image: Support signing of images
authorSimon Glass <sjg@chromium.org>
Thu, 13 Jun 2013 22:10:01 +0000 (15:10 -0700)
committerTom Rini <trini@ti.com>
Wed, 26 Jun 2013 14:18:56 +0000 (10:18 -0400)
Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.

Signed-off-by: Simon Glass <sjg@chromium.org>
common/image-fit.c
common/image-sig.c
doc/uImage.FIT/sign-images.its [new file with mode: 0644]
include/image.h
tools/fit_image.c
tools/image-host.c

index f40f1603f316b277646afb26bd1d9ee19b9adc14..b75e119d930e5d70d6ac703f70bbef50687ee21d 100644 (file)
@@ -234,42 +234,45 @@ void fit_print_contents(const void *fit)
  * @fit: pointer to the FIT format image header
  * @noffset: offset of the hash node
  * @p: pointer to prefix string
+ * @type: Type of information to print ("hash" or "sign")
  *
  * fit_image_print_data() lists properies for the processed hash node
  *
+ * This function avoid using puts() since it prints a newline on the host
+ * but does not in U-Boot.
+ *
  * returns:
  *     no returned results
  */
-static void fit_image_print_data(const void *fit, int noffset, const char *p)
+static void fit_image_print_data(const void *fit, int noffset, const char *p,
+                                const char *type)
 {
-       char *algo;
+       const char *keyname;
        uint8_t *value;
        int value_len;
-       int i, ret;
-
-       /*
-        * Check subnode name, must be equal to "hash".
-        * Multiple hash nodes require unique unit node
-        * names, e.g. hash@1, hash@2, etc.
-        */
-       if (strncmp(fit_get_name(fit, noffset, NULL),
-                   FIT_HASH_NODENAME,
-                   strlen(FIT_HASH_NODENAME)) != 0)
-               return;
+       char *algo;
+       int required;
+       int ret, i;
 
-       debug("%s  Hash node:    '%s'\n", p,
+       debug("%s  %s node:    '%s'\n", p, type,
              fit_get_name(fit, noffset, NULL));
-
-       printf("%s  Hash algo:    ", p);
+       printf("%s  %s algo:    ", p, type);
        if (fit_image_hash_get_algo(fit, noffset, &algo)) {
                printf("invalid/unsupported\n");
                return;
        }
-       printf("%s\n", algo);
+       printf("%s", algo);
+       keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
+       required = fdt_getprop(fit, noffset, "required", NULL) != NULL;
+       if (keyname)
+               printf(":%s", keyname);
+       if (required)
+               printf(" (required)");
+       printf("\n");
 
        ret = fit_image_hash_get_value(fit, noffset, &value,
                                        &value_len);
-       printf("%s  Hash value:   ", p);
+       printf("%s  %s value:   ", p, type);
        if (ret) {
                printf("unavailable\n");
        } else {
@@ -278,7 +281,18 @@ static void fit_image_print_data(const void *fit, int noffset, const char *p)
                printf("\n");
        }
 
-       debug("%s  Hash len:     %d\n", p, value_len);
+       debug("%s  %s len:     %d\n", p, type, value_len);
+
+       /* Signatures have a time stamp */
+       if (IMAGE_ENABLE_TIMESTAMP && keyname) {
+               time_t timestamp;
+
+               printf("%s  Timestamp:    ", p);
+               if (fit_get_timestamp(fit, noffset, &timestamp))
+                       printf("unavailable\n");
+               else
+                       genimg_print_time(timestamp);
+       }
 }
 
 /**
@@ -303,8 +317,12 @@ static void fit_image_print_verification_data(const void *fit, int noffset,
         * names, e.g. hash@1, hash@2, signature@1, signature@2, etc.
         */
        name = fit_get_name(fit, noffset, NULL);
-       if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME)))
-               fit_image_print_data(fit, noffset, p);
+       if (!strncmp(name, FIT_HASH_NODENAME, strlen(FIT_HASH_NODENAME))) {
+               fit_image_print_data(fit, noffset, p, "Hash");
+       } else if (!strncmp(name, FIT_SIG_NODENAME,
+                               strlen(FIT_SIG_NODENAME))) {
+               fit_image_print_data(fit, noffset, p, "Sign");
+       }
 }
 
