2 * Copyright 2015 Freescale Semiconductor, Inc.
4 * SPDX-License-Identifier: GPL-2.0+
8 #include <fsl_validate.h>
9 #include <fsl_secboot_err.h>
14 #include <dm/uclass.h>
15 #include <u-boot/rsa-mod-exp.h>
17 #include <fsl_secboot_err.h>
19 #include <asm/arch/immap_ls102xa.h>
22 #define SHA256_BITS 256
23 #define SHA256_BYTES (256/8)
24 #define SHA256_NIBBLES (256/4)
25 #define NUM_HEX_CHARS (sizeof(ulong) * 2)
27 #define CHECK_KEY_LEN(key_len) (((key_len) == 2 * KEY_SIZE_BYTES / 4) || \
28 ((key_len) == 2 * KEY_SIZE_BYTES / 2) || \
29 ((key_len) == 2 * KEY_SIZE_BYTES))
31 /* This array contains DER value for SHA-256 */
32 static const u8 hash_identifier[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60,
33 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00,
37 static u8 hash_val[SHA256_BYTES];
39 #ifdef CONFIG_ESBC_HDR_LS
40 /* New Barker Code for LS ESBC Header */
41 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x12, 0x19, 0x20, 0x01 };
43 static const u8 barker_code[ESBC_BARKER_LEN] = { 0x68, 0x39, 0x27, 0x81 };
46 void branch_to_self(void) __attribute__ ((noreturn));
49 * This function will put core in infinite loop.
50 * This will be called when the ESBC can not proceed further due
51 * to some unknown errors.
53 void branch_to_self(void)
55 printf("Core is in infinite loop due to errors.\n");
60 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
61 static u32 check_ie(struct fsl_secboot_img_priv *img)
69 /* This function returns the CSF Header Address of uboot
70 * For MPC85xx based platforms, the LAW mapping for NOR
71 * flash changes in uboot code. Hence the offset needs
72 * to be calculated and added to the new NOR flash base
75 #if defined(CONFIG_MPC85xx)
76 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
78 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_MPC85xx_GUTS_ADDR);
79 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
80 u32 csf_flash_offset = csf_hdr_addr & ~(CONFIG_SYS_PBI_FLASH_BASE);
85 for (i = 0; i < CONFIG_SYS_MAX_FLASH_BANKS; i++) {
86 flash_addr = flash_info[i].start[0];
87 addr = flash_info[i].start[0] + csf_flash_offset;
88 if (memcmp((u8 *)addr, barker_code, ESBC_BARKER_LEN) == 0) {
89 debug("Barker found on addr %x\n", addr);
99 *flash_base_addr = flash_addr;
104 /* For platforms like LS1020, correct flash address is present in
105 * the header. So the function reqturns flash base address as 0
107 int get_csf_base_addr(u32 *csf_addr, u32 *flash_base_addr)
109 struct ccsr_gur __iomem *gur = (void *)(CONFIG_SYS_FSL_GUTS_ADDR);
110 u32 csf_hdr_addr = in_be32(&gur->scratchrw[0]);
112 if (memcmp((u8 *)(uintptr_t)csf_hdr_addr,
113 barker_code, ESBC_BARKER_LEN))
116 *csf_addr = csf_hdr_addr;
117 *flash_base_addr = 0;
122 static int get_ie_info_addr(u32 *ie_addr)
124 struct fsl_secboot_img_hdr *hdr;
125 struct fsl_secboot_sg_table *sg_tbl;
126 u32 flash_base_addr, csf_addr;
128 if (get_csf_base_addr(&csf_addr, &flash_base_addr))
131 hdr = (struct fsl_secboot_img_hdr *)(uintptr_t)csf_addr;
133 /* For SoC's with Trust Architecture v1 with corenet bus
134 * the sg table field in CSF header has absolute address
135 * for sg table in memory. In other Trust Architecture,
136 * this field specifies the offset of sg table from the
137 * base address of CSF Header
139 #if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
140 sg_tbl = (struct fsl_secboot_sg_table *)
141 (((u32)hdr->psgtable & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
144 sg_tbl = (struct fsl_secboot_sg_table *)(uintptr_t)(csf_addr +
148 /* IE Key Table is the first entry in the SG Table */
149 #if defined(CONFIG_MPC85xx)
150 *ie_addr = (sg_tbl->src_addr & ~(CONFIG_SYS_PBI_FLASH_BASE)) +
153 *ie_addr = sg_tbl->src_addr;
156 debug("IE Table address is %x\n", *ie_addr);
162 #ifdef CONFIG_KEY_REVOCATION
