+static uint8_t baudrate_to_option(unsigned int baudrate)
+{
+ switch (baudrate) {
+ case 2400:
+ return MAIN_HDR_V1_OPT_BAUD_2400;
+ case 4800:
+ return MAIN_HDR_V1_OPT_BAUD_4800;
+ case 9600:
+ return MAIN_HDR_V1_OPT_BAUD_9600;
+ case 19200:
+ return MAIN_HDR_V1_OPT_BAUD_19200;
+ case 38400:
+ return MAIN_HDR_V1_OPT_BAUD_38400;
+ case 57600:
+ return MAIN_HDR_V1_OPT_BAUD_57600;
+ case 115200:
+ return MAIN_HDR_V1_OPT_BAUD_115200;
+ default:
+ return MAIN_HDR_V1_OPT_BAUD_DEFAULT;
+ }
+}
+
+#if defined(CONFIG_KWB_SECURE)
+static void kwb_msg(const char *fmt, ...)
+{
+ if (verbose_mode) {
+ va_list ap;
+
+ va_start(ap, fmt);
+ vfprintf(stdout, fmt, ap);
+ va_end(ap);
+ }
+}
+
+static int openssl_err(const char *msg)
+{
+ unsigned long ssl_err = ERR_get_error();
+
+ fprintf(stderr, "%s", msg);
+ fprintf(stderr, ": %s\n",
+ ERR_error_string(ssl_err, 0));
+
+ return -1;
+}
+
+static int kwb_load_rsa_key(const char *keydir, const char *name, RSA **p_rsa)
+{
+ char path[PATH_MAX];
+ RSA *rsa;
+ FILE *f;
+
+ if (!keydir)
+ keydir = ".";
+
+ snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
+ f = fopen(path, "r");
+ if (!f) {
+ fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",
+ path, strerror(errno));
+ return -ENOENT;
+ }
+
+ rsa = PEM_read_RSAPrivateKey(f, 0, NULL, "");
+ if (!rsa) {
+ openssl_err("Failure reading private key");
+ fclose(f);
+ return -EPROTO;
+ }
+ fclose(f);
+ *p_rsa = rsa;
+
+ return 0;
+}
+
+static int kwb_load_cfg_key(struct image_tool_params *params,
+ unsigned int cfg_option, const char *key_name,
+ RSA **p_key)
+{
+ struct image_cfg_element *e_key;
+ RSA *key;
+ int res;
+
+ *p_key = NULL;
+
+ e_key = image_find_option(cfg_option);
+ if (!e_key) {
+ fprintf(stderr, "%s not configured\n", key_name);
+ return -ENOENT;
+ }
+
+ res = kwb_load_rsa_key(params->keydir, e_key->key_name, &key);
+ if (res < 0) {
+ fprintf(stderr, "Failed to load %s\n", key_name);
+ return -ENOENT;
+ }
+
+ *p_key = key;
+
+ return 0;
+}
+
+static int kwb_load_kak(struct image_tool_params *params, RSA **p_kak)
+{
+ return kwb_load_cfg_key(params, IMAGE_CFG_KAK, "KAK", p_kak);
+}
+
+static int kwb_load_csk(struct image_tool_params *params, RSA **p_csk)
+{
+ return kwb_load_cfg_key(params, IMAGE_CFG_CSK, "CSK", p_csk);
+}
+
+static int kwb_compute_pubkey_hash(struct pubkey_der_v1 *pk,
+ struct hash_v1 *hash)
+{
+ EVP_MD_CTX *ctx;
+ unsigned int key_size;
+ unsigned int hash_size;
+ int ret = 0;
+
+ if (!pk || !hash || pk->key[0] != 0x30 || pk->key[1] != 0x82)
+ return -EINVAL;
+
+ key_size = (pk->key[2] << 8) + pk->key[3] + 4;
+
+ ctx = EVP_MD_CTX_create();
+ if (!ctx)
+ return openssl_err("EVP context creation failed");
+
+ EVP_MD_CTX_init(ctx);
+ if (!EVP_DigestInit(ctx, EVP_sha256())) {
+ ret = openssl_err("Digest setup failed");
+ goto hash_err_ctx;
+ }
+