 /**
@@ -944,13 +962,23 @@ int fit_image_verify(const void *fit, int image_noffset)
 {
        const void      *data;
        size_t          size;
-       int             noffset;
+       int             noffset = 0;
        char            *err_msg = "";
+       int verify_all = 1;
+       int ret;
 
        /* Get image data and data length */
        if (fit_image_get_data(fit, image_noffset, &data, &size)) {
                err_msg = "Can't get image data/size";
-               return 0;
+               goto error;
+       }
+
+       /* Verify all required signatures */
+       if (IMAGE_ENABLE_VERIFY &&
+           fit_image_verify_required_sigs(fit, image_noffset, data, size,
+                                          gd_fdt_blob(), &verify_all)) {
+               err_msg = "Unable to verify required signature";
+               goto error;
        }
 
        /* Process all hash subnodes of the component image node */
@@ -970,6 +998,15 @@ int fit_image_verify(const void *fit, int image_noffset)
                                                 &err_msg))
                                goto error;
                        puts("+ ");
+               } else if (IMAGE_ENABLE_VERIFY && verify_all &&
+                               !strncmp(name, FIT_SIG_NODENAME,
+                                       strlen(FIT_SIG_NODENAME))) {
+                       ret = fit_image_check_sig(fit, noffset, data,
+                                                       size, -1, &err_msg);
+                       if (ret)
+                               puts("- ");
+                       else
+                               puts("+ ");
                }
        }
 
index 841c662cbfd197f42841b8b5caa26272b00b61a4..9b222daa0fd1dc2fcb90df721cde96f1c8e2f56b 100644 (file)
@@ -22,6 +22,8 @@
 #include <time.h>
 #else
 #include <common.h>
+#include <malloc.h>
+DECLARE_GLOBAL_DATA_PTR;
 #endif /* !USE_HOSTCC*/
 #include <errno.h>
 #include <image.h>
@@ -40,3 +42,145 @@ struct image_sig_algo *image_get_sig_algo(const char *name)
 