163 /* This function checks srk_table_flag in header and set/reset srk_flag.*/
164 static u32 check_srk(struct fsl_secboot_img_priv *img)
166 #ifdef CONFIG_ESBC_HDR_LS
167 /* In LS, No SRK Flag as SRK is always present*/
170 if (img->hdr.len_kr.srk_table_flag & SRK_FLAG)
177 /* This function returns ospr's key_revoc values.*/
178 static u32 get_key_revoc(void)
180 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
181 return (sfp_in32(&sfp_regs->ospr) & OSPR_KEY_REVOC_MASK) >>
182 OSPR_KEY_REVOC_SHIFT;
185 /* This function checks if selected key is revoked or not.*/
186 static u32 is_key_revoked(u32 keynum, u32 rev_flag)
188 if (keynum == UNREVOCABLE_KEY)
191 if ((u32)(1 << (ALIGN_REVOC_KEY - keynum)) & rev_flag)
197 /* It read validates srk_table key lengths.*/
198 static u32 read_validate_srk_tbl(struct fsl_secboot_img_priv *img)
201 u32 ret, key_num, key_revoc_flag, size;
202 struct fsl_secboot_img_hdr *hdr = &img->hdr;
203 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
205 if ((hdr->len_kr.num_srk == 0) ||
206 (hdr->len_kr.num_srk > MAX_KEY_ENTRIES))
207 return ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY;
209 key_num = hdr->len_kr.srk_sel;
210 if (key_num == 0 || key_num > hdr->len_kr.num_srk)
211 return ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM;
213 /* Get revoc key from sfp */
214 key_revoc_flag = get_key_revoc();
215 ret = is_key_revoked(key_num, key_revoc_flag);
217 return ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED;
219 size = hdr->len_kr.num_srk * sizeof(struct srk_table);
221 memcpy(&img->srk_tbl, esbc + hdr->srk_tbl_off, size);
223 for (i = 0; i < hdr->len_kr.num_srk; i++) {
224 if (!CHECK_KEY_LEN(img->srk_tbl[i].key_len))
225 return ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN;
228 img->key_len = img->srk_tbl[key_num - 1].key_len;
230 memcpy(&img->img_key, &(img->srk_tbl[key_num - 1].pkey),
237 #ifndef CONFIG_ESBC_HDR_LS
238 static u32 read_validate_single_key(struct fsl_secboot_img_priv *img)
240 struct fsl_secboot_img_hdr *hdr = &img->hdr;
241 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
243 /* check key length */
244 if (!CHECK_KEY_LEN(hdr->key_len))
245 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN;
247 memcpy(&img->img_key, esbc + hdr->pkey, hdr->key_len);
249 img->key_len = hdr->key_len;
253 #endif /* CONFIG_ESBC_HDR_LS */
255 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
256 static u32 read_validate_ie_tbl(struct fsl_secboot_img_priv *img)
258 struct fsl_secboot_img_hdr *hdr = &img->hdr;
259 u32 ie_key_len, ie_revoc_flag, ie_num;
260 struct ie_key_info *ie_info;
262 if (get_ie_info_addr(&img->ie_addr))
263 return ERROR_IE_TABLE_NOT_FOUND;
264 ie_info = (struct ie_key_info *)(uintptr_t)img->ie_addr;
265 if (ie_info->num_keys == 0 || ie_info->num_keys > 32)
266 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY;
268 ie_num = hdr->ie_key_sel;
269 if (ie_num == 0 || ie_num > ie_info->num_keys)
270 return ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM;
272 ie_revoc_flag = ie_info->key_revok;
273 if ((u32)(1 << (ie_num - 1)) & ie_revoc_flag)
274 return ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED;
276 ie_key_len = ie_info->ie_key_tbl[ie_num - 1].key_len;
278 if (!CHECK_KEY_LEN(ie_key_len))
279 return ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN;
281 memcpy(&img->img_key, &(ie_info->ie_key_tbl[ie_num - 1].pkey),
284 img->key_len = ie_key_len;
290 /* This function return length of public key.*/
291 static inline u32 get_key_len(struct fsl_secboot_img_priv *img)
297 * Handles the ESBC uboot client header verification failure.
298 * This function handles all the errors which might occur in the
299 * parsing and checking of ESBC uboot client header. It will also
300 * set the error bits in the SEC_MON.
