From patchwork Fri Feb 21 06:12:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: AKASHI Takahiro X-Patchwork-Id: 1241900 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=EdmNdSOx; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48P1P554YWz9sPk for ; Fri, 21 Feb 2020 17:13:45 +1100 (AEDT) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id E3FD381941; Fri, 21 Feb 2020 07:13:15 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="EdmNdSOx"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 780AF81926; Fri, 21 Feb 2020 07:13:09 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x544.google.com (mail-pg1-x544.google.com [IPv6:2607:f8b0:4864:20::544]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 4984A81941 for ; Fri, 21 Feb 2020 07:13:03 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=takahiro.akashi@linaro.org Received: by mail-pg1-x544.google.com with SMTP id z7so445766pgk.7 for ; Thu, 20 Feb 2020 22:13:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=u1iViD7fS9rGq11tunLkNRAbPDQg/z/fY+kzVH3BYHU=; b=EdmNdSOxGe/jAOmFNETsv3QeI24M49eyJbcLQQK6hsChT1YZdBDqd3OaZTDlPFTk+v NvMA10ywjckwlcSE+tVJiW7yJ23h4SurtpPi1nfhiIV3zSWgefdRnlQauE+PFasbAioS b5e469rbbim8yiJ7yYTbAh/NFtP4Tg8p+BMo27Bdi4JPc9Q2RFomZFkdmqZ2HtmSD2aM AN58DRjY6ZJyN4rgsEdZtPVuHKvH2VH4gt1Wwprpe9d5bfgntRznhSs/4xEi6WFzmqvh 0S7I5mz8VAqjcMLFgitF25gLCPjJyCRacUhOZ3ES3QiZwq+sIzVQqyduiWUlYoAi0/dt d5ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=u1iViD7fS9rGq11tunLkNRAbPDQg/z/fY+kzVH3BYHU=; b=MdaYQNebOaMdUzgydQiU32mr2CSMX554s37gjYo00uZA/FMKRe3kNJENlMgMPF+Nsb 5/Wro1PDZkP631gP0EniG/iULTCEdOMD3n9Q6DQPQgq58JY0KmSqBoyKL5Z7soRTLvI4 4tlL2cRqw5nSOenwfZXyjz3veLvNvfNRNEiss/dTC8ksQK6t3A0xqp6TRQym9+dQy4/S bcmoSResjkomqHyrlrsOh1LWV8w1Y6W7RjaKgfI6x+DoL7qjbbafCGn1iDEHVpa/swND 0mA6P27+2LNue4i4U3TcMeTX6rnZr6PU7hadvCqBs6NsF3tYhqnLnzXe1SzvgAwuJwuc h5gQ== X-Gm-Message-State: APjAAAUiH7Lz9cvqgTc6//6NOFsljzuYF/TYb/GZWfBFF3nykvXVISII aTYEWMlQg3cxR7/aBu6Mf7DoCA== X-Google-Smtp-Source: APXvYqzaGbPwxtvHsk3aFHslGl8EXVrQgEaBfWaTxRi9v7puNagqwajd+wB47LhGIFvLsS57WbqDyQ== X-Received: by 2002:a63:ed16:: with SMTP id d22mr9683655pgi.314.1582265581833; Thu, 20 Feb 2020 22:13:01 -0800 (PST) Received: from linaro.org ([121.95.100.191]) by smtp.googlemail.com with ESMTPSA id o19sm5043528pjr.2.2020.02.20.22.13.00 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Thu, 20 Feb 2020 22:13:01 -0800 (PST) From: AKASHI Takahiro To: trini@konsulko.com, sjg@chromium.org, xypron.glpk@gmx.de, agraf@csgraf.de Cc: ilias.apalodimas@linaro.org, mail@patrick-wildt.de, u-boot@lists.denx.de, AKASHI Takahiro Subject: [PATCH v7 5/7] lib: rsa: add rsa_verify_with_pkey() Date: Fri, 21 Feb 2020 15:12:59 +0900 Message-Id: <20200221061301.19660-6-takahiro.akashi@linaro.org> X-Mailer: git-send-email 2.24.0 In-Reply-To: <20200221061301.19660-1-takahiro.akashi@linaro.org> References: <20200221061301.19660-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.30rc1 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.102.2 at phobos.denx.de X-Virus-Status: Clean This function, and hence rsa_verify(), will perform RSA verification with two essential parameters for a RSA public key in contract of rsa_verify_with_keynode(), which requires additional three parameters stored in FIT image. It will be used in implementing UEFI secure boot, i.e. image authentication and variable authentication. Signed-off-by: AKASHI Takahiro Reviewed-by: Simon Glass --- lib/rsa/rsa-verify.c | 65 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 3dd30c8b8bc7..80e817314b58 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -18,9 +18,22 @@ #include "mkimage.h" #include #endif +#include #include #include +#ifndef __UBOOT__ +/* + * NOTE: + * Since host tools, like mkimage, make use of openssl library for + * RSA encryption, rsa_verify_with_pkey()/rsa_gen_key_prop() are + * of no use and should not be compiled in. + * So just turn off CONFIG_RSA_VERIFY_WITH_PKEY. + */ + +#undef CONFIG_RSA_VERIFY_WITH_PKEY +#endif + /* Default public exponent for backward compatibility */ #define RSA_DEFAULT_PUBEXP 65537 @@ -271,7 +284,7 @@ out: } #endif -#if CONFIG_IS_ENABLED(FIT_SIGNATURE) +#if CONFIG_IS_ENABLED(FIT_SIGNATURE) || IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY) /** * rsa_verify_key() - Verify a signature against some data using RSA Key * @@ -345,6 +358,49 @@ static int rsa_verify_key(struct image_sign_info *info, } #endif +#ifdef CONFIG_RSA_VERIFY_WITH_PKEY +/** + * rsa_verify_with_pkey() - Verify a signature against some data using + * only modulus and exponent as RSA key properties. + * @info: Specifies key information + * @hash: Pointer to the expected hash + * @sig: Signature + * @sig_len: Number of bytes in signature + * + * Parse a RSA public key blob in DER format pointed to in @info and fill + * a key_prop structure with properties of the key. Then verify a RSA PKCS1.5 + * signature against an expected hash using the calculated properties. + * + * Return 0 if verified, -ve on error + */ +static int rsa_verify_with_pkey(struct image_sign_info *info, + const void *hash, uint8_t *sig, uint sig_len) +{ + struct key_prop *prop; + int ret; + + /* Public key is self-described to fill key_prop */ + ret = rsa_gen_key_prop(info->key, info->keylen, &prop); + if (ret) { + debug("Generating necessary parameter for decoding failed\n"); + return ret; + } + + ret = rsa_verify_key(info, prop, sig, sig_len, hash, + info->crypto->key_len); + + rsa_free_key_prop(prop); + + return ret; +} +#else +static int rsa_verify_with_pkey(struct image_sign_info *info, + const void *hash, uint8_t *sig, uint sig_len) +{ + return -EACCES; +} +#endif + #if CONFIG_IS_ENABLED(FIT_SIGNATURE) /** * rsa_verify_with_keynode() - Verify a signature against some data using @@ -435,6 +491,13 @@ int rsa_verify(struct image_sign_info *info, return -EINVAL; } + if (IS_ENABLED(CONFIG_RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) { + /* don't rely on fdt properties */ + ret = rsa_verify_with_pkey(info, hash, sig, sig_len); + + return ret; + } + if (CONFIG_IS_ENABLED(FIT_SIGNATURE)) { const void *blob = info->fdt_blob; int ndepth, noffset;