2 * Copyright 2015 Freescale Semiconductor, Inc.
4 * SPDX-License-Identifier: GPL-2.0+
8 #include <fsl_validate.h>
9 #include <fsl_secboot_err.h>
14 #include <dm/uclass.h>
15 #include <u-boot/rsa-mod-exp.h>
17 #include <fsl_secboot_err.h>
19 #include <asm/arch/immap_ls102xa.h>
22 #define SHA256_BITS 256
23 #define SHA256_BYTES (256/8)
24 #define SHA256_NIBBLES (256/4)
25 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
27 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
28 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
29 ((key_len) == 2 * KEY_SIZE_BYTES))
31 /* This array contains DER value for SHA-256 */
32 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
33 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
37 static u8 hash_val[SHA256_BYTES];
38 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
40 void branch_to_self(void) __attribute__ ((noreturn));
43 * This function will put core in infinite loop.
44 * This will be called when the ESBC can not proceed further due
45 * to some unknown errors.
47 void branch_to_self(void)
49 printf("Core is in infinite loop due to errors.\n");
54 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
55 static u32 check_ie(struct fsl_secboot_img_priv *img)
63 /* This function returns the CSF Header Address of uboot
64 * For MPC85xx based platforms, the LAW mapping for NOR
65 * flash changes in uboot code. Hence the offset needs
66 * to be calculated and added to the new NOR flash base
69 #if defined(CONFIG_MPC85xx)
70 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
72 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
73 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
74 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
79 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
80 flash_addr = flash_info[i].start[0];
81 addr = flash_info[i].start[0] + csf_flash_offset;
82 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
83 debug("Barker found on addr %x\n", addr);
93 *flash_base_addr = flash_addr;
98 /* For platforms like LS1020, correct flash address is present in
99 * the header. So the function reqturns flash base address as 0
101 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
103 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
104 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
106 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
107 barker_code, ESBC_BARKER_LEN))
110 *csf_addr = csf_hdr_addr;
111 *flash_base_addr = 0;
116 static int get_ie_info_addr(u32 *ie_addr)
118 struct fsl_secboot_img_hdr *hdr;
119 struct fsl_secboot_sg_table *sg_tbl;
120 u32 flash_base_addr, csf_addr;
122 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
125 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
127 /* For SoC's with Trust Architecture v1 with corenet bus
128 * the sg table field in CSF header has absolute address
129 * for sg table in memory. In other Trust Architecture,
130 * this field specifies the offset of sg table from the
131 * base address of CSF Header
133 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
134 sg_tbl = (struct fsl_secboot_sg_table *)
135 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
138 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
142 /* IE Key Table is the first entry in the SG Table */
143 #if defined(CONFIG_MPC85xx)
144 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
147 *ie_addr = sg_tbl->src_addr;
150 debug("IE Table address is %x\n", *ie_addr);
156 #ifdef CONFIG_KEY_REVOCATION
157 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
158 static u32 check_srk(struct fsl_secboot_img_priv *img)
160 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
166 /* This function returns ospr's key_revoc values.*/
167 static u32 get_key_revoc(void)
169 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
170 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
171 OSPR_KEY_REVOC_SHIFT;
174 /* This function checks if selected key is revoked or not.*/
175 static u32 is_key_revoked(u32 keynum, u32 rev_flag)
177 if (keynum == UNREVOCABLE_KEY)
180 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
186 /* It read validates srk_table key lengths.*/
187 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
190 u32 ret, key_num, key_revoc_flag, size;
191 struct fsl_secboot_img_hdr *hdr = &img->hdr;
192 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
194 if ((hdr->len_kr.num_srk == 0) ||
195 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
196 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
198 key_num = hdr->len_kr.srk_sel;
199 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
200 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
202 /* Get revoc key from sfp */
203 key_revoc_flag = get_key_revoc();
204 ret = is_key_revoked(key_num, key_revoc_flag);
206 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
208 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
210 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
212 for (i = 0; i < hdr->len_kr.num_srk; i++) {
213 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
214 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
217 img->key_len = img->srk_tbl[key_num - 1].key_len;
219 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
226 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
228 struct fsl_secboot_img_hdr *hdr = &img->hdr;
229 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
231 /* check key length */
232 if (!CHECK_KEY_LEN(hdr->key_len))
233 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
235 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
237 img->key_len = hdr->key_len;
242 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
243 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
245 struct fsl_secboot_img_hdr *hdr = &img->hdr;
246 u32 ie_key_len, ie_revoc_flag, ie_num;
247 struct ie_key_info *ie_info;
249 if (get_ie_info_addr(&img->ie_addr))
250 return ERROR_IE_TABLE_NOT_FOUND;
251 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
252 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
253 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
255 ie_num = hdr->ie_key_sel;
256 if (ie_num == 0 || ie_num > ie_info->num_keys)
257 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
259 ie_revoc_flag = ie_info->key_revok;
260 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
261 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
263 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
265 if (!CHECK_KEY_LEN(ie_key_len))
266 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
268 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
271 img->key_len = ie_key_len;
277 /* This function return length of public key.*/
278 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
284 * Handles the ESBC uboot client header verification failure.