302 static void fsl_secboot_header_verification_failure(void)
304 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
305 (CONFIG_SYS_SEC_MON_ADDR);
306 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
307 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
309 /* 29th bit of OSPR is ITS */
310 u32 its = sfp_in32(&sfp_regs->ospr) >> 2;
313 * Read the SEC_MON status register
316 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
317 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
319 change_sec_mon_state(HPSR_SSM_ST_TRUST,
320 HPSR_SSM_ST_SOFT_FAIL);
322 change_sec_mon_state(HPSR_SSM_ST_TRUST,
323 HPSR_SSM_ST_NON_SECURE);
326 printf("Generating reset request\n");
327 do_reset(NULL, 0, 0, NULL);
331 * Handles the ESBC uboot client image verification failure.
332 * This function handles all the errors which might occur in the
333 * public key hash comparison and signature verification of
334 * ESBC uboot client image. It will also
335 * set the error bits in the SEC_MON.
337 static void fsl_secboot_image_verification_failure(void)
339 struct ccsr_sec_mon_regs *sec_mon_regs = (void *)
340 (CONFIG_SYS_SEC_MON_ADDR);
341 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
342 u32 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
344 u32 its = (sfp_in32(&sfp_regs->ospr) & ITS_MASK) >> ITS_BIT;
347 * Read the SEC_MON status register
350 sts = sec_mon_in32(&sec_mon_regs->hp_stat);
351 if ((sts & HPSR_SSM_ST_MASK) == HPSR_SSM_ST_TRUST) {
353 change_sec_mon_state(HPSR_SSM_ST_TRUST,
354 HPSR_SSM_ST_SOFT_FAIL);
356 printf("Generating reset request\n");
357 do_reset(NULL, 0, 0, NULL);
359 change_sec_mon_state(HPSR_SSM_ST_TRUST,
360 HPSR_SSM_ST_NON_SECURE);
365 static void fsl_secboot_bootscript_parse_failure(void)
367 fsl_secboot_header_verification_failure();
371 * Handles the errors in esbc boot.
372 * This function handles all the errors which might occur in the
373 * esbc boot phase. It will call the appropriate api to log the
374 * errors and set the error bits in the SEC_MON.
376 void fsl_secboot_handle_error(int error)
378 const struct fsl_secboot_errcode *e;
380 for (e = fsl_secboot_errcodes; e->errcode != ERROR_ESBC_CLIENT_MAX;
382 if (e->errcode == error)
383 printf("ERROR :: %x :: %s\n", error, e->name);
386 /* If Boot Mode is secure, transition the SNVS state and issue
387 * reset based on type of failure and ITS setting.
388 * If Boot mode is non-secure, return from this function.
390 if (fsl_check_boot_mode_secure() == 0)
394 case ERROR_ESBC_CLIENT_HEADER_BARKER:
395 case ERROR_ESBC_CLIENT_HEADER_IMG_SIZE:
396 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN:
397 case ERROR_ESBC_CLIENT_HEADER_SIG_LEN:
398 case ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN:
399 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1:
400 case ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2:
401 case ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD:
402 case ERROR_ESBC_CLIENT_HEADER_SG_ESBC_EP:
403 case ERROR_ESBC_CLIENT_HEADER_SG_ENTIRES_BAD:
404 case ERROR_KEY_TABLE_NOT_FOUND:
405 #ifdef CONFIG_KEY_REVOCATION
406 case ERROR_ESBC_CLIENT_HEADER_KEY_REVOKED:
407 case ERROR_ESBC_CLIENT_HEADER_INVALID_SRK_NUM_ENTRY:
408 case ERROR_ESBC_CLIENT_HEADER_INVALID_KEY_NUM:
409 case ERROR_ESBC_CLIENT_HEADER_INV_SRK_ENTRY_KEYLEN:
411 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
413 case ERROR_ESBC_CLIENT_HEADER_IE_KEY_REVOKED:
414 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_NUM_ENTRY:
415 case ERROR_ESBC_CLIENT_HEADER_INVALID_IE_KEY_NUM:
416 case ERROR_ESBC_CLIENT_HEADER_INV_IE_ENTRY_KEYLEN:
417 case ERROR_IE_TABLE_NOT_FOUND:
419 fsl_secboot_header_verification_failure();
421 case ERROR_ESBC_SEC_RESET:
422 case ERROR_ESBC_SEC_DEQ:
423 case ERROR_ESBC_SEC_ENQ:
424 case ERROR_ESBC_SEC_DEQ_TO:
425 case ERROR_ESBC_SEC_JOBQ_STATUS:
426 case ERROR_ESBC_CLIENT_HASH_COMPARE_KEY:
427 case ERROR_ESBC_CLIENT_HASH_COMPARE_EM:
428 fsl_secboot_image_verification_failure();
430 case ERROR_ESBC_MISSING_BOOTM:
431 fsl_secboot_bootscript_parse_failure();
433 case ERROR_ESBC_WRONG_CMD:
440 static void fsl_secblk_handle_error(int error)
443 case ERROR_ESBC_SEC_ENQ:
444 fsl_secboot_handle_error(ERROR_ESBC_SEC_ENQ);
446 case ERROR_ESBC_SEC_DEQ:
447 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ);
449 case ERROR_ESBC_SEC_DEQ_TO:
450 fsl_secboot_handle_error(ERROR_ESBC_SEC_DEQ_TO);
453 printf("Job Queue Output status %x\n", error);
454 fsl_secboot_handle_error(ERROR_ESBC_SEC_JOBQ_STATUS);
460 * Calculate hash of key obtained via offset present in ESBC uboot
461 * client hdr. This function calculates the hash of key which is obtained
462 * through offset present in ESBC uboot client header.
