17 @@ int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
                ret = node;
        }
 
-       if (!ret)
+       if (ret)
+               goto done;
+
+       if (info->ivname)
+               /* Store the IV in the u-boot device tree */
                ret = fdt_setprop(keydest, node, "iv",
                                  info->iv, info->cipher->iv_len);
+       else
+               /* Store the IV in the FIT image */
+               ret = fdt_setprop(fit, node_noffset, "iv",
+                                 info->iv, info->cipher->iv_len);
 
        if (!ret)
                ret = fdt_setprop(keydest, node, "key",
index 3d52593..8886bef 100644 (file)
@@ -320,6 +320,36 @@ err:
        return ret;
 }
 
+static int get_random_data(void *data, int size)
+{
+       unsigned char *tmp = data;
+       struct timespec date;
+       int i, ret = 0;
+
+       if (!tmp) {
+               printf("%s: pointer data is NULL\n", __func__);
+               ret = -1;
+               goto out;
+       }
+
+       ret = clock_gettime(CLOCK_MONOTONIC, &date);
+       if (ret < 0) {
+               printf("%s: clock_gettime has failed (err=%d, str=%s)\n",
+                      __func__, ret, strerror(ret));
+               goto out;
+       }
+
+       srand(date.tv_nsec);
+
+       for (i = 0; i < size; i++) {
+               *tmp = rand() & 0xff;
+               tmp++;
+       }
+
+ out:
+       return ret;
+}
+
 static int fit_image_setup_cipher(struct image_cipher_info *info,
                                  const char *keydir, void *fit,
                                  const char *image_name, int image_noffset,
@@ -345,13 +375,13 @@ static int fit_image_setup_cipher(struct image_cipher_info *info,
                goto out;
        }
 
-       /* Read the IV name */
+       /*
+        * Read the IV name
+        *
+        * If this property is not provided then mkimage will generate
+        * a random IV and store it in the FIT image
+        */
        info->ivname = fdt_getprop(fit, noffset, "iv-name-hint", NULL);
-       if (!info->ivname) {
-               printf("Can't get iv name for cipher in image '%s'\n",
-                      image_name);
-               goto out;
-       }
 
        info->fit = fit;
        info->node_noffset = noffset;
@@ -377,17 +407,23 @@ static int fit_image_setup_cipher(struct image_cipher_info *info,
        if (ret < 0)
                goto out;
 
-       /* Read the IV in the file */
-       snprintf(filename, sizeof(filename), "%s/%s%s",
-                info->keydir, info->ivname, ".bin");
        info->iv = malloc(info->cipher->iv_len);
        if (!info->iv) {
                printf("Can't allocate memory for iv\n");
                ret = -1;
                goto out;
        }
-       ret = fit_image_read_data(filename, (unsigned char *)info->iv,
-                                 info->cipher->iv_len);
+
+       if (info->ivname) {
+               /* Read the IV in the file */
+               snprintf(filename, sizeof(filename), "%s/%s%s",
+                        info->keydir, info->ivname, ".bin");
+               ret = fit_image_read_data(filename, (unsigned char *)info->iv,
+                                         info->cipher->iv_len);
+       } else {
+               /* Generate an ramdom IV */
+               ret = get_random_data((void *)info->iv, info->cipher->iv_len);
+       }
 
  out:
        return ret;
@@ -453,9 +489,10 @@ fit_image_process_cipher(const char *keydir, void *keydest, void *fit,
         * Write the public key into the supplied FDT file; this might fail
         * several times, since we try signing with successively increasing
         * size values
+        * And, if needed, write the iv in the FIT file
         */
        if (keydest) {
-               ret = info.cipher->add_cipher_data(&info, keydest);
+               ret = info.cipher->add_cipher_data(&info, keydest, fit, node_noffset);
                if (ret) {
                        printf("Failed to add verification data for cipher '%s' in image '%s'\n",
                               info.keyname, image_name);