        return NULL;
 }
+
+static int fit_image_setup_verify(struct image_sign_info *info,
+               const void *fit, int noffset, int required_keynode,
+               char **err_msgp)
+{
+       char *algo_name;
+
+       if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
+               *err_msgp = "Can't get hash algo property";
+               return -1;
+       }
+       memset(info, '\0', sizeof(*info));
+       info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
+       info->fit = (void *)fit;
+       info->node_offset = noffset;
+       info->algo = image_get_sig_algo(algo_name);
+       info->fdt_blob = gd_fdt_blob();
+       info->required_keynode = required_keynode;
+       printf("%s:%s", algo_name, info->keyname);
+
+       if (!info->algo) {
+               *err_msgp = "Unknown signature algorithm";
+               return -1;
+       }
+
+       return 0;
+}
+
+int fit_image_check_sig(const void *fit, int noffset, const void *data,
+               size_t size, int required_keynode, char **err_msgp)
+{
+       struct image_sign_info info;
+       struct image_region region;
+       uint8_t *fit_value;
+       int fit_value_len;
+
+       *err_msgp = NULL;
+       if (fit_image_setup_verify(&info, fit, noffset, required_keynode,
+                                  err_msgp))
+               return -1;
+
+       if (fit_image_hash_get_value(fit, noffset, &fit_value,
+                                    &fit_value_len)) {
+               *err_msgp = "Can't get hash value property";
+               return -1;
+       }
+
+       region.data = data;
+       region.size = size;
+
+       if (info.algo->verify(&info, &region, 1, fit_value, fit_value_len)) {
+               *err_msgp = "Verification failed";
+               return -1;
+       }
+
+       return 0;
+}
+
+static int fit_image_verify_sig(const void *fit, int image_noffset,
+               const char *data, size_t size, const void *sig_blob,
+               int sig_offset)
+{
+       int noffset;
+       char *err_msg = "";
+       int verified = 0;
+       int ret;
+
+       /* Process all hash subnodes of the component image node */
+       for (noffset = fdt_first_subnode(fit, image_noffset);
+            noffset >= 0;
+            noffset = fdt_next_subnode(fit, noffset)) {
+               const char *name = fit_get_name(fit, noffset, NULL);
+
+               if (!strncmp(name, FIT_SIG_NODENAME,
+                            strlen(FIT_SIG_NODENAME))) {
+                       ret = fit_image_check_sig(fit, noffset, data,
+                                                       size, -1, &err_msg);
+                       if (ret) {
+                               puts("- ");
+                       } else {
+                               puts("+ ");
+                               verified = 1;
+                               break;
+                       }
+               }
+       }
+
+       if (noffset == -FDT_ERR_TRUNCATED || noffset == -FDT_ERR_BADSTRUCTURE) {
+               err_msg = "Corrupted or truncated tree";
+               goto error;
+       }
+
+       return verified ? 0 : -EPERM;
+
+error:
+       printf(" error!\n%s for '%s' hash node in '%s' image node\n",
+              err_msg, fit_get_name(fit, noffset, NULL),
+              fit_get_name(fit, image_noffset, NULL));
+       return -1;
+}
+
+int fit_image_verify_required_sigs(const void *fit, int image_noffset,
+               const char *data, size_t size, const void *sig_blob,
+               int *no_sigsp)
+{
+       int verify_count = 0;
+       int noffset;
+       int sig_node;
+
+       /* Work out what we need to verify */
+       *no_sigsp = 1;
+       sig_node = fdt_subnode_offset(sig_blob, 0, FIT_SIG_NODENAME);
+       if (sig_node < 0) {
+               debug("%s: No signature node found: %s\n", __func__,
+                     fdt_strerror(sig_node));
+               return 0;
+       }
+
+       for (noffset = fdt_first_subnode(sig_blob, sig_node);
+            noffset >= 0;
+            noffset = fdt_next_subnode(sig_blob, noffset)) {
+               const char *required;
+               int ret;
+
+               required = fdt_getprop(sig_blob, noffset, "required", NULL);
+               if (!required || strcmp(required, "image"))
+                       continue;
+               ret = fit_image_verify_sig(fit, image_noffset, data, size,
+                                       sig_blob, noffset);
+               if (ret) {
+                       printf("Failed to verify required signature '%s'\n",
+                              fit_get_name(sig_blob, noffset, NULL));
+                       return ret;
+               }
+               verify_count++;
+       }
+
+       if (verify_count)
+               *no_sigsp = 0;
+
+       return 0;
+}
diff --git a/doc/uImage.FIT/sign-images.its b/doc/uImage.FIT/sign-images.its
new file mode 100644 (file)
index 0000000..f69326a
--- /dev/null
@@ -0,0 +1,42 @@
+/dts-v1/;
+
+/ {
+       description = "Chrome OS kernel image with one or more FDT blobs";
+       #address-cells = <1>;
+
+       images {
+               kernel@1 {
+                       data = /incbin/("test-kernel.bin");
+                       type = "kernel_noload";
+                       arch = "sandbox";
+                       os = "linux";
+                       compression = "none";
+                       load = <0x4>;
+                       entry = <0x8>;
+                       kernel-version = <1>;
+                       signature@1 {
+                               algo = "sha1,rsa2048";
+                               key-name-hint = "dev";
+                       };
+               };
+               fdt@1 {
+                       description = "snow";
+                       data = /incbin/("sandbox-kernel.dtb");
+                       type = "flat_dt";
+                       arch = "sandbox";
+                       compression = "none";
+                       fdt-version = <1>;
+                       signature@1 {
+                               algo = "sha1,rsa2048";
+                               key-name-hint = "dev";
+                       };
+               };
+       };
+       configurations {
+               default = "conf@1";
+               conf@1 {
+                       kernel = "kernel@1";
+                       fdt = "fdt@1";
+               };
+       };
+};
index 3f6168285c979c23dfcd8e536d7082c6ea5ac84c..da7b9a04f1e3414af183e2e4265dcba8dfb02712 100644 (file)
@@ -766,12 +766,26 @@ int fit_image_hash_get_value(const void *fit, int noffset, uint8_t **value,
 int fit_set_timestamp(void *fit, int noffset, time_t timestamp);
 