464 static int calc_img_key_hash(struct fsl_secboot_img_priv *img)
466 struct hash_algo *algo;
470 const char *algo_name = "sha256";
472 /* Calculate hash of the esbc key */
473 ret = hash_progressive_lookup_algo(algo_name, &algo);
477 ret = algo->hash_init(algo, &ctx);
481 /* Update hash for ESBC key */
482 #ifdef CONFIG_KEY_REVOCATION
483 if (check_srk(img)) {
484 ret = algo->hash_update(algo, ctx,
485 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
486 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 1);
491 ret = algo->hash_update(algo, ctx,
492 img->img_key, img->key_len, 1);
496 /* Copy hash at destination buffer */
497 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
501 for (i = 0; i < SHA256_BYTES; i++)
502 img->img_key_hash[i] = hash_val[i];
508 * Calculate hash of ESBC hdr and ESBC. This function calculates the
509 * single hash of ESBC header and ESBC image. If SG flag is on, all
510 * SG entries are also hashed alongwith the complete SG table.
512 static int calc_esbchdr_esbc_hash(struct fsl_secboot_img_priv *img)
514 struct hash_algo *algo;
518 const char *algo_name = "sha256";
520 /* Calculate the hash of the ESBC */
521 ret = hash_progressive_lookup_algo(algo_name, &algo);
525 ret = algo->hash_init(algo, &ctx);
526 /* Copy hash at destination buffer */
530 /* Update hash for CSF Header */
531 ret = algo->hash_update(algo, ctx,
532 (u8 *)&img->hdr, sizeof(struct fsl_secboot_img_hdr), 0);
536 /* Update the hash with that of srk table if srk flag is 1
537 * If IE Table is selected, key is not added in the hash
538 * If neither srk table nor IE key table available, add key
539 * from header in the hash calculation
541 #ifdef CONFIG_KEY_REVOCATION
542 if (check_srk(img)) {
543 ret = algo->hash_update(algo, ctx,
544 (u8 *)(uintptr_t)(img->ehdrloc + img->hdr.srk_tbl_off),
545 img->hdr.len_kr.num_srk * sizeof(struct srk_table), 0);
549 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
550 if (!key_hash && check_ie(img))
553 #ifndef CONFIG_ESBC_HDR_LS
554 /* No single key support in LS ESBC header */
556 ret = algo->hash_update(algo, ctx,
557 img->img_key, img->hdr.key_len, 0);
564 return ERROR_KEY_TABLE_NOT_FOUND;
566 /* Update hash for actual Image */
567 ret = algo->hash_update(algo, ctx,
568 (u8 *)img->img_addr, img->img_size, 1);
572 /* Copy hash at destination buffer */
573 ret = algo->hash_finish(algo, ctx, hash_val, algo->digest_size);
581 * Construct encoded hash EM' wrt PKCSv1.5. This function calculates the
582 * pointers for padding, DER value and hash. And finally, constructs EM'
583 * which includes hash of complete CSF header and ESBC image. If SG flag
584 * is on, hash of SG table and entries is also included.
