[PATCH 2/2] u-boot: fit: add support to decrypt fit with aes
Philippe Reynes
philippe.reynes at softathome.com
Wed Dec 18 18:25:42 CET 2019
This commit add to u-boot the support to decrypt
fit image encrypted with aes. The FIT image contains
the key name and the IV name. Then u-boot look for
the key and IV in his device tree and decrypt images
before moving to the next stage.
Signed-off-by: Philippe Reynes <philippe.reynes at softathome.com>
---
common/image-cipher.c | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++
common/image-fit.c | 63 ++++++++++++++++++++++++++++++
include/image.h | 12 ++++++
include/u-boot/aes.h | 13 +++++++
lib/Makefile | 1 +
lib/aes/Makefile | 5 +++
lib/aes/aes-decrypt.c | 41 ++++++++++++++++++++
tools/Makefile | 2 +-
8 files changed, 240 insertions(+), 1 deletion(-)
create mode 100644 lib/aes/Makefile
create mode 100644 lib/aes/aes-decrypt.c
diff --git a/common/image-cipher.c b/common/image-cipher.c
index ab8b45b..cee3b03 100644
--- a/common/image-cipher.c
+++ b/common/image-cipher.c
@@ -24,6 +24,7 @@ struct cipher_algo cipher_algos[] = {
.calculate_type = EVP_aes_128_cbc,
#endif
.encrypt = image_aes_encrypt,
+ .decrypt = image_aes_decrypt,
.add_cipher_data = image_aes_add_cipher_data
},
{
@@ -34,6 +35,7 @@ struct cipher_algo cipher_algos[] = {
.calculate_type = EVP_aes_192_cbc,
#endif
.encrypt = image_aes_encrypt,
+ .decrypt = image_aes_decrypt,
.add_cipher_data = image_aes_add_cipher_data
},
{
@@ -44,6 +46,7 @@ struct cipher_algo cipher_algos[] = {
.calculate_type = EVP_aes_256_cbc,
#endif
.encrypt = image_aes_encrypt,
+ .decrypt = image_aes_decrypt,
.add_cipher_data = image_aes_add_cipher_data
}
};
@@ -61,3 +64,104 @@ struct cipher_algo *image_get_cipher_algo(const char *full_name)
return NULL;
}
+
+static int fit_image_setup_decrypt(struct image_cipher_info *info,
+ const void *fit, int image_noffset,
+ int cipher_noffset)
+{
+ const void *fdt = gd_fdt_blob();
+ const char *node_name;
+ char node_path[128];
+ int noffset;
+ char *algo_name;
+ int ret;
+
+ node_name = fit_get_name(fit, image_noffset, NULL);
+ if (!node_name) {
+ printf("Can't get node name\n");
+ return -1;
+ }
+
+ if (fit_image_cipher_get_algo(fit, cipher_noffset, &algo_name)) {
+ printf("Can't get algo name for cipher '%s' in image '%s'\n",
+ node_name, node_name);
+ return -1;
+ }
+
+ info->keyname = fdt_getprop(fit, cipher_noffset, "key-name-hint", NULL);
+ if (!info->keyname) {
+ printf("Can't get key name\n");
+ return -1;
+ }
+
+ info->ivname = fdt_getprop(fit, cipher_noffset, "iv-name-hint", NULL);
+ if (!info->ivname) {
+ printf("Can't get IV name\n");
+ return -1;
+ }
+
+ info->fit = fit;
+ info->node_noffset = image_noffset;
+ info->name = algo_name;
+ info->cipher = image_get_cipher_algo(algo_name);
+ if (!info->cipher) {
+ printf("Can't get cipher\n");
+ return -1;
+ }
+
+ ret = fit_image_get_data_size_unciphered(fit, image_noffset,
+ &info->size_unciphered);
+ if (ret) {
+ printf("Can't get size of unciphered data\n");
+ return -1;
+ }
+
+ /*
+ * Search the cipher node in the u-boot fdt
+ * the path should be: /cipher/key-<algo>-<key>-<iv>
+ */
+ snprintf(node_path, sizeof(node_path), "/%s/key-%s-%s-%s",
+ FIT_CIPHER_NODENAME, algo_name, info->keyname, info->ivname);
+
+ noffset = fdt_path_offset(fdt, node_path);
+ if (noffset < 0) {
+ printf("Can't found cipher node offset\n");
+ return -1;
+ }
+
+ /* read key */
+ info->key = fdt_getprop(fdt, noffset, "key", NULL);
+ if (!info->key) {
+ printf("Can't get key in cipher node '%s'\n", node_path);
+ return -1;
+ }
+
+ /* read iv */
+ info->iv = fdt_getprop(fdt, noffset, "iv", NULL);
+ if (!info->iv) {
+ printf("Can't get IV in cipher node '%s'\n", node_path);
+ return -1;
+ }
+
+ return 0;
+}
+
+int fit_image_decrypt_data(const void *fit,
+ int image_noffset, int cipher_noffset,
+ const void *data_ciphered, size_t size_ciphered,
+ void **data_unciphered, size_t *size_unciphered)
+{
+ struct image_cipher_info info;
+ int ret;
+
+ ret = fit_image_setup_decrypt(&info, fit, image_noffset,
+ cipher_noffset);
+ if (ret < 0)
+ goto out;
+
+ ret = info.cipher->decrypt(&info, data_ciphered, size_ciphered,
+ data_unciphered, size_unciphered);
+
+ out:
+ return ret;
+}
diff --git a/common/image-fit.c b/common/image-fit.c
index a06760e..03042f3 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -948,6 +948,31 @@ int fit_image_get_data_size(const void *fit, int noffset, int *data_size)
}
/**
+ * Get 'data-size-unciphered' property from a given image node.
