From patchwork Thu Jan 28 10:52:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432726 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHTC2dL2z9sBy for ; Thu, 28 Jan 2021 21:56:15 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=TYDuUFQ2; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHTB397kzDqBx for ; Thu, 28 Jan 2021 21:56:14 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::1032; helo=mail-pj1-x1032.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=TYDuUFQ2; dkim-atps=neutral Received: from mail-pj1-x1032.google.com (mail-pj1-x1032.google.com [IPv6:2607:f8b0:4864:20::1032]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHPp5PTBzDq83 for ; Thu, 28 Jan 2021 21:53:18 +1100 (AEDT) Received: by mail-pj1-x1032.google.com with SMTP id md11so3640586pjb.0 for ; Thu, 28 Jan 2021 02:53:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Ab+RIvlfrSl7hljDLw6CIrjUIt5Hddb9nyDOy3MEBJk=; b=TYDuUFQ2DxIQtBFCHkbM5ebs6imwiu2KOQm6ZuI4+91yDK1nRrbDm7CEaIFdyR84hi D6ThJZBWp5zctrFBb/bI8+wDM5ndhNpeRYgVnAr/uqXfHIMRQozETDhX+UtQmC9ppTmt 9Wl/89pGtigkHFT93lZuHDviE7cFoCiMZV8z1PtKvS87iyMHLXXC1RC/TICGV1Un+Xt/ Q94lZZVbiUziRBrr3E2reGdEkBJAELtTIliUG9eTIM9lxDdEmCJ9ES1lA9VKvnlE6b73 IF/MMIjNFBW/G8MGSDVMeiEq+ZciBiA1mvdy9iHY2F0NI6a+e+Y/H/821CXNJpk4OMlI 9NTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=Ab+RIvlfrSl7hljDLw6CIrjUIt5Hddb9nyDOy3MEBJk=; b=dSg3oZYmN/bRhWD7XuoDgwxThIFCIJYGMPlgFJyLRa46C2Xabls34mIqv3reE92Xer RjzKtgOxG5JGPdl3g50FRTO4AwWL2NopHc1AGjqZtq+0KpHLomVjL0j6nnYRoWDX0zlw cH04VvCyaQB8CSaUxSFHgcn8meOZNdaOvJirbaTlw1o739ZNacCfBOLK14Af/05ouzt8 qDLte7HbMwbNr9namf/GyoEOe9kQykLPu0gUOqPE7UC/RdKNzZ/mz8CLniV7NEtCW3uz wOW1qvxEvBw8Dk+3KHVfyCR5Boz81Na1zqR+Z9k2qK3tgPL0ehuRDFa8BP89HVv0b6tw auZQ== X-Gm-Message-State: AOAM532egDP8v9kRZWZj8z+2eJVdFTvTOllJVamxHKXZrYkCJ4+Q9ks2 mQbmy/Bdy126rbMS+OfrpQ6wmD41ilw= X-Google-Smtp-Source: ABdhPJyvDT3vbZnbrteH4sVT7oINpeFBLocRbAzR8METNwQC6/aJ+cubHA2oRzOFnL6IHyhz+MI1PA== X-Received: by 2002:a17:90a:c595:: with SMTP id l21mr10468214pjt.137.1611831196066; Thu, 28 Jan 2021 02:53:16 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:15 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 1/7] rsa: reject images with unknown padding Date: Thu, 28 Jan 2021 21:22:58 +1030 Message-Id: <20210128105304.401058-2-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Patrick Doyle Previously we would store NULL in info->padding and jump to an illegal instruction if an unknown value for "padding" was specified in the device tree. Signed-off-by: Patrick Doyle (cherry picked from commit 19495dd9b6f5f4e893b56b0c73e14b2e671c3780) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- common/image-sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/image-sig.c b/common/image-sig.c index 4f6b4ec412c3..004fbc525b5c 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -211,7 +211,7 @@ static int fit_image_setup_verify(struct image_sign_info *info, info->required_keynode = required_keynode; printf("%s:%s", algo_name, info->keyname); - if (!info->checksum || !info->crypto) { + if (!info->checksum || !info->crypto || !info->padding) { *err_msgp = "Unknown signature algorithm"; return -1; } From patchwork Thu Jan 28 10:52:59 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432728 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHV91W7hz9sCq for ; Thu, 28 Jan 2021 21:57:05 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=m5tdSlRc; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHV90b17zDqDq for ; Thu, 28 Jan 2021 21:57:05 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::432; helo=mail-pf1-x432.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=m5tdSlRc; dkim-atps=neutral Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHPv1ZNfzDrBB for ; Thu, 28 Jan 2021 21:53:22 +1100 (AEDT) Received: by mail-pf1-x432.google.com with SMTP id t29so3733910pfg.11 for ; Thu, 28 Jan 2021 02:53:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=LCVsByA/OFDH4gjalH02a3QkvbDlFZgwKxZY22+/UTM=; b=m5tdSlRc+TQlYKBsdUwoo6fVRDJ23M+JfXGc7wkPm8ZCReR2lSFXoib8LJDGWEbjCB HdQ1enkY99PerxSNs0jI+O2R/cFJWB6UJ8Zqp0Lh2H0QOdtQhFgDBPwAqJhATfW2lYI4 1EpPDq8NS8YBpByOPmcRTc1JhizDmaIJtCSRIY2w9LgHs3UOttAyMe0TqFbkfQi/1dY6 L7dqh+UIq9u723vWAnHbDKdIS6dvB5OTnYCvKaKGRSZuB86n+wPeoQRWiUlv7p/yniPz MUw0HflIbhjYpeRTI71RVl6GDurScYDz4ui9juTolmodHDfUAmPm+mt67kvosaUN+EGZ WhKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=LCVsByA/OFDH4gjalH02a3QkvbDlFZgwKxZY22+/UTM=; b=UiVgzUezXzW9QbRbX4X/0ElRGheqxlKqMs0sCU/+aZDNUOkf/R/9l8zK9iFj0ULRnm A5mTy5sJMZSHLyuq3a4oI5bRTAx0sWJgd7Ag0necYRX5auuE4z8cnANuKXwT3guIhEEO UKP1bY6w3f7Cd06tFsxJAARyKdn3EbdgT80DiTIF5HUrDrmseENa7kNRqilaj08sCDeF mPlkQUmMgxnJruMIM4K2U4lSkHz5tP84riBgx+E9GytwrAPiaw+x1Ug76xBg86A7NpK3 1dsTFfcMFB74AN2S14/sl846QFp8rFiPVl6WYZmj1acDBhnNXeDLdjP4OEEizQa/JJXf X03A== X-Gm-Message-State: AOAM533DVeXLXEcG4XuAWdEgdgdDRlbG4JWl/pKcAbHpUqOvWiABo0eb z6LP/Z5CRtfUhvC77rfO4WCFT4NYONs= X-Google-Smtp-Source: ABdhPJyfPx9BBOaJIoVvw8Z/Z3eRC8XNTSECH4V02YLoUqDodAk+EDf38vdjdTz2LEIh9WF5fo6sVA== X-Received: by 2002:a63:fd04:: with SMTP id d4mr16132074pgh.232.1611831200535; Thu, 28 Jan 2021 02:53:20 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:19 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 2/7] image: Be a little more verbose when checking signatures Date: Thu, 28 Jan 2021 21:22:59 +1030 Message-Id: <20210128105304.401058-3-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Simon Glass It is useful to be a little more specific about what is being checked. Update a few messages to help with this. Signed-off-by: Simon Glass (cherry picked from commit 382cf62039f775a1aec771645e3cbc32e1e2f0e3) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- common/image-fit.c | 2 +- tools/image-host.