diff mbox series

[V2,07/10] swupdate: Initalize the recipient key pair for asym decryption

Message ID 20231204100620.27789-8-Michael.Glembotzki@iris-sensing.com
State Changes Requested
Headers show
Series [V2,01/10] util: BUG: set_aes_key does not fail on invalid aes key or ivt | expand

Commit Message

Michael Glembotzki Dec. 4, 2023, 10:05 a.m. UTC 
Add recipient key fname to swupdate_cfg for asym decryption.
Read and initalize the recip-keypair from argument -r or configuration file.

Signed-off-by: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
---
 core/swupdate.c                     | 44 ++++++++++++++++++++++++++---
 examples/configuration/swupdate.cfg |  3 ++
 include/swupdate.h                  |  1 +
 3 files changed, 44 insertions(+), 4 deletions(-)
diff mbox series

Patch

diff --git a/core/swupdate.c b/core/swupdate.c
index 6f9938e..5e03846 100644
--- a/core/swupdate.c
+++ b/core/swupdate.c
@@ -101,8 +101,11 @@  static struct option long_options[] = {
 	{"forced-signer-name", required_argument, NULL, '2'},
 #endif
 #endif
-#ifdef CONFIG_ENCRYPTED_IMAGES
+#if defined(CONFIG_ENCRYPTED_IMAGES) && !defined(CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION)
 	{"key-aes", required_argument, NULL, 'K'},
+#endif
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+	{"recip-keypair", required_argument, NULL, 'r'},
 #endif
 	{"loglevel", required_argument, NULL, 'l'},
 	{"max-version", required_argument, NULL, '3'},
@@ -162,9 +165,12 @@  static void usage(char *programname)
 		"     --ca-path                  : path to the Certificate Authority (PEM)\n"
 #endif
 #endif
-#ifdef CONFIG_ENCRYPTED_IMAGES
+#if defined(CONFIG_ENCRYPTED_IMAGES) && !defined(CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION)
 		" -K, --key-aes <key file>       : the file contains the symmetric key to be used\n"
 		"                                  to decrypt images\n"
+#endif
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+		" -r, --recip-keypair <key file> : path to the recipient keypair (PEM)\n"
 #endif
 		" -n, --dry-run                  : run SWUpdate without installing the software\n"
 		" -N, --no-downgrading <version> : not install a release older as <version>\n"
@@ -310,8 +316,14 @@  static int read_globals_settings(void *elem, void *data)
 				"public-key-file", sw->publickeyfname);
 	GET_FIELD_STRING(LIBCFG_PARSER, elem,
 				"ca-path", sw->publickeyfname);
+#if defined(CONFIG_ENCRYPTED_IMAGES) && !defined(CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION)
 	GET_FIELD_STRING(LIBCFG_PARSER, elem,
 				"aes-key-file", sw->aeskeyfname);
+#endif
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+	GET_FIELD_STRING(LIBCFG_PARSER, elem,
+				"recip-keypair", sw->recipkeypairfname);
+#endif
 	GET_FIELD_STRING(LIBCFG_PARSER, elem,
 				"mtd-blacklist", sw->mtdblacklist);
 	GET_FIELD_STRING(LIBCFG_PARSER, elem,
@@ -497,9 +509,12 @@  int main(int argc, char **argv)
 	public_key_mandatory = 1;
 #endif
 #endif
-#ifdef CONFIG_ENCRYPTED_IMAGES
+#if defined(CONFIG_ENCRYPTED_IMAGES) && !defined(CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION)
 	strcat(main_options, "K:");
 #endif
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+	strcat(main_options, "r:");
+#endif
 
 	memset(fname, 0, sizeof(fname));
 
@@ -656,12 +671,19 @@  int main(int argc, char **argv)
 			strlcpy(swcfg.maximum_version, optarg,
 				sizeof(swcfg.maximum_version));
 			break;
-#ifdef CONFIG_ENCRYPTED_IMAGES
+#if defined(CONFIG_ENCRYPTED_IMAGES) && !defined(CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION)
 		case 'K':
 			strlcpy(swcfg.aeskeyfname,
 				optarg,
 			       	sizeof(swcfg.aeskeyfname));
 			break;
+#endif
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+		case 'r':
+			strlcpy(swcfg.recipkeypairfname,
+				optarg,
+				sizeof(swcfg.recipkeypairfname));
+			break;
 #endif
 		case 'N':
 			swcfg.no_downgrading = true;
@@ -842,6 +864,19 @@  int main(int argc, char **argv)
 		mtd_set_ubiblacklist(swcfg.mtdblacklist);
 #endif
 
+#ifdef CONFIG_ASYM_ENCRYPTED_SW_DESCRIPTION
+	if (strlen(swcfg.recipkeypairfname)) {
+		if (swupdate_dgst_add_recipient_keypair(&swcfg, swcfg.recipkeypairfname)) {
+			fprintf(stderr,
+				"Error: Recipient keypair cannot be initialized.\n");
+			exit(EXIT_FAILURE);
+		}
+	} else {
+		fprintf(stderr,
+			 "Error: SWUpdate is built for asym encrypted images, provide a recipient key pair.\n");
+		exit(EXIT_FAILURE);
+	}
+#else
 	/*
 	 * If an AES key is passed, load it to allow
 	 * to decrypt images
@@ -853,6 +888,7 @@  int main(int argc, char **argv)
 			exit(EXIT_FAILURE);
 		}
 	}
+#endif
 
 	lua_handlers_init();
 
diff --git a/examples/configuration/swupdate.cfg b/examples/configuration/swupdate.cfg
index 8b8a6b1..8e2c8cb 100644
--- a/examples/configuration/swupdate.cfg
+++ b/examples/configuration/swupdate.cfg
@@ -25,6 +25,9 @@ 
 # aes-key-file		: string
 #			  file containing the symmetric key for
 #			  image decryption
+# recip-keypair		: string
+#			  file containing the key pair (private key and cert) in PEM for
+#			  asymmetric image decryption
 # preupdatecmd		: string
 #			  command to be executed right before the update
 #			  is installed
diff --git a/include/swupdate.h b/include/swupdate.h
index c1f86b3..cdfb971 100644
--- a/include/swupdate.h
+++ b/include/swupdate.h
@@ -57,6 +57,7 @@  struct swupdate_cfg {
 	char output[SWUPDATE_GENERAL_STRING_SIZE];
 	char publickeyfname[SWUPDATE_GENERAL_STRING_SIZE];
 	char aeskeyfname[SWUPDATE_GENERAL_STRING_SIZE];
+	char recipkeypairfname[SWUPDATE_GENERAL_STRING_SIZE];
 	char postupdatecmd[SWUPDATE_GENERAL_STRING_SIZE];
 	char preupdatecmd[SWUPDATE_GENERAL_STRING_SIZE];
 	char minimum_version[SWUPDATE_GENERAL_STRING_SIZE];