Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / 223c44904d86a14d6c17e73696186c402e9ba958 / . / lib / rsa / rsa-sign.c
blob: 64db1429c169ab5c7729e80602ae7ecb04d33952 [file] [log] [blame]
Tom Rini83d290c2018-05-06 17:58:06 -0400[diff] [blame]1// SPDX-License-Identifier: GPL-2.0+
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]2/*
3 * Copyright (c) 2013, Google Inc.
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]4 */
5
6#include "mkimage.h"
Jonathan Gray0ff042d2020-05-15 22:20:34 +1000[diff] [blame]7#include <stdlib.h>
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]8#include <stdio.h>
9#include <string.h>
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]10#include <image.h>
11#include <time.h>
Alexandru Gagniuc4c17e5f2021-02-19 12:45:11 -0600[diff] [blame]12#include <u-boot/fdt-libcrypto.h>
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]13#include <openssl/bn.h>
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]14#include <openssl/ec.h>
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]15#include <openssl/rsa.h>
16#include <openssl/pem.h>
17#include <openssl/err.h>
18#include <openssl/ssl.h>
19#include <openssl/evp.h>
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]20#include <openssl/engine.h>
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]21
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]22static int rsa_err(const char *msg)
23{
24 unsigned long sslErr = ERR_get_error();
25
26 fprintf(stderr, "%s", msg);
27 fprintf(stderr, ": %s\n",
28 ERR_error_string(sslErr, 0));
29
30 return -1;
31}
32
33/**
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]34 * rsa_pem_get_pub_key() - read a public key from a .crt file
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]35 *
36 * @keydir: Directory containins the key
37 * @name Name of key file (will have a .crt extension)
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]38 * @evpp Returns EVP_PKEY object, or NULL on failure
39 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]40 */
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]41static int rsa_pem_get_pub_key(const char *keydir, const char *name, EVP_PKEY **evpp)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]42{
43 char path[1024];
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]44 EVP_PKEY *key = NULL;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]45 X509 *cert;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]46 FILE *f;
47 int ret;
48
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]49 if (!evpp)
50 return -EINVAL;
51
52 *evpp = NULL;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]53 snprintf(path, sizeof(path), "%s/%s.crt", keydir, name);
54 f = fopen(path, "r");
55 if (!f) {
56 fprintf(stderr, "Couldn't open RSA certificate: '%s': %s\n",
57 path, strerror(errno));
58 return -EACCES;
59 }
60
61 /* Read the certificate */
62 cert = NULL;
63 if (!PEM_read_X509(f, &cert, NULL, NULL)) {
64 rsa_err("Couldn't read certificate");
65 ret = -EINVAL;
66 goto err_cert;
67 }
68
69 /* Get the public key from the certificate. */
70 key = X509_get_pubkey(cert);
71 if (!key) {
72 rsa_err("Couldn't read public key\n");
73 ret = -EINVAL;
74 goto err_pubkey;
75 }
76
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]77 fclose(f);
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]78 *evpp = key;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]79 X509_free(cert);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]80
81 return 0;
82
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]83err_pubkey:
84 X509_free(cert);
85err_cert:
86 fclose(f);
87 return ret;
88}
89
90/**
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]91 * rsa_engine_get_pub_key() - read a public key from given engine
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]92 *
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]93 * @keydir: Key prefix
94 * @name Name of key
95 * @engine Engine to use
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]96 * @evpp Returns EVP_PKEY object, or NULL on failure
97 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]98 */
99static int rsa_engine_get_pub_key(const char *keydir, const char *name,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]100 ENGINE *engine, EVP_PKEY **evpp)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]101{
102 const char *engine_id;
103 char key_id[1024];
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]104 EVP_PKEY *key = NULL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]105
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]106 if (!evpp)
107 return -EINVAL;
108
109 *evpp = NULL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]110
111 engine_id = ENGINE_get_id(engine);
112
113 if (engine_id && !strcmp(engine_id, "pkcs11")) {
114 if (keydir)
Jan Luebbe24bf6e82020-05-13 12:26:24 +0200[diff] [blame]115 if (strstr(keydir, "object="))
116 snprintf(key_id, sizeof(key_id),
117 "pkcs11:%s;type=public",
118 keydir);
119 else
120 snprintf(key_id, sizeof(key_id),
121 "pkcs11:%s;object=%s;type=public",
122 keydir, name);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]123 else
124 snprintf(key_id, sizeof(key_id),
125 "pkcs11:object=%s;type=public",
126 name);
Vesa Jääskeläinen5b123e02019-06-16 20:53:38 +0300[diff] [blame]127 } else if (engine_id) {
128 if (keydir)
129 snprintf(key_id, sizeof(key_id),
130 "%s%s",
131 keydir, name);
132 else
133 snprintf(key_id, sizeof(key_id),
134 "%s",
135 name);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]136 } else {