285 * This function handles all the errors which might occur in the
286 * parsing and checking of ESBC uboot client header. It will also
287 * set the error bits in the SEC_MON.
289 static void fsl_secboot_header_verification_failure(void)
291 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
292 (CONFIG_SYS_SEC_MON_ADDR);
293 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
294 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
296 /* 29th bit of OSPR is ITS */
297 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
300 * Read the SEC_MON status register
303 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
304 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
306 change_sec_mon_state(HPSR_SSM_ST_TRUST,
307 HPSR_SSM_ST_SOFT_FAIL);
309 change_sec_mon_state(HPSR_SSM_ST_TRUST,
310 HPSR_SSM_ST_NON_SECURE);
313 printf("Generating reset request\n");
314 do_reset(NULL, 0, 0, NULL);
318 * Handles the ESBC uboot client image verification failure.
319 * This function handles all the errors which might occur in the
320 * public key hash comparison and signature verification of
321 * ESBC uboot client image. It will also
322 * set the error bits in the SEC_MON.
324 static void fsl_secboot_image_verification_failure(void)
326 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
327 (CONFIG_SYS_SEC_MON_ADDR);
328 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
329 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
331 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
334 * Read the SEC_MON status register
337 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
338 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
340 change_sec_mon_state(HPSR_SSM_ST_TRUST,
341 HPSR_SSM_ST_SOFT_FAIL);
343 printf("Generating reset request\n");
344 do_reset(NULL, 0, 0, NULL);
346 change_sec_mon_state(HPSR_SSM_ST_TRUST,
347 HPSR_SSM_ST_NON_SECURE);
352 static void fsl_secboot_bootscript_parse_failure(void)
354 fsl_secboot_header_verification_failure();
358 * Handles the errors in esbc boot.
359 * This function handles all the errors which might occur in the
360 * esbc boot phase. It will call the appropriate api to log the
361 * errors and set the error bits in the SEC_MON.
363 void fsl_secboot_handle_error(int error)
365 const struct fsl_secboot_errcode *e;
367 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
369 if (e->errcode == error)
370 printf("ERROR :: %x :: %s\n", error, e->name);
374 case ERROR_ESBC_CLIENT_HEADER_BARKER:
375 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
376 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
377 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
378 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
379 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
380 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
381 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
382 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
383 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
384 #ifdef CONFIG_KEY_REVOCATION
385 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
386 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
387 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
388 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
390 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
392 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
393 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
394 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
395 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
396 case ERROR_IE_TABLE_NOT_FOUND:
398 fsl_secboot_header_verification_failure();
400 case ERROR_ESBC_SEC_RESET:
401 case ERROR_ESBC_SEC_DEQ:
402 case ERROR_ESBC_SEC_ENQ:
403 case ERROR_ESBC_SEC_DEQ_TO:
404 case ERROR_ESBC_SEC_JOBQ_STATUS:
405 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
406 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
407 fsl_secboot_image_verification_failure();
409 case ERROR_ESBC_MISSING_BOOTM:
410 fsl_secboot_bootscript_parse_failure();
412 case ERROR_ESBC_WRONG_CMD:
419 static void fsl_secblk_handle_error(int error)
422 case ERROR_ESBC_SEC_ENQ:
423 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
425 case ERROR_ESBC_SEC_DEQ:
426 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
428 case ERROR_ESBC_SEC_DEQ_TO:
429 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
432 printf("Job Queue Output status %x\n", error);
433 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
439 * Calculate hash of key obtained via offset present in ESBC uboot
440 * client hdr. This function calculates the hash of key which is obtained
441 * through offset present in ESBC uboot client header.