+ *
+ * @fit: pointer to the FIT image header
+ * @noffset: component image node offset
+ * @data_size: holds the data-size property
+ *
+ * returns:
+ * 0, on success
+ * -ENOENT if the property could not be found
+ */
+int fit_image_get_data_size_unciphered(const void *fit, int noffset,
+ size_t *data_size)
+{
+ const fdt32_t *val;
+
+ val = fdt_getprop(fit, noffset, "data-size-unciphered", NULL);
+ if (!val)
+ return -ENOENT;
+
+ *data_size = (size_t)fdt32_to_cpu(*val);
+
+ return 0;
+}
+
+/**
* fit_image_get_data_and_size - get data and its size including
* both embedded and external data
* @fit: pointer to the FIT format image header
@@ -1381,6 +1406,32 @@ int fit_all_image_verify(const void *fit)
return 1;
}
+#ifdef CONFIG_FIT_CIPHER
+static int fit_image_uncipher(const void *fit, int image_noffset,
+ void **data, size_t *size)
+{
+ int cipher_noffset, ret;
+ void *dst;
+ size_t size_dst;
+
+ cipher_noffset = fdt_subnode_offset(fit, image_noffset,
+ FIT_CIPHER_NODENAME);
+ if (cipher_noffset < 0)
+ return 0;
+
+ ret = fit_image_decrypt_data(fit, image_noffset, cipher_noffset,
+ *data, *size, &dst, &size_dst);
+ if (ret)
+ goto out;
+
+ *data = dst;
+ *size = size_dst;
+
+ out:
+ return ret;
+}
+#endif /* CONFIG_FIT_CIPHER */
+
/**
* fit_image_check_os - check whether image node is of a given os type
* @fit: pointer to the FIT format image header
@@ -1980,6 +2031,18 @@ int fit_image_load(bootm_headers_t *images, ulong addr,
return -ENOENT;
}
+#ifdef CONFIG_FIT_CIPHER
+ /* Decrypt data before uncompress/move */
+ if (IMAGE_ENABLE_DECRYPT) {
+ puts(" Decrypting Data ... ");
+ if (fit_image_uncipher(fit, noffset, &buf, &size)) {
+ puts("Error\n");
+ return -EACCES;
+ }
+ puts("OK\n");
+ }
+#endif
+
#if !defined(USE_HOSTCC) && defined(CONFIG_FIT_IMAGE_POST_PROCESS)
/* perform any post-processing on the image data */
board_fit_image_post_process(&buf, &size);
diff --git a/include/image.h b/include/image.h
index 14a9a5b..b9667d8 100644
--- a/include/image.h
+++ b/include/image.h
@@ -1022,6 +1022,8 @@ int fit_image_get_data_offset(const void *fit, int noffset, int *data_offset);
int fit_image_get_data_position(const void *fit, int noffset,
int *data_position);
int fit_image_get_data_size(const void *fit, int noffset, int *data_size);
+int fit_image_get_data_size_unciphered(const void *fit, int noffset,
+ size_t *data_size);
int fit_image_get_data_and_size(const void *fit, int noffset,
const void **data, size_t *size);
@@ -1065,6 +1067,7 @@ int fit_image_verify_with_data(const void *fit, int image_noffset,
int fit_image_verify(const void *fit, int noffset);
int fit_config_verify(const void *fit, int conf_noffset);
int fit_all_image_verify(const void *fit);
+int fit_config_decrypt(const void *fit, int conf_noffset);
int fit_image_check_os(const void *fit, int noffset, uint8_t os);
int fit_image_check_arch(const void *fit, int noffset, uint8_t arch);
int fit_image_check_type(const void *fit, int noffset, uint8_t type);
@@ -1292,6 +1295,11 @@ int fit_image_verify_required_sigs(const void *fit, int image_noffset,
int fit_image_check_sig(const void *fit, int noffset, const void *data,
size_t size, int required_keynode, char **err_msgp);
+int fit_image_decrypt_data(const void *fit,
+ int image_noffset, int cipher_noffset,