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/common/image-fit.c b/common/image-fit.c index 95b5723f322e..c40169331c16 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1870,7 +1870,7 @@ int fit_image_load(bootm_headers_t *images, ulong addr, fit_uname = fit_get_name(fit, noffset, NULL); } if (noffset < 0) { - puts("Could not find subimage node\n"); + printf("Could not find subimage node type '%s'\n", prop_name); bootstage_error(bootstage_id + BOOTSTAGE_SUB_SUBNODE); return -ENOENT; } diff --git a/tools/image-host.c b/tools/image-host.c index 88b329502ca3..8e94ee8f3e31 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -743,7 +743,8 @@ int fit_check_sign(const void *fit, const void *key) if (!cfg_noffset) return -1; - printf("Verifying Hash Integrity ... "); + printf("Verifying Hash Integrity for node '%s'... ", + fdt_get_name(fit, cfg_noffset, NULL)); ret = fit_config_verify(fit, cfg_noffset); if (ret) return ret; From patchwork Thu Jan 28 10:53:00 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432729 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHXD1bc5z9sVR for ; Thu, 28 Jan 2021 21:58:52 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=bDpuUHvi; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHXD02TNzDqSf for ; Thu, 28 Jan 2021 21:58:52 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::52c; helo=mail-pg1-x52c.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=bDpuUHvi; dkim-atps=neutral Received: from mail-pg1-x52c.google.com (mail-pg1-x52c.google.com [IPv6:2607:f8b0:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHQ02TdSzDqDJ for ; Thu, 28 Jan 2021 21:53:27 +1100 (AEDT) Received: by mail-pg1-x52c.google.com with SMTP id o7so4060396pgl.1 for ; Thu, 28 Jan 2021 02:53:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=WlId1yJ1zlfciw90J6O7DahoTo7vnHHmOqwv2Lx10ag=; b=bDpuUHviOSjBDl1Ft5kOCmB5el5xXZMz/v2bPsIFmjAoW5dD7OuclNqTab2/gjOJkZ m9aZc53OpLlBipIfCW7ikj3DsFYXkv/1EOtwnybdldEUGNf3nl2yWtt1dBlVvzfVzhZr HpIMB+bc8Q4+sr9jcnliav9klMhipicaKK+BrowRFUKAUO6kMIuXBJrR7+kXEPHnjIas vUtSex+Zq23DXOvs9LPoy9KGK1EiHhLMl0eztf1IKq78xn4HPEC1rcQP3zZtfWI2+OtZ KKJkLlOtJhOIGftZxZzIhkHdnwpAcHsY3huM43NF/VDDZZcV+zzlZh+v/tYDOIotkflQ At3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=WlId1yJ1zlfciw90J6O7DahoTo7vnHHmOqwv2Lx10ag=; b=XjSBDj/ujo8ug31G1kcF0KVgZvLvdex4UMej77lrMqTJtMzPqHorZ3t2iUWqWdp1DM 5N951HeuU1xisKHE7qluxGTUziSSZfLYb0T2sTLz7Q+gtTeD4MIRLxQveEAFlTaGDqAb rVi2C54FK4yLayMLImyWMuVqjjrL67uYTD2oa2y16SxjJ6WFVuSmS7y8tiK2eyz1mdka rhdR9gGyhLSDW+FWYvz8mCyZDMi9UZ9Lm0mfn81wmxct1Jq5ii6LPSrDplF1JCWE3DFP LuWtFGaHLBG7ZZdwrCuo1GDWScoWwu1ayDCannZYObgIKnZ1PKZiQ8iEUPEfc465C0Sd T6fQ== X-Gm-Message-State: AOAM532veKbQrV+WcFqeJ8Ft8eNl3ycUXxLxuIYudWFl6kO5lvjW03dT Grie0EhPWDtDQ6174abQWIUXy6tAC2E= X-Google-Smtp-Source: ABdhPJysUg5DhVIgs5+quTF0sacPAupwKI4mWZ+IVbdnQz9pE2OeR4vBpIl/YZ+SMNR8VkSy9p+j2g== X-Received: by 2002:a62:ee09:0:b029:1c0:ba8c:fcea with SMTP id e9-20020a62ee090000b02901c0ba8cfceamr15061286pfi.7.1611831205137; Thu, 28 Jan 2021 02:53:25 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:23 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 3/7] image: Return an error message from fit_config_verify_sig() Date: Thu, 28 Jan 2021 21:23:00 +1030 Message-Id: <20210128105304.401058-4-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Simon Glass This function only returns an error message sometimes. Update it to always return an error message if one is available. This makes it easier to see what went wrong. Signed-off-by: Simon Glass (cherry picked from commit 472f9113dbbbed88345f3d38de3ff37ca163508e) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- common/image-sig.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/common/image-sig.c b/common/image-sig.c index 004fbc525b5c..48532b15a31a 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -470,13 +470,14 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, goto error; } - return verified ? 0 : -EPERM; + if (verified) + return 0; error: printf(" error!\n%s for '%s' hash node in '%s' config node\n", err_msg, fit_get_name(fit, noffset, NULL), fit_get_name(fit, conf_noffset, NULL)); - return -1; + return -EPERM; } int fit_config_verify_required_sigs(const void *fit, int conf_noffset, From patchwork Thu Jan 28 10:53:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432730 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHZ25fGSz9sBy for ; Thu, 28 Jan 2021 22:00:26 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=QRMo7O1B; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHZ24GznzDqDJ for ; Thu, 28 Jan 2021 22:00:26 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::42f; helo=mail-pf1-x42f.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=QRMo7O1B; dkim-atps=neutral Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHQ34lFDzDrBB for ; Thu, 28 Jan 2021 21:53:31 +1100 (AEDT) Received: by mail-pf1-x42f.google.com with SMTP id u67so3753278pfb.3 for ; Thu, 28 Jan 2021 02:53:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=b/1JgigsyE0bZl4sGNmB21W2UsqvyzYNe4+nXSzsAKo=; b=QRMo7O1Bp0nhHLzqgtbFgYZcS70o125WR6qhXXYec6GiqH8FQQyhSRjiI1/daU1Hsn LjYUVuMHyURplfoBK2zT6WQ5P/coq+jI1LSQH0VXcKv6dSIlF8bpe/SJkJvTflwpCq9E 9pb5hjBxdsoTLC4XkdGTsY+qmGjxOv6pY6BCG0sFEsRFXinm8D5mWToUs6IoOnssPa25 wHc6WzP8VUhfjuCBBSLFTaqP90XYlzWVSFFIvhB0wCjFGpD+wTG6OizEfabdUNpL8EGt ADZdGhfVvXheabr2p08EI0C7+VT1jhN6i9CRGhI/29XWEw9dzoP8RARZ4K4OuKW1/XaT foXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=b/1JgigsyE0bZl4sGNmB21W2UsqvyzYNe4+nXSzsAKo=; b=sSnxpFz4wp6n87sxbIGbWlWriTkHo8lbKRdQrKOl0ILUaKekS4S7xAYUZ8gjaO1k14 AtVZgWe7xN+Vrk+U/h7vsm89yyY6Ah4+bF5S8xj0z1MOoCsl0dGdi8r/VEK/yhrtY8bR CAaAGao74Fkjaoy/7yJjlSE06NEv0LdWjFXKrhV+MxR7swYhZaN/yd8obHhNC4RJRN6b h7dBCsnfXszqxomTBaNYP38p0l12spf/S8kcW8eYF6FW+F3I9/DuPk8ipTAulXFtIUZa 9ghYJ1bYKozKnf2JiD15SS20PdkJuJoUkzVML+1vzn5CH7xLgl6lOUOVxiWZDrjHAcgK /yfA== X-Gm-Message-State: AOAM5339QT8ZSNyCfGHVzXhe2t1P29AymURaO7Dsqey85yiGG07MaxnB xttYhRt2bQVzZP6UZEqknYhfwreVyWs= X-Google-Smtp-Source: ABdhPJzp3ZChAp0kiCSehHEHdBZgObLRVJdkqoFHLrMnaATwBcbYF+s3SXvNBj/qlnOnPnpnDbavqw== X-Received: by 2002:a63:af05:: with SMTP id w5mr15668552pge.22.1611831208790; Thu, 28 Jan 2021 02:53:28 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:27 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 4/7] image: Check hash-nodes when checking configurations Date: Thu, 28 Jan 2021 21:23:01 +1030 Message-Id: <20210128105304.401058-5-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Simon Glass It is currently possible to use a different configuration's signature and thus bypass