443 static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
445 struct hash_algo *algo;
449 const char *algo_name = "sha256";
451 /* Calculate hash of the esbc key */
452 ret = hash_progressive_lookup_algo(algo_name, &algo);
456 ret = algo->hash_init(algo, &ctx);
460 /* Update hash for ESBC key */
461 #ifdef CONFIG_KEY_REVOCATION
462 if (check_srk(img)) {
463 ret = algo->hash_update(algo, ctx,
464 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
465 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
470 ret = algo->hash_update(algo, ctx,
471 img->img_key, img->key_len, 1);
475 /* Copy hash at destination buffer */
476 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
480 for (i = 0; i < SHA256_BYTES; i++)
481 img->img_key_hash[i] = hash_val[i];
487 * Calculate hash of ESBC hdr and ESBC. This function calculates the
488 * single hash of ESBC header and ESBC image. If SG flag is on, all
489 * SG entries are also hashed alongwith the complete SG table.
491 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
493 struct hash_algo *algo;
497 const char *algo_name = "sha256";
499 /* Calculate the hash of the ESBC */
500 ret = hash_progressive_lookup_algo(algo_name, &algo);
504 ret = algo->hash_init(algo, &ctx);
505 /* Copy hash at destination buffer */
509 /* Update hash for CSF Header */
510 ret = algo->hash_update(algo, ctx,
511 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
515 /* Update the hash with that of srk table if srk flag is 1
516 * If IE Table is selected, key is not added in the hash
517 * If neither srk table nor IE key table available, add key
518 * from header in the hash calculation
520 #ifdef CONFIG_KEY_REVOCATION
521 if (check_srk(img)) {
522 ret = algo->hash_update(algo, ctx,
523 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
524 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
528 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
529 if (!key_hash && check_ie(img))
533 ret = algo->hash_update(algo, ctx,
534 img->img_key, img->hdr.key_len, 0);
538 /* Update hash for actual Image */
539 #ifdef CONFIG_ESBC_ADDR_64BIT
540 ret = algo->hash_update(algo, ctx,
541 (u8 *)(uintptr_t)img->hdr.pimg64, img->hdr.img_size, 1);
543 ret = algo->hash_update(algo, ctx,
544 (u8 *)(uintptr_t)img->hdr.pimg, img->hdr.img_size, 1);
549 /* Copy hash at destination buffer */
550 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
558 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
559 * pointers for padding, DER value and hash. And finally, constructs EM'
560 * which includes hash of complete CSF header and ESBC image. If SG flag
561 * is on, hash of SG table and entries is also included.
563 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
566 * RSA PKCSv1.5 encoding format for encoded message is below
567 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
568 * PS is Padding String
569 * DER is DER value for SHA-256
570 * Hash is SHA-256 hash
571 * *********************************************************
572 * representative points to first byte of EM initially and is
574 * representative is incremented by 1 and second byte is filled
576 * padding points to third byte of EM
577 * digest points to full length of EM - 32 bytes
578 * hash_id (DER value) points to 19 bytes before pDigest
579 * separator is one byte which separates padding and DER
584 u8 *padding, *digest;
585 u8 *hash_id, *separator;
588 len = (get_key_len(img) / 2) - 1;
589 representative = img->img_encoded_hash_second;
590 representative[0] = 0;
591 representative[1] = 1; /* block type 1 */
593 padding = &representative[2];
594 digest = &representative[1] + len - 32;
595 hash_id = digest - sizeof(hash_identifier);
596 separator = hash_id - 1;
598 /* fill padding area pointed by padding with 0xff */
599 memset(padding, 0xff, separator - padding);
601 /* fill byte pointed by separator */
604 /* fill SHA-256 DER value pointed by HashId */
605 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
607 /* fill hash pointed by Digest */
608 for (i = 0; i < SHA256_BYTES; i++)
609 digest[i] = hash_val[i];
613 * Reads and validates the ESBC client header.
614 * This function reads key and signature from the ESBC client header.
615 * If Scatter/Gather flag is on, lengths and offsets of images
616 * present as SG entries are also read. This function also checks
617 * whether the header is valid or not.