137 fprintf(stderr, "Engine not supported\n");
138 return -ENOTSUP;
139 }
140
141 key = ENGINE_load_public_key(engine, key_id, NULL, NULL);
142 if (!key)
143 return rsa_err("Failure loading public key from engine");
144
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]145 *evpp = key;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]146
147 return 0;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]148}
149
150/**
151 * rsa_get_pub_key() - read a public key
152 *
153 * @keydir: Directory containing the key (PEM file) or key prefix (engine)
154 * @name Name of key file (will have a .crt extension)
155 * @engine Engine to use
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]156 * @evpp Returns EVP_PKEY object, or NULL on failure
157 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]158 */
159static int rsa_get_pub_key(const char *keydir, const char *name,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]160 ENGINE *engine, EVP_PKEY **evpp)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]161{
162 if (engine)
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]163 return rsa_engine_get_pub_key(keydir, name, engine, evpp);
164 return rsa_pem_get_pub_key(keydir, name, evpp);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]165}
166
167/**
168 * rsa_pem_get_priv_key() - read a private key from a .key file
169 *
170 * @keydir: Directory containing the key
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]171 * @name Name of key file (will have a .key extension)
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]172 * @evpp Returns EVP_PKEY object, or NULL on failure
173 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]174 */
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]175static int rsa_pem_get_priv_key(const char *keydir, const char *name,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]176 const char *keyfile, EVP_PKEY **evpp)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]177{
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]178 char path[1024] = {0};
179 FILE *f = NULL;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]180
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]181 if (!evpp)
182 return -EINVAL;
183
184 *evpp = NULL;
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]185 if (keydir && name)
186 snprintf(path, sizeof(path), "%s/%s.key", keydir, name);
187 else if (keyfile)
188 snprintf(path, sizeof(path), "%s", keyfile);
189 else
190 return -EINVAL;
191
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]192 f = fopen(path, "r");
193 if (!f) {
194 fprintf(stderr, "Couldn't open RSA private key: '%s': %s\n",
195 path, strerror(errno));
196 return -ENOENT;
197 }
198
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]199 if (!PEM_read_PrivateKey(f, evpp, NULL, path)) {
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]200 rsa_err("Failure reading private key");
201 fclose(f);
202 return -EPROTO;
203 }
204 fclose(f);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]205
206 return 0;
207}
208
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]209/**
210 * rsa_engine_get_priv_key() - read a private key from given engine
211 *
212 * @keydir: Key prefix
213 * @name Name of key
214 * @engine Engine to use
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]215 * @evpp Returns EVP_PKEY object, or NULL on failure
216 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]217 */
218static int rsa_engine_get_priv_key(const char *keydir, const char *name,
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]219 const char *keyfile,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]220 ENGINE *engine, EVP_PKEY **evpp)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]221{
222 const char *engine_id;
223 char key_id[1024];
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]224 EVP_PKEY *key = NULL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]225
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]226 if (!evpp)
227 return -EINVAL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]228
229 engine_id = ENGINE_get_id(engine);
230
231 if (engine_id && !strcmp(engine_id, "pkcs11")) {
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]232 if (!keydir && !name) {
233 fprintf(stderr, "Please use 'keydir' with PKCS11\n");
234 return -EINVAL;
235 }
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]236 if (keydir)
Jan Luebbe24bf6e82020-05-13 12:26:24 +0200[diff] [blame]237 if (strstr(keydir, "object="))
238 snprintf(key_id, sizeof(key_id),
239 "pkcs11:%s;type=private",
240 keydir);
241 else
242 snprintf(key_id, sizeof(key_id),
243 "pkcs11:%s;object=%s;type=private",
244 keydir, name);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]245 else
246 snprintf(key_id, sizeof(key_id),
247 "pkcs11:object=%s;type=private",
248 name);
Vesa Jääskeläinen5b123e02019-06-16 20:53:38 +0300[diff] [blame]249 } else if (engine_id) {
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]250 if (keydir && name)
Vesa Jääskeläinen5b123e02019-06-16 20:53:38 +0300[diff] [blame]251 snprintf(key_id, sizeof(key_id),
252 "%s%s",
253 keydir, name);
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]254 else if (keydir)
Vesa Jääskeläinen5b123e02019-06-16 20:53:38 +0300[diff] [blame]255 snprintf(key_id, sizeof(key_id),
256 "%s",
Heinrich Schuchardt295ab732021-07-30 17:05:07 +0200[diff] [blame]257 name ? name : "");
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]258 else if (keyfile)
259 snprintf(key_id, sizeof(key_id), "%s", keyfile);