the configuration check. Make sure that the configuration node that was hashed matches the one being checked, to catch this problem. Also add a proper function comment to fit_config_check_sig() and make it static. Signed-off-by: Simon Glass (cherry picked from commit 67acad3db71bb372458fbb8a77749f5eb88aa324) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi Reviewed-by: Klaus Heinrich Kiwi --- common/image-sig.c | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/common/image-sig.c b/common/image-sig.c index 48532b15a31a..44c797530d0e 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -330,20 +330,39 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset, return 0; } -int fit_config_check_sig(const void *fit, int noffset, int required_keynode, - char **err_msgp) +/** + * fit_config_check_sig() - Check the signature of a config + * + * @fit: FIT to check + * @noffset: Offset of configuration node (e.g. /configurations/conf-1) + * @required_keynode: Offset in the control FDT of the required key node, + * if any. If this is given, then the configuration wil not + * pass verification unless that key is used. If this is + * -1 then any signature will do. + * @conf_noffset: Offset of the configuration subnode being checked (e.g. + * /configurations/conf-1/kernel) + * @err_msgp: In the event of an error, this will be pointed to a + * help error string to display to the user. + * @return 0 if all verified ok, <0 on error + */ +static int fit_config_check_sig(const void *fit, int noffset, + int required_keynode, int conf_noffset, + char **err_msgp) { char * const exc_prop[] = {"data"}; const char *prop, *end, *name; struct image_sign_info info; const uint32_t *strings; + const char *config_name; uint8_t *fit_value; int fit_value_len; + bool found_config; int max_regions; int i, prop_len; char path[200]; int count; + config_name = fit_get_name(fit, conf_noffset, NULL); debug("%s: fdt=%p, conf='%s', sig='%s'\n", __func__, gd_fdt_blob(), fit_get_name(fit, noffset, NULL), fit_get_name(gd_fdt_blob(), required_keynode, NULL)); @@ -384,9 +403,20 @@ int fit_config_check_sig(const void *fit, int noffset, int required_keynode, char *node_inc[count]; debug("Hash nodes (%d):\n", count); + found_config = false; for (name = prop, i = 0; name < end; name += strlen(name) + 1, i++) { debug(" '%s'\n", name); node_inc[i] = (char *)name; + if (!strncmp(FIT_CONFS_PATH, name, strlen(FIT_CONFS_PATH)) && + name[sizeof(FIT_CONFS_PATH) - 1] == '/' && + !strcmp(name + sizeof(FIT_CONFS_PATH), config_name)) { + debug(" (found config node %s)", config_name); + found_config = true; + } + } + if (!found_config) { + *err_msgp = "Selected config not in hashed nodes"; + return -1; } /* @@ -454,7 +484,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, if (!strncmp(name, FIT_SIG_NODENAME, strlen(FIT_SIG_NODENAME))) { ret = fit_config_check_sig(fit, noffset, sig_offset, - &err_msg); + conf_noffset, &err_msg); if (ret) { puts("- "); } else { From patchwork Thu Jan 28 10:53:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432731 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHbm16hDz9sBy for ; Thu, 28 Jan 2021 22:01:56 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=s680F0K1; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHbl6HwgzDqDq for ; Thu, 28 Jan 2021 22:01:55 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::52b; helo=mail-pg1-x52b.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=s680F0K1; dkim-atps=neutral Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHQC0DZyzDrBg for ; Thu, 28 Jan 2021 21:53:38 +1100 (AEDT) Received: by mail-pg1-x52b.google.com with SMTP id r38so4024600pgk.13 for ; Thu, 28 Jan 2021 02:53:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=CQmJfb0doAc9mnAjP3USaBwVfn6zHLXNiBhxeD+XCA0=; b=s680F0K1kJPTAXYPR2SKhLs7C0ASZn12sRab8fchP8OIS7jyGGHN/1P+1HkSQeIkUI uJmuhAVpsi6lZyuE8uzcVDgzisvKcUSho3v19KMflTpo9b3ZeelRqm7Gg7H073KBsZ5v lv/iFyisFT9v0jKnzRcSVscL1uoB2Hq4xuyjn2xS4YkZJRJQpyuKg9VzT63HQiSHRpPs pUsC0DkGM6Z9Hk7HHpC1dpd4KxBDWTVa1dKKRX8/hs/kt8GZVyYQAxPL3YWkcX9jdbLc wKc+EE4bmPHFJhtbjUx3d2R1xNNDRIkXLtRDmWMf+LpOvK7ow19NZwj5nOCPGS73vZcH VhHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=CQmJfb0doAc9mnAjP3USaBwVfn6zHLXNiBhxeD+XCA0=; b=ctlh2JTMRdeDv+13+W96OOVB/TsiRYOIluZpqjx0A8QZ+CBLAMa5Q87povO9//DGBA FQ1gI3r+8QGE3PuuN2nCDygPTtObgd2nhVlNJjmaFchUzlgz0Pp2cIWkfv+T8ajPHwAF OORoZtrGtb2qHz71TvLCdudgiFEITK34jsOcq/+269fD3Jaa5JHWPxaMFl4Zegjijr3B gIF4AOAriL9rTV0LHV4+wlif9mrX70q3275VT/qtHLm6agL6D9Z6QlnUJpHMYyn+Z3gP kNKkTX9oXMbwkHs2eBZ6dKHTZ6kLvsdpfunmU3oFV067MgGsf0/qMe9w7f9Wa9AVKpxC zs7Q== X-Gm-Message-State: AOAM531L+sZ+s+SsnL3ZXdRoXHj3df9wXU/gw6cq9SyKsaVl8nuHKXzo El0rwGndjRd2coCjgqf10yptnzeHIso= X-Google-Smtp-Source: ABdhPJzhqCu2NwUxfzQM9qeHAY57RoT3lrrrHxcIdiyblwQ5Hah/kd42MJxz5Tk7oYVGYFxP/hvh6w== X-Received: by 2002:a63:a301:: with SMTP id s1mr14897445pge.325.1611831215691; Thu, 28 Jan 2021 02:53:35 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:34 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 5/7] Add support for SHA384 and SHA512 Date: Thu, 28 Jan 2021 21:23:02 +1030 Message-Id: <20210128105304.401058-6-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Reuben Dowle The current recommendation for best security practice from the US government is to use SHA384 for TOP SECRET [1]. This patch adds support for SHA384 and SHA512 in the hash command, and also allows FIT images to be hashed with these algorithms, and signed with sha384,rsaXXXX and sha512,rsaXXXX The SHA implementation is adapted from the linux kernel implementation. [1] Commercial National Security Algorithm Suite http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm Signed-off-by: Reuben Dowle (cherry picked from commit d16b38f42704fe3cc94fbee1601be96045013151) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- Kconfig | 26 ++- common/hash.c | 85 +++++++- common/image-fit.c | 9 + common/image-sig.c | 26 ++- common/spl/Kconfig | 34 ++- include/hash.h | 4 + include/image.h | 18 ++ include/u-boot/rsa-checksum.h | 1 + include/u-boot/sha512.h | 38 ++++ lib/Kconfig | 23 ++ lib/Makefile | 1 + lib/sha512.c | 383 ++++++++++++++++++++++++++++++++++ tools/Makefile | 2 + 13 files changed, 633 insertions(+), 17 deletions(-) create mode 100644 include/u-boot/sha512.h create mode 100644 lib/sha512.c diff --git a/Kconfig b/Kconfig index 68cc2d97b4ed..c3dfa8de47c8 100644 --- a/Kconfig +++ b/Kconfig @@ -283,12 +283,26 @@ config FIT_ENABLE_SHA256_SUPPORT help Enable this to support SHA256 checksum of FIT image contents. A SHA256 checksum is a 256-bit (32-byte) hash value used to check that - the image contents have not been corrupted. SHA256 is recommended - for use in secure applications since (as at 2016) there is no known - feasible attack that could produce a 'collision' with differing - input data. Use this for the highest security. Note that only the - SHA256 variant is supported: SHA512 and others are not currently - supported in U-Boot. + the image contents have not been corrupted. + +config FIT_ENABLE_SHA384_SUPPORT + bool "Support SHA384 checksum of FIT image contents" + default n + select SHA384 + help + Enable this to support SHA384 checksum of FIT image contents. A + SHA384 checksum is a 384-bit (48-byte) hash value used to check that + the image contents have not been corrupted. Use this for the highest + security. + +config FIT_ENABLE_SHA512_SUPPORT + bool "Support SHA512 checksum of FIT image contents" + default n + select SHA512 + help + Enable this to support SHA512 checksum of FIT image contents. A + SHA512 checksum is a 512-bit (64-byte) hash value used to check that + the image contents have not been corrupted. config FIT_SIGNATURE bool "Enable signature verification of FIT uImages" diff --git a/common/hash.c b/common/hash.c index 413a5bfcdae5..d32cd9fa1c18 100644 --- a/common/hash.c +++ b/common/hash.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) @@ -85,6 +86,65 @@ static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void } #endif +#if defined(CONFIG_SHA384) +static int hash_init_sha384(struct hash_algo *algo, void **ctxp) +{ + sha512_context *ctx = malloc(sizeof(sha512_context)); + sha384_starts(ctx); + *ctxp = ctx; + return 0; +} + +static int hash_update_sha384(struct hash_algo *algo, void *ctx, + const void *buf, unsigned int size, int is_last) +{ + sha384_update((sha512_context *)ctx, buf, size); + return 0; +} + +static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void + *dest_buf, int size) +{ + if (size < algo->digest_size) + return -1; + + sha384_finish((sha512_context *)ctx, dest_buf); + free(ctx); + return 0; +} +#endif + +#if defined(CONFIG_SHA512) +static int hash_init_sha512(struct hash_algo *algo, void **ctxp) +{ + sha512_context *ctx = malloc(sizeof(sha512_context)); + sha512_starts(ctx); + *ctxp = ctx; + return 0; +} + +static int hash_update_sha512(struct hash_algo *algo, void *ctx, + const void *buf, unsigned int size, int is_last) +{ + sha512_update((sha512_context *)ctx, buf, size); + return 0; +} + +static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void + *dest_buf, int size) +{ + if (size < algo->digest_size) + return -1; + + printf("hello world\n"); + + sha512_finish((sha512_context *)ctx, dest_buf); + free(ctx); + return 0; +} +#endif + + static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp) { uint16_t *ctx = malloc(sizeof(uint16_t)); @@ -185,6 +245,28 @@ static struct hash_algo hash_algo[] = { .hash_finish = hash_finish_sha256, #endif }, +#endif +#ifdef CONFIG_SHA384 + { + .name = "sha384", + .digest_size = SHA384_SUM_LEN, + .chunk_size = CHUNKSZ_SHA384, + .hash_func_ws = sha384_csum_wd, + .hash_init = hash_init_sha384, + .hash_update = hash_update_sha384, + .hash_finish = hash_finish_sha384, + }, +#endif +#ifdef CONFIG_SHA512 + { + .name = "sha512", + .digest_size = SHA512_SUM_LEN, + .chunk_size = CHUNKSZ_SHA512, + .hash_func_ws = sha512_csum_wd, + .hash_init = hash_init_sha512, + .hash_update = hash_update_sha512, + .hash_finish = hash_finish_sha512, + }, #endif { .name = "crc16-ccitt", @@ -208,7 +290,8 @@ static struct hash_algo hash_algo[] = { /* Try to minimize code size for boards that don't want much hashing */ #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ - defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) + defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ + defined(CONFIG_SHA384) || defined(CONFIG_SHA512) #define multi_hash() 1 #else #define multi_hash() 0 diff --git a/common/image-fit.c b/common/image-fit.c index c40169331c16..be4d9dc9c3b1 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -28,6 +28,7 @@ DECLARE_GLOBAL_DATA_PTR; #include #include #include +#include /*****************************************************************************/ /* New uImage format routines */ @@ -1150,6 +1151,14 @@ int calculate_hash(const void *data, int data_len, const char *algo, sha256_csum_wd((unsigned char *)data, data_len, (unsigned char *)value, CHUNKSZ_SHA256); *value_len = SHA256_SUM_LEN; + } else if (IMAGE_ENABLE_SHA384 && strcmp(algo, "sha384") == 0) { + sha384_csum_wd((unsigned char *)data, data_len, + (unsigned char *)value, CHUNKSZ_SHA384); + *value_len = SHA384_SUM_LEN; + } else if (IMAGE_ENABLE_SHA512 && strcmp(algo, "sha512") == 0) { + sha512_csum_wd((unsigned char *)data, data_len, + (unsigned char *)value, CHUNKSZ_SHA512); + *value_len = SHA512_SUM_LEN; } else if (IMAGE_ENABLE_MD5 && strcmp(algo, "md5") == 0) { md5_wd((unsigned char *)data, data_len, value, CHUNKSZ_MD5); *value_len = 16; diff --git a/common/image-sig.c b/common/image-sig.c index 44c797530d0e..e4bbac55c17e 100644 --- a/common/image-sig.c +++ b/common/image-sig.c @@ -49,7 +49,31 @@ struct checksum_algo checksum_algos[] = { .calculate_sign = EVP_sha256, #endif .calculate = hash_calculate, - } + }, +#ifdef CONFIG_SHA384 + { + .name = "sha384", + .checksum_len = SHA384_SUM_LEN, + .der_len = SHA384_DER_LEN, + .der_prefix = sha384_der_prefix, +#if IMAGE_ENABLE_SIGN + .calculate_sign = EVP_sha384, +#endif + .calculate = hash_calculate, + }, +#endif +#ifdef CONFIG_SHA512 + { + .name = "sha512", + .checksum_len = SHA512_SUM_LEN, + .der_len = SHA512_DER_LEN, + .der_prefix = sha512_der_prefix, +#if IMAGE_ENABLE_SIGN + .calculate_sign = EVP_sha512, +#endif + .calculate = hash_calculate, + }, +#endif }; diff --git a/common/spl/Kconfig b/common/spl/Kconfig index 533e4ef8d3c1..e7425983aee3 100644 --- a/common/spl/Kconfig +++ b/common/spl/Kconfig @@ -284,7 +284,7 @@ config SPL_MD5_SUPPORT secure as it is possible (with a brute-force attack) to adjust the image while still retaining the same MD5 hash value. For secure applications where images may be changed maliciously, you should - consider SHA1 or SHA256. + consider SHA256 or SHA384. config SPL_SHA1_SUPPORT bool "Support SHA1" @@ -295,8 +295,8 @@ config SPL_SHA1_SUPPORT checksum is a 160-bit (20-byte) hash value used to check that the image contents have not been corrupted or maliciously altered. While SHA1 is fairly secure it is coming to the end of its life - due to the expanding computing power avaiable to brute-force - attacks. For more security, consider SHA256. + due to the expanding computing power available to brute-force + attacks. For more security, consider SHA256 or SHA384. config SPL_SHA256_SUPPORT bool "Support SHA256" @@ -305,12 +305,28 @@ config SPL_SHA256_SUPPORT help Enable this to support SHA256 in FIT images within SPL. A SHA256 checksum is a 256-bit (32-byte) hash value used to check that the - image contents have not been corrupted. SHA256 is recommended for - use in secure applications since (as at 2016) there is no known - feasible attack that could produce a 'collision' with differing - input data. Use this for the highest security. Note that only the - SHA256 variant is supported: SHA512 and others are not currently - supported in U-Boot. + image contents have not been corrupted. + +config SPL_SHA384_SUPPORT + bool "Support SHA384" + depends on SPL_FIT + select SHA384 + select SHA512_ALGO + help + Enable this to support SHA384 in FIT images within SPL. A SHA384 + checksum is a 384-bit (48-byte) hash value used to check that the + image contents have not been corrupted. Use this for the highest + security. + +config SPL_SHA512_SUPPORT + bool "Support SHA512" + depends on SPL_FIT + select SHA512 + select SHA512_ALGO + help + Enable this to support SHA512 in FIT images within SPL. A SHA512 + checksum is a 512-bit (64-byte) hash value used to check that the + image contents have not been corrupted. config SPL_FIT_IMAGE_TINY bool "Remove functionality from SPL FIT loading to reduce size" diff --git a/include/hash.h b/include/hash.h index f4019a979189..6e0cf0a53a0a 100644 --- a/include/hash.h +++ b/include/hash.h @@ -10,7 +10,11 @@ * Maximum digest size for all algorithms we support. Having this value * avoids a malloc() or C99 local declaration in common/cmd_hash.c. */ +#if defined(CONFIG_SHA384) || defined(CONFIG_SHA512) +#define HASH_MAX_DIGEST_SIZE 64 +#else #define HASH_MAX_DIGEST_SIZE 32 +#endif enum { HASH_FLAG_VERIFY = 1 << 0, /* Enable verify mode */ diff --git a/include/image.h b/include/image.h index 765ffecee0a7..937c7eee8ffb 100644 --- a/include/image.h +++ b/include/image.h @@ -32,8 +32,12 @@ struct fdt_region; #define CONFIG_FIT_VERBOSE 1 /* enable fit_format_{error,warning}() */ #define CONFIG_FIT_ENABLE_RSASSA_PSS_SUPPORT 1 #define CONFIG_FIT_ENABLE_SHA256_SUPPORT +#define CONFIG_FIT_ENABLE_SHA384_SUPPORT +#define CONFIG_FIT_ENABLE_SHA512_SUPPORT #define CONFIG_SHA1 #define CONFIG_SHA256 +#define CONFIG_SHA384 +#define CONFIG_SHA512 #define IMAGE_ENABLE_IGNORE 0 #define IMAGE_INDENT_STRING "" @@ -93,6 +97,20 @@ struct fdt_region; #define IMAGE_ENABLE_SHA256 0 #endif +#if defined(CONFIG_FIT_ENABLE_SHA384_SUPPORT) || \ + defined(CONFIG_SPL_SHA384_SUPPORT) +#define IMAGE_ENABLE_SHA384 1 +#else +#define IMAGE_ENABLE_SHA384 0 +#endif + +#if defined(CONFIG_FIT_ENABLE_SHA512_SUPPORT) || \ + defined(CONFIG_SPL_SHA512_SUPPORT) +#define IMAGE_ENABLE_SHA512 1 +#else +#define IMAGE_ENABLE_SHA512 0 +#endif + #endif /* IMAGE_ENABLE_FIT */ #ifdef CONFIG_SYS_BOOT_GET_CMDLINE diff --git a/include/u-boot/rsa-checksum.h b/include/u-boot/rsa-checksum.h index 02b814d34e32..54e6a73744e1 100644 --- a/include/u-boot/rsa-checksum.h +++ b/include/u-boot/rsa-checksum.h @@ -10,6 +10,7 @@ #include #include #include +#include /** * hash_calculate() - Calculate hash over the data diff --git a/include/u-boot/sha512.h b/include/u-boot/sha512.h new file mode 100644 index 000000000000..516729d77506 --- /dev/null +++ b/include/u-boot/sha512.h @@ -0,0 +1,38 @@ +#ifndef _SHA512_H +#define _SHA512_H + +#define SHA384_SUM_LEN 48 +#define SHA384_DER_LEN 19 +#define SHA512_SUM_LEN 64 +#define SHA512_DER_LEN 19 +#define SHA512_BLOCK_SIZE 128 + +#define CHUNKSZ_SHA384 (16 * 1024) +#define CHUNKSZ_SHA512 (16 * 1024) + +typedef struct { + uint64_t state[SHA512_SUM_LEN / 8]; + uint64_t count[2]; + uint8_t buf[SHA512_BLOCK_SIZE]; +} sha512_context; + +extern const uint8_t sha512_der_prefix[]; + +void sha512_starts(sha512_context * ctx); +void sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length); +void sha512_finish(sha512_context * ctx, uint8_t digest[SHA512_SUM_LEN]); + +void sha512_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz); + +extern const uint8_t sha384_der_prefix[]; + +void sha384_starts(sha512_context * ctx); +void sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length); +void sha384_finish(sha512_context * ctx, uint8_t digest[SHA384_SUM_LEN]); + +void sha384_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz); + + +#endif /* _SHA512_H */ diff --git a/lib/Kconfig b/lib/Kconfig index 366d164cd760..984a783fd16f 100644 --- a/lib/Kconfig +++ b/lib/Kconfig @@ -247,6 +247,29 @@ config SHA256 The SHA256 algorithm produces a 256-bit (32-byte) hash value (digest). +config SHA512_ALGO + bool "Enable SHA512 algorithm" + help + This option enables support of internal SHA512 algorithm. + +config SHA512 + bool "Enable SHA512 support" + depends on SHA512_ALGO + help + This option enables support of hashing using SHA512 algorithm. + The hash is calculated in software. + The SHA512 algorithm produces a 512-bit (64-byte) hash value + (digest). + +config SHA384 + bool "Enable SHA384 support" + depends on SHA512_ALGO + help + This option enables support of hashing using SHA384 algorithm. + The hash is calculated in software. + The SHA384 algorithm produces a 384-bit (48-byte) hash