586 static void construct_img_encoded_hash_second(struct fsl_secboot_img_priv *img)
589 * RSA PKCSv1.5 encoding format for encoded message is below
590 * EM = 0x0 || 0x1 || PS || 0x0 || DER || Hash
591 * PS is Padding String
592 * DER is DER value for SHA-256
593 * Hash is SHA-256 hash
594 * *********************************************************
595 * representative points to first byte of EM initially and is
597 * representative is incremented by 1 and second byte is filled
599 * padding points to third byte of EM
600 * digest points to full length of EM - 32 bytes
601 * hash_id (DER value) points to 19 bytes before pDigest
602 * separator is one byte which separates padding and DER
607 u8 *padding, *digest;
608 u8 *hash_id, *separator;
611 len = (get_key_len(img) / 2) - 1;
612 representative = img->img_encoded_hash_second;
613 representative[0] = 0;
614 representative[1] = 1; /* block type 1 */
616 padding = &representative[2];
617 digest = &representative[1] + len - 32;
618 hash_id = digest - sizeof(hash_identifier);
619 separator = hash_id - 1;
621 /* fill padding area pointed by padding with 0xff */
622 memset(padding, 0xff, separator - padding);
624 /* fill byte pointed by separator */
627 /* fill SHA-256 DER value pointed by HashId */
628 memcpy(hash_id, hash_identifier, sizeof(hash_identifier));
630 /* fill hash pointed by Digest */
631 for (i = 0; i < SHA256_BYTES; i++)
632 digest[i] = hash_val[i];
636 * Reads and validates the ESBC client header.
637 * This function reads key and signature from the ESBC client header.
638 * If Scatter/Gather flag is on, lengths and offsets of images
639 * present as SG entries are also read. This function also checks
640 * whether the header is valid or not.
642 static int read_validate_esbc_client_header(struct fsl_secboot_img_priv *img)
645 struct fsl_secboot_img_hdr *hdr = &img->hdr;
646 void *esbc = (u8 *)(uintptr_t)img->ehdrloc;
652 /* check barker code */
653 if (memcmp(hdr->barker, barker_code, ESBC_BARKER_LEN))
654 return ERROR_ESBC_CLIENT_HEADER_BARKER;
656 /* If Image Address is not passed as argument to function,
657 * then Address and Size must be read from the Header.
659 if (img->img_addr == 0) {
660 #ifdef CONFIG_ESBC_ADDR_64BIT
661 img->img_addr = hdr->pimg64;
663 img->img_addr = hdr->pimg;
667 sprintf(buf, "%lx", img->img_addr);
668 setenv("img_addr", buf);
671 return ERROR_ESBC_CLIENT_HEADER_IMG_SIZE;
673 img->img_size = hdr->img_size;
676 #ifdef CONFIG_KEY_REVOCATION
677 if (check_srk(img)) {
678 ret = read_validate_srk_tbl(img);
685 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
686 if (!key_found && check_ie(img)) {
687 ret = read_validate_ie_tbl(img);
693 #ifndef CONFIG_ESBC_HDR_LS
694 /* Single Key Feature not available in LS ESBC Header */
695 if (key_found == 0) {
696 ret = read_validate_single_key(img);
703 return ERROR_KEY_TABLE_NOT_FOUND;
706 if (get_key_len(img) == 2 * hdr->sign_len) {
707 /* check signature length */
708 if (!((hdr->sign_len == KEY_SIZE_BYTES / 4) ||
709 (hdr->sign_len == KEY_SIZE_BYTES / 2) ||
710 (hdr->sign_len == KEY_SIZE_BYTES)))
711 return ERROR_ESBC_CLIENT_HEADER_SIG_LEN;
713 return ERROR_ESBC_CLIENT_HEADER_KEY_LEN_NOT_TWICE_SIG_LEN;
716 memcpy(&img->img_sign, esbc + hdr->psign, hdr->sign_len);
717 /* No SG support in LS-CH3 */
718 #ifndef CONFIG_ESBC_HDR_LS
721 return ERROR_ESBC_CLIENT_HEADER_SG;
724 /* modulus most significant bit should be set */
725 k = (u8 *)&img->img_key;
727 if ((k[0] & 0x80) == 0)
728 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_1;
730 /* modulus value should be odd */
731 if ((k[get_key_len(img) / 2 - 1] & 0x1) == 0)
732 return ERROR_ESBC_CLIENT_HEADER_KEY_MOD_2;
734 /* Check signature value < modulus value */
735 s = (u8 *)&img->img_sign;
737 if (!(memcmp(s, k, hdr->sign_len) < 0))
738 return ERROR_ESBC_CLIENT_HEADER_SIG_KEY_MOD;
740 return ESBC_VALID_HDR;
743 static inline int str2longbe(const char *p, ulong *num)
751 tmp = simple_strtoul(p, &endptr, 16);
752 if (sizeof(ulong) == 4)
753 *num = cpu_to_be32(tmp);
755 *num = cpu_to_be64(tmp);
758 return *p != '\0' && *endptr == '\0';
760 /* Function to calculate the ESBC Image Hash
761 * and hash from Digital signature.