 /**
- * fit_add_verification_data() - Calculate and add hashes to FIT
+ * fit_add_verification_data() - add verification data to FIT image nodes
  *
- * @fit:       Fit image to process
- * @return 0 if ok, <0 for error
+ * @keydir:    Directory containing keys
+ * @kwydest:   FDT blob to write public key information to
+ * @fit:       Pointer to the FIT format image header
+ * @comment:   Comment to add to signature nodes
+ * @require_keys: Mark all keys as 'required'
+ *
+ * Adds hash values for all component images in the FIT blob.
+ * Hashes are calculated for all component images which have hash subnodes
+ * with algorithm property set to one of the supported hash algorithms.
+ *
+ * Also add signatures if signature nodes are present.
+ *
+ * returns
+ *     0, on success
+ *     libfdt error code, on failure
  */
-int fit_add_verification_data(void *fit);
+int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
+                             const char *comment, int require_keys);
 
 int fit_image_verify(const void *fit, int noffset);
 int fit_config_verify(const void *fit, int conf_noffset);
@@ -914,6 +928,43 @@ struct image_sig_algo {
  */
 struct image_sig_algo *image_get_sig_algo(const char *name);
 
+/**
+ * fit_image_verify_required_sigs() - Verify signatures marked as 'required'
+ *
+ * @fit:               FIT to check
+ * @image_noffset:     Offset of image node to check
+ * @data:              Image data to check
+ * @size:              Size of image data
+ * @sig_blob:          FDT containing public keys
+ * @no_sigsp:          Returns 1 if no signatures were required, and
+ *                     therefore nothing was checked. The caller may wish
+ *                     to fall back to other mechanisms, or refuse to
+ *                     boot.
+ * @return 0 if all verified ok, <0 on error
+ */
+int fit_image_verify_required_sigs(const void *fit, int image_noffset,
+               const char *data, size_t size, const void *sig_blob,
+               int *no_sigsp);
+
+/**
+ * fit_image_check_sig() - Check a single image signature node
+ *
+ * @fit:               FIT to check
+ * @noffset:           Offset of signature node to check
+ * @data:              Image data to check
+ * @size:              Size of image data
+ * @required_keynode:  Offset in the control FDT of the required key node,
+ *                     if any. If this is given, then the image wil not
+ *                     pass verification unless that key is used. If this is
+ *                     -1 then any signature will do.
+ * @err_msgp:          In the event of an error, this will be pointed to a
+ *                     help error string to display to the user.
+ * @return 0 if all verified ok, <0 on error
+ */
+int fit_image_check_sig(const void *fit, int noffset, const void *data,
+               size_t size, int required_keynode, char **err_msgp);
+
+
 static inline int fit_image_check_target_arch(const void *fdt, int node)
 {
        return fit_image_check_arch(fdt, node, IH_ARCH_DEFAULT);
index cc123dd37adf81996346e7f776f72f21dee8f4f8..ef6ef44dc9de9558f0d1348eca5ee29e22d2e057 100644 (file)
@@ -137,7 +137,7 @@ static int fit_handle_file (struct mkimage_params *params)
                goto err_mmap;
 
        /* set hashes for images in the blob */
-       if (fit_add_verification_data(ptr)) {
+       if (fit_add_verification_data(NULL, NULL, ptr, NULL, 0)) {
                fprintf (stderr, "%s Can't add hashes to FIT blob",
                                params->cmdname);
                goto err_add_hashes;
index d944d0ff4e3cc1f2363b9e5fce2653ee986e0607..7aebc2903b3b7ad6e482f22fb451e7d137256d90 100644 (file)
  */
 
 #include "mkimage.h"
-#include <bootstage.h>
 #include <image.h>
-#include <sha1.h>
-#include <time.h>
-#include <u-boot/crc.h>
-#include <u-boot/md5.h>
+#include <version.h>
 