value + (digest). + config SHA_HW_ACCEL bool "Enable hashing using hardware" help diff --git a/lib/Makefile b/lib/Makefile index 47829bfed52d..c2923810a016 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -56,6 +56,7 @@ endif obj-$(CONFIG_RSA) += rsa/ obj-$(CONFIG_SHA1) += sha1.o obj-$(CONFIG_SHA256) += sha256.o +obj-$(CONFIG_SHA512_ALGO) += sha512.o obj-$(CONFIG_$(SPL_)ZLIB) += zlib/ obj-$(CONFIG_$(SPL_)GZIP) += gunzip.o diff --git a/lib/sha512.c b/lib/sha512.c new file mode 100644 index 000000000000..f1e2acf0fbcb --- /dev/null +++ b/lib/sha512.c @@ -0,0 +1,383 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * FIPS-180-2 compliant SHA-512 and SHA-384 implementation + * + * SHA-512 code by Jean-Luc Cooke + * + * Copyright (c) Jean-Luc Cooke + * Copyright (c) Andrew McDonald + * Copyright (c) 2003 Kyle McMartin + * Copyright (c) 2020 Reuben Dowle + */ + +#ifndef USE_HOSTCC +#include +#include +#else +#include +#endif /* USE_HOSTCC */ +#include +#include + +const uint8_t sha384_der_prefix[SHA384_DER_LEN] = { + 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, + 0x00, 0x04, 0x30 +}; + +const uint8_t sha512_der_prefix[SHA512_DER_LEN] = { + 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, + 0x00, 0x04, 0x40 +}; + +#define SHA384_H0 0xcbbb9d5dc1059ed8ULL +#define SHA384_H1 0x629a292a367cd507ULL +#define SHA384_H2 0x9159015a3070dd17ULL +#define SHA384_H3 0x152fecd8f70e5939ULL +#define SHA384_H4 0x67332667ffc00b31ULL +#define SHA384_H5 0x8eb44a8768581511ULL +#define SHA384_H6 0xdb0c2e0d64f98fa7ULL +#define SHA384_H7 0x47b5481dbefa4fa4ULL + +#define SHA512_H0 0x6a09e667f3bcc908ULL +#define SHA512_H1 0xbb67ae8584caa73bULL +#define SHA512_H2 0x3c6ef372fe94f82bULL +#define SHA512_H3 0xa54ff53a5f1d36f1ULL +#define SHA512_H4 0x510e527fade682d1ULL +#define SHA512_H5 0x9b05688c2b3e6c1fULL +#define SHA512_H6 0x1f83d9abfb41bd6bULL +#define SHA512_H7 0x5be0cd19137e2179ULL + +static inline uint64_t Ch(uint64_t x, uint64_t y, uint64_t z) +{ + return z ^ (x & (y ^ z)); +} + +static inline uint64_t Maj(uint64_t x, uint64_t y, uint64_t z) +{ + return (x & y) | (z & (x | y)); +} + +static const uint64_t sha512_K[80] = { + 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, + 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, + 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, + 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, + 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, + 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, + 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, + 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, + 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, + 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, + 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, + 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, + 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, + 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, + 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, + 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, + 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, + 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, + 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, + 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, + 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, + 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, + 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, + 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, + 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, + 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, + 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL, +}; + +static inline uint64_t ror64(uint64_t word, unsigned int shift) +{ + return (word >> (shift & 63)) | (word << ((-shift) & 63)); +} + +#define e0(x) (ror64(x,28) ^ ror64(x,34) ^ ror64(x,39)) +#define e1(x) (ror64(x,14) ^ ror64(x,18) ^ ror64(x,41)) +#define s0(x) (ror64(x, 1) ^ ror64(x, 8) ^ (x >> 7)) +#define s1(x) (ror64(x,19) ^ ror64(x,61) ^ (x >> 6)) + +/* + * 64-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT64_BE +#define GET_UINT64_BE(n,b,i) { \ + (n) = ( (unsigned long long) (b)[(i) ] << 56 ) \ + | ( (unsigned long long) (b)[(i) + 1] << 48 ) \ + | ( (unsigned long long) (b)[(i) + 2] << 40 ) \ + | ( (unsigned long long) (b)[(i) + 3] << 32 ) \ + | ( (unsigned long long) (b)[(i) + 4] << 24 ) \ + | ( (unsigned long long) (b)[(i) + 5] << 16 ) \ + | ( (unsigned long long) (b)[(i) + 6] << 8 ) \ + | ( (unsigned long long) (b)[(i) + 7] ); \ +} +#endif +#ifndef PUT_UINT64_BE +#define PUT_UINT64_BE(n,b,i) { \ + (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ + (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 7] = (unsigned char) ( (n) ); \ +} +#endif + +static inline void LOAD_OP(int I, uint64_t *W, const uint8_t *input) +{ + GET_UINT64_BE(W[I], input, I*8); +} + +static inline void BLEND_OP(int I, uint64_t *W) +{ + W[I & 15] += s1(W[(I-2) & 15]) + W[(I-7) & 15] + s0(W[(I-15) & 15]); +} + +static void +sha512_transform(uint64_t *state, const uint8_t *input) +{ + uint64_t a, b, c, d, e, f, g, h, t1, t2; + + int i; + uint64_t W[16]; + + /* load the state into our registers */ + a=state[0]; b=state[1]; c=state[2]; d=state[3]; + e=state[4]; f=state[5]; g=state[6]; h=state[7]; + + /* now iterate */ + for (i=0; i<80; i+=8) { + if (!