+ if (!EVP_DigestUpdate(ctx, pk->key, key_size)) {
+ ret = openssl_err("Hashing data failed");
+ goto hash_err_ctx;
+ }
+
+ if (!EVP_DigestFinal(ctx, hash->hash, &hash_size)) {
+ ret = openssl_err("Could not obtain hash");
+ goto hash_err_ctx;
+ }
+
+ EVP_MD_CTX_cleanup(ctx);
+
+hash_err_ctx:
+ EVP_MD_CTX_destroy(ctx);
+ return ret;
+}
+
+static int kwb_import_pubkey(RSA **key, struct pubkey_der_v1 *src, char *keyname)
+{
+ RSA *rsa;
+ const unsigned char *ptr;
+
+ if (!key || !src)
+ goto fail;
+
+ ptr = src->key;
+ rsa = d2i_RSAPublicKey(key, &ptr, sizeof(src->key));
+ if (!rsa) {
+ openssl_err("error decoding public key");
+ goto fail;
+ }
+
+ return 0;
+fail:
+ fprintf(stderr, "Failed to decode %s pubkey\n", keyname);
+ return -EINVAL;
+}
+
+static int kwb_export_pubkey(RSA *key, struct pubkey_der_v1 *dst, FILE *hashf,
+ char *keyname)
+{
+ int size_exp, size_mod, size_seq;
+ const BIGNUM *key_e, *key_n;
+ uint8_t *cur;
+ char *errmsg = "Failed to encode %s\n";
+
+ RSA_get0_key(key, NULL, &key_e, NULL);
+ RSA_get0_key(key, &key_n, NULL, NULL);
+
+ if (!key || !key_e || !key_n || !dst) {
+ fprintf(stderr, "export pk failed: (%p, %p, %p, %p)",
+ key, key_e, key_n, dst);
+ fprintf(stderr, errmsg, keyname);
+ return -EINVAL;
+ }
+
+ /*
+ * According to the specs, the key should be PKCS#1 DER encoded.
+ * But unfortunately the really required encoding seems to be different;
+ * it violates DER...! (But it still conformes to BER.)
+ * (Length always in long form w/ 2 byte length code; no leading zero
+ * when MSB of first byte is set...)
+ * So we cannot use the encoding func provided by OpenSSL and have to
+ * do the encoding manually.
+ */
+
+ size_exp = BN_num_bytes(key_e);
+ size_mod = BN_num_bytes(key_n);
+ size_seq = 4 + size_mod + 4 + size_exp;
+
+ if (size_mod > 256) {
+ fprintf(stderr, "export pk failed: wrong mod size: %d\n",
+ size_mod);
+ fprintf(stderr, errmsg, keyname);
+ return -EINVAL;
+ }
+
+ if (4 + size_seq > sizeof(dst->key)) {
+ fprintf(stderr, "export pk failed: seq too large (%d, %lu)\n",
+ 4 + size_seq, sizeof(dst->key));
+ fprintf(stderr, errmsg, keyname);
+ return -ENOBUFS;
+ }
+
+ cur = dst->key;
+
+ /* PKCS#1 (RFC3447) RSAPublicKey structure */
+ *cur++ = 0x30; /* SEQUENCE */
+ *cur++ = 0x82;
+ *cur++ = (size_seq >> 8) & 0xFF;
+ *cur++ = size_seq & 0xFF;
+ /* Modulus */
+ *cur++ = 0x02; /* INTEGER */
+ *cur++ = 0x82;
+ *cur++ = (size_mod >> 8) & 0xFF;
+ *cur++ = size_mod & 0xFF;
+ BN_bn2bin(key_n, cur);
+ cur += size_mod;
+ /* Exponent */
+ *cur++ = 0x02; /* INTEGER */
+ *cur++ = 0x82;
+ *cur++ = (size_exp >> 8) & 0xFF;
+ *cur++ = size_exp & 0xFF;
+ BN_bn2bin(key_e, cur);
+
+ if (hashf) {
+ struct hash_v1 pk_hash;
+ int i;
+ int ret = 0;
+
+ ret = kwb_compute_pubkey_hash(dst, &pk_hash);
+ if (ret < 0) {
+ fprintf(stderr, errmsg, keyname);
+ return ret;
+ }
+