762 * The Two hash's are compared to yield the
763 * result of signature validation.
765 static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
769 struct key_prop prop;
770 #if !defined(USE_HOSTCC)
771 struct udevice *mod_exp_dev;
773 ret = calc_esbchdr_esbc_hash(img);
777 /* Construct encoded hash EM' wrt PKCSv1.5 */
778 construct_img_encoded_hash_second(img);
780 /* Fill prop structure for public key */
781 memset(&prop, 0, sizeof(struct key_prop));
782 key_len = get_key_len(img) / 2;
783 prop.modulus = img->img_key;
784 prop.public_exponent = img->img_key + key_len;
785 prop.num_bits = key_len * 8;
786 prop.exp_len = key_len;
788 ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
790 printf("RSA: Can't find Modular Exp implementation\n");
794 ret = rsa_mod_exp(mod_exp_dev, img->img_sign, img->hdr.sign_len,
795 &prop, img->img_encoded_hash);
800 * compare the encoded messages EM' and EM wrt RSA PKCSv1.5
801 * memcmp returns zero on success
802 * memcmp returns non-zero on failure
804 ret = memcmp(&img->img_encoded_hash_second, &img->img_encoded_hash,
808 return ERROR_ESBC_CLIENT_HASH_COMPARE_EM;
813 int fsl_secboot_validate(uintptr_t haddr, char *arg_hash_str,
816 struct ccsr_sfp_regs *sfp_regs = (void *)(CONFIG_SYS_SFP_ADDR);
817 ulong hash[SHA256_BYTES/sizeof(ulong)];
818 char hash_str[NUM_HEX_CHARS + 1];
819 struct fsl_secboot_img_priv *img;
820 struct fsl_secboot_img_hdr *hdr;
822 int ret, i, hash_cmd = 0;
825 if (arg_hash_str != NULL) {
826 const char *cp = arg_hash_str;
829 if (*cp == '0' && *(cp + 1) == 'x')
832 /* The input string expected is in hex, where
833 * each 4 bits would be represented by a hex
834 * sha256 hash is 256 bits long, which would mean
835 * num of characters = 256 / 4
837 if (strlen(cp) != SHA256_NIBBLES) {
838 printf("%s is not a 256 bits hex string as expected\n",
843 for (i = 0; i < sizeof(hash)/sizeof(ulong); i++) {
844 strncpy(hash_str, cp + (i * NUM_HEX_CHARS),
846 hash_str[NUM_HEX_CHARS] = '\0';
847 if (!str2longbe(hash_str, &hash[i])) {
848 printf("%s is not a 256 bits hex string ",
857 img = malloc(sizeof(struct fsl_secboot_img_priv));
862 memset(img, 0, sizeof(struct fsl_secboot_img_priv));
864 /* Update the information in Private Struct */
866 img->ehdrloc = haddr;
867 img->img_addr = img_addr;
868 esbc = (u8 *)img->ehdrloc;
870 memcpy(hdr, esbc, sizeof(struct fsl_secboot_img_hdr));
872 /* read and validate esbc header */
873 ret = read_validate_esbc_client_header(img);
875 if (ret != ESBC_VALID_HDR) {
876 fsl_secboot_handle_error(ret);
880 /* SRKH present in SFP */
881 for (i = 0; i < NUM_SRKH_REGS; i++)
882 srk_hash[i] = srk_in32(&sfp_regs->srk_hash[i]);
885 * Calculate hash of key obtained via offset present in
886 * ESBC uboot client hdr
888 ret = calc_img_key_hash(img);
890 fsl_secblk_handle_error(ret);
894 /* Compare hash obtained above with SRK hash present in SFP */
896 ret = memcmp(&hash, &img->img_key_hash, SHA256_BYTES);
898 ret = memcmp(srk_hash, img->img_key_hash, SHA256_BYTES);
900 #if defined(CONFIG_FSL_ISBC_KEY_EXT)
901 if (!hash_cmd && check_ie(img))
906 fsl_secboot_handle_error(ERROR_ESBC_CLIENT_HASH_COMPARE_KEY);
910 ret = calculate_cmp_img_sig(img);
912 fsl_secboot_handle_error(ret);