 /**
  * fit_set_hash_value - set hash value in requested has node
@@ -108,9 +104,165 @@ static int fit_image_process_hash(void *fit, const char *image_name,
 }
 
 /**
- * fit_image_add_verification_data() - calculate/set hash data for image node
+ * fit_image_write_sig() - write the signature to a FIT
  *
- * This adds hash values for a component image node.
+ * This writes the signature and signer data to the FIT.
+ *
+ * @fit: pointer to the FIT format image header
+ * @noffset: hash node offset
+ * @value: signature value to be set
+ * @value_len: signature value length
+ * @comment: Text comment to write (NULL for none)
+ *
+ * returns
+ *     0, on success
+ *     -FDT_ERR_..., on failure
+ */
+static int fit_image_write_sig(void *fit, int noffset, uint8_t *value,
+               int value_len, const char *comment, const char *region_prop,
+               int region_proplen)
+{
+       int string_size;
+       int ret;
+
+       /*
+        * Get the current string size, before we update the FIT and add
+        * more
+        */
+       string_size = fdt_size_dt_strings(fit);
+
+       ret = fdt_setprop(fit, noffset, FIT_VALUE_PROP, value, value_len);
+       if (!ret) {
+               ret = fdt_setprop_string(fit, noffset, "signer-name",
+                                        "mkimage");
+       }
+       if (!ret) {
+               ret = fdt_setprop_string(fit, noffset, "signer-version",
+                                 PLAIN_VERSION);
+       }
+       if (comment && !ret)
+               ret = fdt_setprop_string(fit, noffset, "comment", comment);
+       if (!ret)
+               ret = fit_set_timestamp(fit, noffset, time(NULL));
+       if (region_prop && !ret) {
+               uint32_t strdata[2];
+
+               ret = fdt_setprop(fit, noffset, "hashed-nodes",
+                                  region_prop, region_proplen);
+               strdata[0] = 0;
+               strdata[1] = cpu_to_fdt32(string_size);
+               if (!ret) {
+                       ret = fdt_setprop(fit, noffset, "hashed-strings",
+                                         strdata, sizeof(strdata));
+               }
+       }
+
+       return ret;
+}
+
+static int fit_image_setup_sig(struct image_sign_info *info,
+               const char *keydir, void *fit, const char *image_name,
+               int noffset, const char *require_keys)
+{
+       const char *node_name;
+       char *algo_name;
+
+       node_name = fit_get_name(fit, noffset, NULL);
+       if (fit_image_hash_get_algo(fit, noffset, &algo_name)) {
+               printf("Can't get algo property for '%s' signature node in '%s' image node\n",
+                      node_name, image_name);
+               return -1;
+       }
+
+       memset(info, '\0', sizeof(*info));
+       info->keydir = keydir;
+       info->keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
+       info->fit = fit;
+       info->node_offset = noffset;
+       info->algo = image_get_sig_algo(algo_name);
+       info->require_keys = require_keys;
+       if (!info->algo) {
+               printf("Unsupported signature algorithm (%s) for '%s' signature node in '%s' image node\n",
+                      algo_name, node_name, image_name);
+               return -1;
+       }
+
+       return 0;
+}
+
+/**
+ * fit_image_process_sig- Process a single subnode of the images/ node
+ *
+ * Check each subnode and process accordingly. For signature nodes we
+ * generate a signed hash of the supplised data and store it in the node.
+ *
+ * @keydir:    Directory containing keys to use for signing
+ * @keydest:   Destination FDT blob to write public keys into
+ * @fit:       pointer to the FIT format image header
+ * @image_name:        name of image being processes (used to display errors)
+ * @noffset:   subnode offset
+ * @data:      data to process
+ * @size:      size of data in bytes
+ * @comment:   Comment to add to signature nodes
+ * @require_keys: Mark all keys as 'required'
+ * @return 0 if ok, -1 on error
+ */
+static int fit_image_process_sig(const char *keydir, void *keydest,
+               void *fit, const char *image_name,
+               int noffset, const void *data, size_t size,
+               const char *comment, int require_keys)
+{
+       struct image_sign_info info;
+       struct image_region region;
