From patchwork Fri Nov 5 16:17:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Harshvardhan Patel X-Patchwork-Id: 1551592 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=KPwAYZdC; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HmFtZ4vW9z9sPf for ; Sat, 6 Nov 2021 09:44:20 +1100 (AEDT) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id F40CF83246; Fri, 5 Nov 2021 23:44:08 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="KPwAYZdC"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 8BFCE836C4; Fri, 5 Nov 2021 17:17:36 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,HTML_MESSAGE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x336.google.com (mail-ot1-x336.google.com [IPv6:2607:f8b0:4864:20::336]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id A900B834CF for ; Fri, 5 Nov 2021 17:17:32 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=harshvardhan1621@gmail.com Received: by mail-ot1-x336.google.com with SMTP id r10-20020a056830448a00b0055ac7767f5eso13782953otv.3 for ; Fri, 05 Nov 2021 09:17:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=8dv+y1mqiW0M6kZACKsI71vXwpk38cheMaG/lPFPU00=; b=KPwAYZdCL30UORAiEY1FMHaxEiG+WJtiAyM1mJfzAOQESF1Ca+YuavOl+gzev8vLRt xoHm8djFx1e9EPR8VR6cKj5MjzBPigFTEiGoJUFP5lHVkAjawCg/aHtmo74OLN3PbUdA vMJAcophLd60hBY84ybwCqgelRW27hGWL2uE3p0wcmRFuL2ThfmtiHX0ki3mSr89eNkM S0KwmK4IuveRwaqVd1MUFa5WWnMb1oDlCswlnzIt8JrT4x9EP11T51Ye++Ijg9XbeZny RwwqFsFQoIcjI2I6ZpmwNBilmYlQWUgG1cMOnPswEDyXV993BUbHNQUz5c1xEYFu4iRR jQsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=8dv+y1mqiW0M6kZACKsI71vXwpk38cheMaG/lPFPU00=; b=XCt1cINlW7BUYGq+lCZMqeKUEb0+zLlJs6FLIh4lP51r4/6zjn2s0YdJtoF4g905os NImpCYeeVQdISR014PgwXK8nBloRaW+EPhb9ARBWNzRWGnmLLyi0XCKmCFxSlia+mb2Q lfvv5LKXHRYVJCARD/FV7A81jFqouHrXmu35es5dzMk/3wUphzBL3DORVIKK6fTHg9dh W6O52Fhutk9gTkf6PSj05fbZbdU2SalPX2wnOJw7g+cz4OOU93QadGe3eNADZm6VZGag 0QoWDWEs6Za2a32k2Zq/C0MUMVPw5E6s479o0p7YpVryP8V+RjTA4KNb3ADbP6c++FIA +FsA== X-Gm-Message-State: AOAM531XDOzNEaBw/4d2lYYRsofxjpMHZY0uqhMGHuF0CVcgPANt9ezd lFNklK21Je7XauQ+Z+CObLRPVlZ2k6qWMEZCpdKKkbkQYJs= X-Google-Smtp-Source: ABdhPJz38w837jeYqjbe4Nvaz0wHwdZWD2XHHLPfuoGiQ4JNey3L/EHgzPpPSSk3lR1k91ohaERLfkIpaDEZRwgaZcE= X-Received: by 2002:a9d:1986:: with SMTP id k6mr40009201otk.189.1636129049832; Fri, 05 Nov 2021 09:17:29 -0700 (PDT) MIME-Version: 1.0 From: Harshvardhan Patel Date: Fri, 5 Nov 2021 21:47:17 +0530 Message-ID: Subject: Allow FIT Image Signature Verification to use RSA Public Key specified in DER Format To: u-boot@lists.denx.de X-Mailman-Approved-At: Fri, 05 Nov 2021 23:44:07 +0100 X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Hi All, I have been able to get the FIT Image Signature verification running on a Raspberry Pi 4 Model B by following the documentation here: https://source.denx.de/u-boot/u-boot/-/blob/master/doc/uImage.FIT/beaglebone_vboot.txt. The public key, as the doc states, is stored in the Control FDT. The signature algorithm I'm using is RSA 2048 with SHA256. I am aware the following step: $ mkimage -f sign.its -K bcm2711-rpi-4-pubkey.dtb -k keys -r image.fit Will store the Public key information in the DTB as different components split up into: rsa,r-squaredrsa,modulusrsa,n0-inversersa,num-bits However, I was wondering if I can directly use a certificate generated in the following steps for FIT Image verification: $ openssl genrsa -F4 -out keys/dev.key 2048$ openssl req -batch -new -x509 -key keys/dev.key -out keys/dev.crt When reading through the code, it seems that the structure "image_sign_info" (defined in include/image.h) would allow for Public key to be specified in DER format: const void *key; /* Pointer to public key in DER */ So I did the following steps to convert the dev.crt Certificate to DER format: $ openssl x509 -in ./keys/dev.crt -out dev.der -outform DER Then I took the Hexdump of dev.der (Public Key in DER Format): $ xxd -g 1 -u dev.der | cut -c -57 # Hexdump of the public key in DER format And applied the following diff: However, on applying the above changes, the rsa_verify_with_pkey function fails with error code -74. While I am aware that the above is probably not the best way to go about enabling FIT signature verification using a Pub Key in DER format, it will be very helpful if I can receive pointers on how to achieve this. Please let me know if there is some other way in which I should be passing my Public Key in DER format for FIT Image Signature Verification. diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index 83f7564101..3e60dc6b50 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -499,7 +499,11 @@ int rsa_verify_hash(struct image_sign_info *info, { int ret = -EACCES; - if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY) && !info->fdt_blob) { + // Der Format Public Key + char pub_key_der[] = {0x30, 0x82, .... 0x2F}; # <-------------- Hardcoded the DER Pub Key here + + info->key = pub_key_der; + if (CONFIG_IS_ENABLED(RSA_VERIFY_WITH_PKEY)) { /* don't rely on fdt properties */ ret = rsa_verify_with_pkey(info, hash, sig, sig_len);