+ fprintf(hashf, "SHA256 = ");
+ for (i = 0 ; i < sizeof(pk_hash.hash); ++i)
+ fprintf(hashf, "%02X", pk_hash.hash[i]);
+ fprintf(hashf, "\n");
+ }
+
+ return 0;
+}
+
+int kwb_sign(RSA *key, void *data, int datasz, struct sig_v1 *sig, char *signame)
+{
+ EVP_PKEY *evp_key;
+ EVP_MD_CTX *ctx;
+ unsigned int sig_size;
+ int size;
+ int ret = 0;
+
+ evp_key = EVP_PKEY_new();
+ if (!evp_key)
+ return openssl_err("EVP_PKEY object creation failed");
+
+ if (!EVP_PKEY_set1_RSA(evp_key, key)) {
+ ret = openssl_err("EVP key setup failed");
+ goto err_key;
+ }
+
+ size = EVP_PKEY_size(evp_key);
+ if (size > sizeof(sig->sig)) {
+ fprintf(stderr, "Buffer to small for signature (%d bytes)\n",
+ size);
+ ret = -ENOBUFS;
+ goto err_key;
+ }
+
+ ctx = EVP_MD_CTX_create();
+ if (!ctx) {
+ ret = openssl_err("EVP context creation failed");
+ goto err_key;
+ }
+ EVP_MD_CTX_init(ctx);
+ if (!EVP_SignInit(ctx, EVP_sha256())) {
+ ret = openssl_err("Signer setup failed");
+ goto err_ctx;
+ }
+
+ if (!EVP_SignUpdate(ctx, data, datasz)) {
+ ret = openssl_err("Signing data failed");
+ goto err_ctx;
+ }
+
+ if (!EVP_SignFinal(ctx, sig->sig, &sig_size, evp_key)) {
+ ret = openssl_err("Could not obtain signature");
+ goto err_ctx;
+ }
+
+ EVP_MD_CTX_cleanup(ctx);
+ EVP_MD_CTX_destroy(ctx);
+ EVP_PKEY_free(evp_key);
+
+ return 0;
+
+err_ctx:
+ EVP_MD_CTX_destroy(ctx);
+err_key:
+ EVP_PKEY_free(evp_key);
+ fprintf(stderr, "Failed to create %s signature\n", signame);
+ return ret;
+}
+
+int kwb_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
+ char *signame)
+{
+ EVP_PKEY *evp_key;
+ EVP_MD_CTX *ctx;
+ int size;
+ int ret = 0;
+
+ evp_key = EVP_PKEY_new();
+ if (!evp_key)
+ return openssl_err("EVP_PKEY object creation failed");
+
+ if (!EVP_PKEY_set1_RSA(evp_key, key)) {
+ ret = openssl_err("EVP key setup failed");
+ goto err_key;
+ }
+
+ size = EVP_PKEY_size(evp_key);
+ if (size > sizeof(sig->sig)) {
+ fprintf(stderr, "Invalid signature size (%d bytes)\n",
+ size);
+ ret = -EINVAL;
+ goto err_key;
+ }
+
+ ctx = EVP_MD_CTX_create();
+ if (!ctx) {
+ ret = openssl_err("EVP context creation failed");
+ goto err_key;
+ }
+ EVP_MD_CTX_init(ctx);
+ if (!EVP_VerifyInit(ctx, EVP_sha256())) {
+ ret = openssl_err("Verifier setup failed");
+ goto err_ctx;
+ }
+
+ if (!EVP_VerifyUpdate(ctx, data, datasz)) {
+ ret = openssl_err("Hashing data failed");
+ goto err_ctx;
+ }
+
+ if (!EVP_VerifyFinal(ctx, sig->sig, sizeof(sig->sig), evp_key)) {
+ ret = openssl_err("Could not verify signature");
+ goto err_ctx;
+ }
+
+ EVP_MD_CTX_cleanup(ctx);
+ EVP_MD_CTX_destroy(ctx);
+ EVP_PKEY_free(evp_key);
+
+ return 0;
+
+err_ctx:
+ EVP_MD_CTX_destroy(ctx);
+err_key:
+ EVP_PKEY_free(evp_key);
+ fprintf(stderr, "Failed to verify %s signature\n", signame);
+ return ret;
+}
+
+int kwb_sign_and_verify(RSA *key, void *data, int datasz, struct sig_v1 *sig,