619 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
622 struct fsl_secboot_img_hdr *hdr = &img->hdr;
623 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
627 #ifdef CONFIG_KEY_REVOCATION
631 /* check barker code */
632 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
633 return ERROR_ESBC_CLIENT_HEADER_BARKER;
635 #ifdef CONFIG_ESBC_ADDR_64BIT
636 sprintf(buf, "%llx", hdr->pimg64);
638 sprintf(buf, "%x", hdr->pimg);
640 setenv("img_addr", buf);
643 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
646 #ifdef CONFIG_KEY_REVOCATION
647 if (check_srk(img)) {
648 ret = read_validate_srk_tbl(img);
655 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
656 if (!key_found && check_ie(img)) {
657 ret = read_validate_ie_tbl(img);
664 if (key_found == 0) {
665 ret = read_validate_single_key(img);
672 if (get_key_len(img) == 2 * hdr->sign_len) {
673 /* check signature length */
674 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
675 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
676 (hdr->sign_len == KEY_SIZE_BYTES)))
677 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
679 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
682 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
686 return ERROR_ESBC_CLIENT_HEADER_SG;
688 /* modulus most significant bit should be set */
689 k = (u8 *)&img->img_key;
691 if ((k[0] & 0x80) == 0)
692 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
694 /* modulus value should be odd */
695 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
696 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
698 /* Check signature value < modulus value */
699 s = (u8 *)&img->img_sign;
701 if (!(memcmp(s, k, hdr->sign_len) < 0))
702 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
704 return ESBC_VALID_HDR;
707 static inline int str2longbe(const char *p, ulong *num)
715 tmp = simple_strtoul(p, &endptr, 16);
716 if (sizeof(ulong) == 4)
717 *num = cpu_to_be32(tmp);
719 *num = cpu_to_be64(tmp);
722 return *p != '\0' && *endptr == '\0';
725 int fsl_secboot_validate(ulong haddr, char *arg_hash_str)
727 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
728 ulong hash[SHA256_BYTES/sizeof(ulong)];
729 char hash_str[NUM_HEX_CHARS + 1];
730 struct fsl_secboot_img_priv *img;
731 struct fsl_secboot_img_hdr *hdr;
733 int ret, i, hash_cmd = 0;
736 struct key_prop prop;
737 #if !defined(USE_HOSTCC)
738 struct udevice *mod_exp_dev;
741 if (arg_hash_str != NULL) {
742 const char *cp = arg_hash_str;
745 if (*cp == '0' && *(cp + 1) == 'x')
748 /* The input string expected is in hex, where
749 * each 4 bits would be represented by a hex
750 * sha256 hash is 256 bits long, which would mean
751 * num of characters = 256 / 4
753 if (strlen(cp) != SHA256_NIBBLES) {
754 printf("%s is not a 256 bits hex string as expected\n",
759 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
760 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
762 hash_str[NUM_HEX_CHARS] = '\0';
763 if (!str2longbe(hash_str, &hash[i])) {
764 printf("%s is not a 256 bits hex string ",
773 img = malloc(sizeof(struct fsl_secboot_img_priv));
778 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
781 img->ehdrloc = haddr;
782 esbc = (u8 *)(uintptr_t)img->ehdrloc;
784 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
786 /* read and validate esbc header */
787 ret = read_validate_esbc_client_header(img);
789 if (ret != ESBC_VALID_HDR) {
790 fsl_secboot_handle_error(ret);
794 /* SRKH present in SFP */
795 for (i = 0; i < NUM_SRKH_REGS; i++)
796 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
799 * Calculate hash of key obtained via offset present in
800 * ESBC uboot client hdr
802 ret = calc_img_key_hash(img);
804 fsl_secblk_handle_error(ret);
808 /* Compare hash obtained above with SRK hash present in SFP */
810 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
812 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
814 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
815 if (!hash_cmd && check_ie(img))
820 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
824 ret = calc_esbchdr_esbc_hash(img);
826 fsl_secblk_handle_error(ret);
830 /* Construct encoded hash EM' wrt PKCSv1.5 */
831 construct_img_encoded_hash_second(img);
833 /* Fill prop structure for public key */
834 memset(&prop, 0, sizeof(struct key_prop));
835 key_len = get_key_len(img) / 2;
836 prop.modulus = img->img_key;
837 prop.public_exponent = img->img_key + key_len;
838 prop.num_bits = key_len * 8;
839 prop.exp_len = key_len;
841 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
843 printf("RSA: Can't find Modular Exp implementation\n");
847 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
848 &prop, img->img_encoded_hash);
850 fsl_secblk_handle_error(ret);
855 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
856 * memcmp returns zero on success
857 * memcmp returns non-zero on failure
859 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
863 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_EM);