(i & 8)) { + int j; + + if (i < 16) { + /* load the input */ + for (j = 0; j < 16; j++) + LOAD_OP(i + j, W, input); + } else { + for (j = 0; j < 16; j++) { + BLEND_OP(i + j, W); + } + } + } + + t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[(i & 15)]; + t2 = e0(a) + Maj(a,b,c); d+=t1; h=t1+t2; + t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1]; + t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; + t1 = f + e1(c) + Ch(c,d,e) + sha512_K[i+2] + W[(i & 15) + 2]; + t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; + t1 = e + e1(b) + Ch(b,c,d) + sha512_K[i+3] + W[(i & 15) + 3]; + t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; + t1 = d + e1(a) + Ch(a,b,c) + sha512_K[i+4] + W[(i & 15) + 4]; + t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; + t1 = c + e1(h) + Ch(h,a,b) + sha512_K[i+5] + W[(i & 15) + 5]; + t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; + t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6]; + t2 = e0(c) + Maj(c,d,e); f+=t1; b=t1+t2; + t1 = a + e1(f) + Ch(f,g,h) + sha512_K[i+7] + W[(i & 15) + 7]; + t2 = e0(b) + Maj(b,c,d); e+=t1; a=t1+t2; + } + + state[0] += a; state[1] += b; state[2] += c; state[3] += d; + state[4] += e; state[5] += f; state[6] += g; state[7] += h; + + /* erase our data */ + a = b = c = d = e = f = g = h = t1 = t2 = 0; +} + +static void sha512_block_fn(sha512_context *sst, const uint8_t *src, + int blocks) +{ + while (blocks--) { + sha512_transform(sst->state, src); + src += SHA512_BLOCK_SIZE; + } +} + +static void sha512_base_do_update(sha512_context *sctx, + const uint8_t *data, + unsigned int len) +{ + unsigned int partial = sctx->count[0] % SHA512_BLOCK_SIZE; + + sctx->count[0] += len; + if (sctx->count[0] < len) + sctx->count[1]++; + + if (unlikely((partial + len) >= SHA512_BLOCK_SIZE)) { + int blocks; + + if (partial) { + int p = SHA512_BLOCK_SIZE - partial; + + memcpy(sctx->buf + partial, data, p); + data += p; + len -= p; + + sha512_block_fn(sctx, sctx->buf, 1); + } + + blocks = len / SHA512_BLOCK_SIZE; + len %= SHA512_BLOCK_SIZE; + + if (blocks) { + sha512_block_fn(sctx, data, blocks); + data += blocks * SHA512_BLOCK_SIZE; + } + partial = 0; + } + if (len) + memcpy(sctx->buf + partial, data, len); +} + +static void sha512_base_do_finalize(sha512_context *sctx) +{ + const int bit_offset = SHA512_BLOCK_SIZE - sizeof(uint64_t[2]); + uint64_t *bits = (uint64_t *)(sctx->buf + bit_offset); + unsigned int partial = sctx->count[0] % SHA512_BLOCK_SIZE; + + sctx->buf[partial++] = 0x80; + if (partial > bit_offset) { + memset(sctx->buf + partial, 0x0, SHA512_BLOCK_SIZE - partial); + partial = 0; + + sha512_block_fn(sctx, sctx->buf, 1); + } + + memset(sctx->buf + partial, 0x0, bit_offset - partial); + bits[0] = cpu_to_be64(sctx->count[1] << 3 | sctx->count[0] >> 61); + bits[1] = cpu_to_be64(sctx->count[0] << 3); + sha512_block_fn(sctx, sctx->buf, 1); +} + +#if defined(CONFIG_SHA384) +void sha384_starts(sha512_context * ctx) +{ + ctx->state[0] = SHA384_H0; + ctx->state[1] = SHA384_H1; + ctx->state[2] = SHA384_H2; + ctx->state[3] = SHA384_H3; + ctx->state[4] = SHA384_H4; + ctx->state[5] = SHA384_H5; + ctx->state[6] = SHA384_H6; + ctx->state[7] = SHA384_H7; + ctx->count[0] = ctx->count[1] = 0; +} + +void sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + sha512_base_do_update(ctx, input, length); +} + +void sha384_finish(sha512_context * ctx, uint8_t digest[SHA384_SUM_LEN]) +{ + int i; + + sha512_base_do_finalize(ctx); + for(i=0; istate[i], digest, i * 8); +} + +/* + * Output = SHA-512( input buffer ). Trigger the watchdog every 'chunk_sz' + * bytes of input processed. + */ +void sha384_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha512_context ctx; +#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) + const unsigned char *end; + unsigned char *curr; + int chunk; +#endif + + sha384_starts(&ctx); + +#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) + curr = (unsigned char *)input; + end = input + ilen; + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha384_update(&ctx, curr, chunk); + curr += chunk; + WATCHDOG_RESET(); + } +#else + sha384_update(&ctx, input, ilen); +#endif + + sha384_finish(&ctx, output); +} + +#endif + +#if defined(CONFIG_SHA512) +void sha512_starts(sha512_context * ctx) +{ + ctx->state[0] = SHA512_H0; + ctx->state[1] = SHA512_H1; + ctx->state[2] = SHA512_H2; + ctx->state[3] = SHA512_H3; + ctx->state[4] = SHA512_H4; + ctx->state[5] = SHA512_H5; + ctx->state[6] = SHA512_H6; + ctx->state[7] = SHA512_H7; + ctx->count[0] = ctx->count[1] = 0; +} + +void sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + sha512_base_do_update(ctx, input, length); +} + +void sha512_finish(sha512_context * ctx, uint8_t digest[SHA512_SUM_LEN]) +{ + int i; + + sha512_base_do_finalize(ctx); + for(i=0; istate[i], digest, i * 8); +} + +/* + * Output = SHA-512( input buffer ). Trigger the watchdog every 'chunk_sz' + * bytes of input processed. + */ +void sha512_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha512_context ctx; +#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) + const unsigned char *end; + unsigned char *curr; + int chunk; +#endif + + sha512_starts(&ctx); + +#if defined(CONFIG_HW_WATCHDOG) || defined(CONFIG_WATCHDOG) + curr = (unsigned char *)input; + end = input + ilen; + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha512_update(&ctx, curr, chunk); + curr += chunk; + WATCHDOG_RESET(); + } +#else + sha512_update(&ctx, input, ilen); +#endif + + sha512_finish(&ctx, output); +} +#endif diff --git a/tools/Makefile b/tools/Makefile index d377d85f74e7..81aa374a32dd 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -110,6 +110,7 @@ dumpimage-mkimage-objs := aisimage.o \ lib/crc16.o \ lib/sha1.o \ lib/sha256.o \ + lib/sha512.o \ common/hash.o \ ublimage.o \ zynqimage.o \ @@ -209,6 +210,7 @@ HOSTCFLAGS_crc8.o := -pedantic HOSTCFLAGS_md5.o := -pedantic HOSTCFLAGS_sha1.o := -pedantic HOSTCFLAGS_sha256.o := -pedantic +HOSTCFLAGS_sha512.o := -pedantic -DCONFIG_SHA512 -DCONFIG_SHA384 quiet_cmd_wrap = WRAP $@ cmd_wrap = echo "\#include <../$(patsubst $(obj)/%,%,$@)>" >$@ From patchwork Thu Jan 28 10:53:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432732 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHfd6chbz9sCD for ; Thu, 28 Jan 2021 22:04:25 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=XebFLL7W; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHfd3qJGzDqBL for ; Thu, 28 Jan 2021 22:04:25 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::533; helo=mail-pg1-x533.