+ char *signame)
+{
+ if (kwb_sign(key, data, datasz, sig, signame) < 0)
+ return -1;
+
+ if (kwb_verify(key, data, datasz, sig, signame) < 0)
+ return -1;
+
+ return 0;
+}
+
+
+int kwb_dump_fuse_cmds_38x(FILE *out, struct secure_hdr_v1 *sec_hdr)
+{
+ struct hash_v1 kak_pub_hash;
+ struct image_cfg_element *e;
+ unsigned int fuse_line;
+ int i, idx;
+ uint8_t *ptr;
+ uint32_t val;
+ int ret = 0;
+
+ if (!out || !sec_hdr)
+ return -EINVAL;
+
+ ret = kwb_compute_pubkey_hash(&sec_hdr->kak, &kak_pub_hash);
+ if (ret < 0)
+ goto done;
+
+ fprintf(out, "# burn KAK pub key hash\n");
+ ptr = kak_pub_hash.hash;
+ for (fuse_line = 26; fuse_line <= 30; ++fuse_line) {
+ fprintf(out, "fuse prog -y %u 0 ", fuse_line);
+
+ for (i = 4; i-- > 0;)
+ fprintf(out, "%02hx", (ushort)ptr[i]);
+ ptr += 4;
+ fprintf(out, " 00");
+
+ if (fuse_line < 30) {
+ for (i = 3; i-- > 0;)
+ fprintf(out, "%02hx", (ushort)ptr[i]);
+ ptr += 3;
+ } else {
+ fprintf(out, "000000");
+ }
+
+ fprintf(out, " 1\n");
+ }
+
+ fprintf(out, "# burn CSK selection\n");
+
+ idx = image_get_csk_index();
+ if (idx < 0 || idx > 15) {
+ ret = -EINVAL;
+ goto done;
+ }
+ if (idx > 0) {
+ for (fuse_line = 31; fuse_line < 31 + idx; ++fuse_line)
+ fprintf(out, "fuse prog -y %u 0 00000001 00000000 1\n",
+ fuse_line);
+ } else {
+ fprintf(out, "# CSK index is 0; no mods needed\n");
+ }
+
+ e = image_find_option(IMAGE_CFG_BOX_ID);
+ if (e) {
+ fprintf(out, "# set box ID\n");
+ fprintf(out, "fuse prog -y 48 0 %08x 00000000 1\n", e->boxid);
+ }
+
+ e = image_find_option(IMAGE_CFG_FLASH_ID);
+ if (e) {
+ fprintf(out, "# set flash ID\n");
+ fprintf(out, "fuse prog -y 47 0 %08x 00000000 1\n", e->flashid);
+ }
+
+ fprintf(out, "# enable secure mode ");
+ fprintf(out, "(must be the last fuse line written)\n");
+
+ val = 1;
+ e = image_find_option(IMAGE_CFG_SEC_BOOT_DEV);
+ if (!e) {
+ fprintf(stderr, "ERROR: secured mode boot device not given\n");
+ ret = -EINVAL;
+ goto done;
+ }
+
+ if (e->sec_boot_dev > 0xff) {
+ fprintf(stderr, "ERROR: secured mode boot device invalid\n");
+ ret = -EINVAL;
+ goto done;
+ }
+
+ val |= (e->sec_boot_dev << 8);
+
+ fprintf(out, "fuse prog -y 24 0 %08x 0103e0a9 1\n", val);
+
+ fprintf(out, "# lock (unused) fuse lines (0-23)s\n");
+ for (fuse_line = 0; fuse_line < 24; ++fuse_line)
+ fprintf(out, "fuse prog -y %u 2 1\n", fuse_line);
+
+ fprintf(out, "# OK, that's all :-)\n");
+
+done:
+ return ret;
+}
+
+static int kwb_dump_fuse_cmds(struct secure_hdr_v1 *sec_hdr)
+{
+ int ret = 0;
+ struct image_cfg_element *e;
+
+ e = image_find_option(IMAGE_CFG_SEC_FUSE_DUMP);
+ if (!e)
+ return 0;
+
+ if (!strcmp(e->name, "a38x")) {
+ FILE *out = fopen("kwb_fuses_a38x.txt", "w+");
+
+ kwb_dump_fuse_cmds_38x(out, sec_hdr);
+ fclose(out);
+ goto done;
+ }
+
+ ret = -ENOSYS;
+
+done:
+ return ret;
+}
+
+#endif
+