+       const char *node_name;
+       uint8_t *value;
+       uint value_len;
+       int ret;
+
+       if (fit_image_setup_sig(&info, keydir, fit, image_name, noffset,
+                               require_keys ? "image" : NULL))
+               return -1;
+
+       node_name = fit_get_name(fit, noffset, NULL);
+       region.data = data;
+       region.size = size;
+       ret = info.algo->sign(&info, &region, 1, &value, &value_len);
+       if (ret) {
+               printf("Failed to sign '%s' signature node in '%s' image node: %d\n",
+                      node_name, image_name, ret);
+
+               /* We allow keys to be missing */
+               if (ret == -ENOENT)
+                       return 0;
+               return -1;
+       }
+
+       ret = fit_image_write_sig(fit, noffset, value, value_len, comment,
+                       NULL, 0);
+       if (ret) {
+               printf("Can't write signature for '%s' signature node in '%s' image node: %s\n",
+                      node_name, image_name, fdt_strerror(ret));
+               return -1;
+       }
+       free(value);
+
+       /* Get keyname again, as FDT has changed and invalidated our pointer */
+       info.keyname = fdt_getprop(fit, noffset, "key-name-hint", NULL);
+
+       /* Write the public key into the supplied FDT file */
+       if (keydest && info.algo->add_verify_data(&info, keydest)) {
+               printf("Failed to add verification data for '%s' signature node in '%s' image node\n",
+                      node_name, image_name);
+               return -1;
+       }
+
+       return 0;
+}
+
+/**
+ * fit_image_add_verification_data() - calculate/set verig. data for image node
+ *
+ * This adds hash and signature values for an component image node.
  *
  * All existing hash subnodes are checked, if algorithm property is set to
  * one of the supported hash algorithms, hash value is computed and
@@ -133,11 +285,17 @@ static int fit_image_process_hash(void *fit, const char *image_name,
  *
  * For signature details, please see doc/uImage.FIT/signature.txt
  *
+ * @keydir     Directory containing *.key and *.crt files (or NULL)
+ * @keydest    FDT Blob to write public keys into (NULL if none)
  * @fit:       Pointer to the FIT format image header
  * @image_noffset: Requested component image node
+ * @comment:   Comment to add to signature nodes
+ * @require_keys: Mark all keys as 'required'
  * @return: 0 on success, <0 on failure
  */
-int fit_image_add_verification_data(void *fit, int image_noffset)
+int fit_image_add_verification_data(const char *keydir, void *keydest,
+               void *fit, int image_noffset, const char *comment,
+               int require_keys)
 {
        const char *image_name;
        const void *data;
@@ -169,6 +327,12 @@ int fit_image_add_verification_data(void *fit, int image_noffset)
                             strlen(FIT_HASH_NODENAME))) {
                        ret = fit_image_process_hash(fit, image_name, noffset,
                                                data, size);
+               } else if (IMAGE_ENABLE_SIGN && keydir &&
+                          !strncmp(node_name, FIT_SIG_NODENAME,
+                               strlen(FIT_SIG_NODENAME))) {
+                       ret = fit_image_process_sig(keydir, keydest,
+                               fit, image_name, noffset, data, size,
+                               comment, require_keys);
                }
                if (ret)
                        return -1;
@@ -177,7 +341,8 @@ int fit_image_add_verification_data(void *fit, int image_noffset)
        return 0;
 }
 
-int fit_add_verification_data(void *fit)
+int fit_add_verification_data(const char *keydir, void *keydest, void *fit,
+                             const char *comment, int require_keys)
 {
        int images_noffset;
        int noffset;
@@ -199,7 +364,8 @@ int fit_add_verification_data(void *fit)
                 * Direct child node of the images parent node,
                 * i.e. component image node.
                 */
-               ret = fit_image_add_verification_data(fit, noffset);
+               ret = fit_image_add_verification_data(keydir, keydest,
+                               fit, noffset, comment, require_keys);
                if (ret)
                        return ret;
        }