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=XebFLL7W; dkim-atps=neutral Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHQG63HzzDr9W for ; Thu, 28 Jan 2021 21:53:42 +1100 (AEDT) Received: by mail-pg1-x533.google.com with SMTP id o7so4060753pgl.1 for ; Thu, 28 Jan 2021 02:53:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=46YKsp2YBTtarousU/eVRcjeMfOBTotKeAkqawdQwxY=; b=XebFLL7WKQCnuyBhUKKEKihPiHgWXcEAn278RO7SEVlzyUZHmkce5XtxQDCqvpCMCW rdJ7dIVytrioBywEDdWk0bPda5wQSJh4fAiubGhf8OEc4Ybn7YYT18J1WnSlpPQ91bMS QLX57lVTsrrrW+0WGQofFgJZZ5fIxp2c9Ah+5xiwKuVumKpzzxlTuWazH2nz31zLksGW LJc9LBU9Lvjkqg/JtlYONQMVbj7YhwdUDqsINiAF+0PbNJJFoWHmBQjBSZ/yCA3AoJce BS95y7zhgvbWTjLJB8kel+RJxS3qBYPsIhRGKm9elhNjglPi2B8+2LGOBJT1M/mfJSZW qJfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=46YKsp2YBTtarousU/eVRcjeMfOBTotKeAkqawdQwxY=; b=D5FKJARwMT5x0EN7U3dzuc+MNAoDUKL5sAdrNGgQqClhTfWPf5Yx0oFzzMYVfCYrcj ZCXKJ4/9v9wG9y5svjWvzIvlUif1KKi3wp77MNvO18GYt11NBZNl0c7xok5bLP8okqMd q1EPoSEXXb/6oMEGkjeDLZsn+e3PPWooaY3pZfw82+EqZAQ4WaruF6tAqXiqkMf0dPuV o5omUuI5ZdmyYyGTFl5pkZ5afypP+JOete1t7vBagCyiERU0Ao99SE32x71nXl9ig3pg E498PRETqj0bjD1lUwqTN6GZU4TDd9jcftsUQplx6lsPFOH3jIbLvluUwN4JKZVo6jM2 eT5Q== X-Gm-Message-State: AOAM532FfXgkUioAlLMOBNTYkm879ehshww/ByOSon3h+0S4QVVaX/sh +/YLVKzUzdBJNUwoEv6lWxRf3z3B7do= X-Google-Smtp-Source: ABdhPJwSfD7eYzO1R5NMgbUDz178oYNbLwm8tCgles+jECA3UWUkKqhnkiU2mBMRafR50yrr0bf3nw== X-Received: by 2002:a63:4b0f:: with SMTP id y15mr16154102pga.398.1611831219620; Thu, 28 Jan 2021 02:53:39 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:38 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 6/7] common: hash: Remove a debug printf statement Date: Thu, 28 Jan 2021 21:23:03 +1030 Message-Id: <20210128105304.401058-7-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Harald Seiler Remove a left-over debug printf that was introduced with SHA512 support. Fixes: d16b38f42704 ("Add support for SHA384 and SHA512") Signed-off-by: Harald Seiler (cherry picked from commit 7a81989b7b04bd87d1e684f2bafdc92a9c16fecc) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- common/hash.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/common/hash.c b/common/hash.c index d32cd9fa1c18..c00ec4d36c41 100644 --- a/common/hash.c +++ b/common/hash.c @@ -136,8 +136,6 @@ static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void if (size < algo->digest_size) return -1; - printf("hello world\n"); - sha512_finish((sha512_context *)ctx, dest_buf); free(ctx); return 0; From patchwork Thu Jan 28 10:53:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joel Stanley X-Patchwork-Id: 1432733 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DRHjr5S5hz9sBy for ; Thu, 28 Jan 2021 22:07:12 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=iz7sr5CJ; dkim-atps=neutral Received: from bilbo.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 4DRHjr3jGjzDqDJ for ; Thu, 28 Jan 2021 22:07:12 +1100 (AEDT) X-Original-To: openbmc@lists.ozlabs.org Delivered-To: openbmc@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=gmail.com (client-ip=2607:f8b0:4864:20::533; helo=mail-pg1-x533.google.com; envelope-from=joel.stan@gmail.com; receiver=) Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=iz7sr5CJ; dkim-atps=neutral Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4DRHQK6RKCzDqSf for ; Thu, 28 Jan 2021 21:53:45 +1100 (AEDT) Received: by mail-pg1-x533.google.com with SMTP id o16so4049068pgg.5 for ; Thu, 28 Jan 2021 02:53:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=XNXjOS+RhXn1WwOlVyDSdQVxGXNK6doUSivvRrwQqmc=; b=iz7sr5CJOD4m/wUsww++k/P0ZnqkAx6XtO9M4ZJN8WVyXhUdIsmqt6S56Hi2mJY5eW xrZR79GLoUwG7dPdMRimzazfikJUC5T2Qrc1waAZYNLJ/7BytkbUHhVBLVxbP2fHS2Yr lfAxMnue65r1UznnxsstQj3zVOsUeKatO48w72fgyu/O96cO3BNAWMtUkhrhcK64HyTD chNINtdax7sRPS29ibLcEjI6Mp/4V0PY545kBxPAryvyddKTjom8PgErobqXPNBoktwW 8ziMjmwZC3mpjHU1emq0gwQ/6xnCZdkyhghejGls0oaMlDepv9yjDfO4QwXv7PLB6WIq dnvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=XNXjOS+RhXn1WwOlVyDSdQVxGXNK6doUSivvRrwQqmc=; b=AdAV2/M1fREy5UnLkuU6xbie1Bhx5YjYBd5xRGHpNXsl8Np0baSectTBFbDbKtfS+5 2wYsvNUZFKX4OiIHLyETyeegApb9MymUycYZgILuTwcyAEyOM3HADUXX32O2WjVoUayo URhV39KZQdzZMUPsoqMuzpexO8UotumEuhxuIzgWL3idWIBk9agyq7e4st3Db9f6tX1M iRSfe8ScVtp+EMo+iDpcYimCza3ZuJKAqO4AFk3l3z90AMw4zn3ALpbb/21NKu5o1TJA E8QNC3zjezzEJm04EzqtWHXkkNK8n7q1KkUArNcFmZXUHpQZw6sPeQ0zAl0MIS4dw7r+ UUWQ== X-Gm-Message-State: AOAM531a8786HfoYCVSplUs4xMIZKFEUe8Wz6GaBgcQV5xu49ApeSGxR YUYnxo7IoF916tcv4NOaC8U2NTDUCmE= X-Google-Smtp-Source: ABdhPJz3JaNb9NgORUOEFIsWG93FVafVD3BjsIF0D8yEJuS/3WXb3s+I42JMYfwKpnfLODdyM1PnsA== X-Received: by 2002:a63:1456:: with SMTP id 22mr15905763pgu.386.1611831223440; Thu, 28 Jan 2021 02:53:43 -0800 (PST) Received: from voyager.lan ([45.124.203.14]) by smtp.gmail.com with ESMTPSA id q197sm5102748pfc.155.2021.01.28.02.53.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Jan 2021 02:53:42 -0800 (PST) From: Joel Stanley To: Andrew Jeffery , openbmc@lists.ozlabs.org Subject: [PATCH u-boot v2019.04-aspeed-openbmc 7/7] image-fit: fit_check_format check for valid FDT Date: Thu, 28 Jan 2021 21:23:04 +1030 Message-Id: <20210128105304.401058-8-joel@jms.id.au> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210128105304.401058-1-joel@jms.id.au> References: <20210128105304.401058-1-joel@jms.id.au> MIME-Version: 1.0 X-BeenThere: openbmc@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development list for OpenBMC List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openbmc-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "openbmc" From: Heinrich Schuchardt fit_check_format() must check that the buffer contains a flattened device tree before calling any device tree library functions. Failure to do may cause segmentation faults. Signed-off-by: Heinrich Schuchardt (cherry picked from commit ea1a9ec5f430359720d9a0621ed1acfbba6a142a) Signed-off-by: Joel Stanley Reviewed-by: Klaus Heinrich Kiwi --- common/image-fit.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/common/image-fit.c b/common/image-fit.c index be4d9dc9c3b1..e64949dfa73d 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -1473,6 +1473,12 @@ int fit_image_check_comp(const void *fit, int noffset, uint8_t comp) */ int fit_check_format(const void *fit) { + /* A FIT image must be a valid FDT */ + if (fdt_check_header(fit)) { + debug("Wrong FIT format: not a flattened device tree\n"); + return 0; + } + /* mandatory / node 'description' property */ if (fdt_getprop(fit, 0, FIT_DESC_PROP, NULL) == NULL) { debug("Wrong FIT format: no description\n");