+ const void *data, size_t size,
+ void **data_unciphered, size_t *size_unciphered);
+
/**
* fit_region_make_list() - Make a list of regions to hash
*
@@ -1366,6 +1374,10 @@ struct cipher_algo {
int (*add_cipher_data)(struct image_cipher_info *info,
void *keydest);
+
+ int (*decrypt)(struct image_cipher_info *info,
+ const void *cipher, size_t cipher_len,
+ void **data, size_t *data_len);
};
int fit_image_cipher_get_algo(const void *fit, int noffset, char **algo);
diff --git a/include/u-boot/aes.h b/include/u-boot/aes.h
index 4fb2cb7..3228104 100644
--- a/include/u-boot/aes.h
+++ b/include/u-boot/aes.h
@@ -28,4 +28,17 @@ int image_aes_add_cipher_data(struct image_cipher_info *info, void *keydest)
}
#endif /* IMAGE_ENABLE_ENCRYPT */
+#if IMAGE_ENABLE_DECRYPT
+int image_aes_decrypt(struct image_cipher_info *info,
+ const void *cipher, size_t cipher_len,
+ void **data, size_t *size);
+#else
+int image_aes_decrypt(struct image_cipher_info *info,
+ const void *cipher, size_t cipher_len,
+ void **data, size_t *size)
+{
+ return -ENXIO;
+}
+#endif /* IMAGE_ENABLE_DECRYPT */
+
#endif
diff --git a/lib/Makefile b/lib/Makefile
index 1fb650c..70e6879 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -21,6 +21,7 @@ obj-$(CONFIG_ASN1_DECODER) += asn1_decoder.o
obj-y += crypto/
obj-$(CONFIG_AES) += aes.o
+obj-$(CONFIG_AES) += aes/
ifndef API_BUILD
ifneq ($(CONFIG_UT_UNICODE)$(CONFIG_EFI_LOADER),)
diff --git a/lib/aes/Makefile b/lib/aes/Makefile
new file mode 100644
index 0000000..daed52a
--- /dev/null
+++ b/lib/aes/Makefile
@@ -0,0 +1,5 @@
+# SPDX-License-Identifier: GPL-2.0+
+#
+# Copyright (c) 2019, Softathome
+
+obj-$(CONFIG_$(SPL_)FIT_CIPHER) += aes-decrypt.o
diff --git a/lib/aes/aes-decrypt.c b/lib/aes/aes-decrypt.c
new file mode 100644
index 0000000..345029f
--- /dev/null
+++ b/lib/aes/aes-decrypt.c
@@ -0,0 +1,41 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Copyright (c) 2019, softathome
+ */
+
+#ifndef USE_HOSTCC
+#include <common.h>
+#include <malloc.h>
+#endif
+#include <image.h>
+#include <uboot_aes.h>
+
+int image_aes_decrypt(struct image_cipher_info *info,
+ const void *cipher, size_t cipher_len,
+ void **data, size_t *size)
+{
+#ifndef USE_HOSTCC
+ unsigned char key_exp[AES256_EXPAND_KEY_LENGTH];
+ unsigned int aes_blocks, key_len = info->cipher->key_len;
+
+ *data = malloc(cipher_len);
+ if (!*data) {
+ printf("Can't allocate memory to decrypt\n");
+ return -ENOMEM;
+ }
+ *size = info->size_unciphered;
+
+ memcpy(&key_exp[0], info->key, key_len);
+
+ /* First we expand the key. */
+ aes_expand_key((u8 *)info->key, key_len, key_exp);
+
+ /* Calculate the number of AES blocks to encrypt. */
+ aes_blocks = DIV_ROUND_UP(cipher_len, AES_BLOCK_LENGTH);
+
+ aes_cbc_decrypt_blocks(key_len, key_exp, (u8 *)info->iv,
+ (u8 *)cipher, *data, aes_blocks);
+#endif
+
+ return 0;
+}
diff --git a/tools/Makefile b/tools/Makefile
index 051127a..99be724 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -77,7 +77,7 @@ RSA_OBJS-$(CONFIG_FIT_SIGNATURE) := $(addprefix lib/rsa/, \
rsa-mod-exp.o)
AES_OBJS-$(CONFIG_FIT_CIPHER) := $(addprefix lib/aes/, \
- aes-encrypt.o)
+ aes-encrypt.o aes-decrypt.o)
ROCKCHIP_OBS = lib/rc4.o rkcommon.o rkimage.o rksd.o rkspi.o
--
2.7.4
More information about the U-Boot
mailing list