260 else
261 return -EINVAL;
262
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]263 } else {
264 fprintf(stderr, "Engine not supported\n");
265 return -ENOTSUP;
266 }
267
268 key = ENGINE_load_private_key(engine, key_id, NULL, NULL);
269 if (!key)
270 return rsa_err("Failure loading private key from engine");
271
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]272 *evpp = key;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]273
274 return 0;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]275}
276
277/**
278 * rsa_get_priv_key() - read a private key
279 *
280 * @keydir: Directory containing the key (PEM file) or key prefix (engine)
281 * @name Name of key
282 * @engine Engine to use for signing
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]283 * @evpp Returns EVP_PKEY object, or NULL on failure
284 * @return 0 if ok, -ve on error (in which case *evpp will be set to NULL)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]285 */
286static int rsa_get_priv_key(const char *keydir, const char *name,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]287 const char *keyfile, ENGINE *engine, EVP_PKEY **evpp)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]288{
289 if (engine)
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]290 return rsa_engine_get_priv_key(keydir, name, keyfile, engine,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]291 evpp);
292 return rsa_pem_get_priv_key(keydir, name, keyfile, evpp);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]293}
294
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]295static int rsa_init(void)
296{
297 int ret;
298
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]299 ret = OPENSSL_init_ssl(0, NULL);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]300 if (!ret) {
301 fprintf(stderr, "Failure to init SSL library\n");
302 return -1;
303 }
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]304
305 return 0;
306}
307
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]308static int rsa_engine_init(const char *engine_id, ENGINE **pe)
309{
Marc Kleine-Budde62b27a52021-07-23 22:17:50 +0200[diff] [blame]310 const char *key_pass;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]311 ENGINE *e;
312 int ret;
313
314 ENGINE_load_builtin_engines();
315
316 e = ENGINE_by_id(engine_id);
317 if (!e) {
318 fprintf(stderr, "Engine isn't available\n");
Alexandru Gagniucfe68a672021-07-29 13:31:21 -0500[diff] [blame]319 return -1;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]320 }
321
322 if (!ENGINE_init(e)) {
323 fprintf(stderr, "Couldn't initialize engine\n");
324 ret = -1;
325 goto err_engine_init;
326 }
327
328 if (!ENGINE_set_default_RSA(e)) {
329 fprintf(stderr, "Couldn't set engine as default for RSA\n");
330 ret = -1;
331 goto err_set_rsa;
332 }
333
Marc Kleine-Budde62b27a52021-07-23 22:17:50 +0200[diff] [blame]334 key_pass = getenv("MKIMAGE_SIGN_PIN");
335 if (key_pass) {
336 if (!ENGINE_ctrl_cmd_string(e, "PIN", key_pass, 0)) {
337 fprintf(stderr, "Couldn't set PIN\n");
338 ret = -1;
339 goto err_set_pin;
340 }
341 }
342
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]343 *pe = e;
344
345 return 0;
346
Marc Kleine-Budde62b27a52021-07-23 22:17:50 +0200[diff] [blame]347err_set_pin:
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]348err_set_rsa:
349 ENGINE_finish(e);
350err_engine_init:
351 ENGINE_free(e);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]352 return ret;
353}
354
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]355static void rsa_engine_remove(ENGINE *e)
356{
357 if (e) {
358 ENGINE_finish(e);
359 ENGINE_free(e);
360 }
361}
362
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]363static int rsa_sign_with_key(EVP_PKEY *pkey, struct padding_algo *padding_algo,
Philippe Reynes20031562018-11-14 13:51:00 +0100[diff] [blame]364 struct checksum_algo *checksum_algo,
Heiko Schocher646257d2014-03-03 12:19:26 +0100[diff] [blame]365 const struct image_region region[], int region_count,
366 uint8_t **sigp, uint *sig_size)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]367{
Philippe Reynes20031562018-11-14 13:51:00 +0100[diff] [blame]368 EVP_PKEY_CTX *ckey;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]369 EVP_MD_CTX *context;
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]370 int ret = 0;
371 size_t size;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]372 uint8_t *sig;
373 int i;
374
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]375 size = EVP_PKEY_size(pkey);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]376 sig = malloc(size);
377 if (!sig) {
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]378 fprintf(stderr, "Out of memory for signature (%zu bytes)\n",
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]379 size);
380 ret = -ENOMEM;
381 goto err_alloc;
382 }
383
384 context = EVP_MD_CTX_create();
385 if (!context) {
386 ret = rsa_err("EVP context creation failed");
387 goto err_create;
388 }
389 EVP_MD_CTX_init(context);
Philippe Reynes20031562018-11-14 13:51:00 +0100[diff] [blame]390
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]391 ckey = EVP_PKEY_CTX_new(pkey, NULL);
Philippe Reynes20031562018-11-14 13:51:00 +0100[diff] [blame]392 if (!ckey) {
393 ret = rsa_err("EVP key context creation failed");
394 goto err_create;
395 }
396
397 if (EVP_DigestSignInit(context, &ckey,
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]398 checksum_algo->calculate_sign(),
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]399 NULL, pkey) <= 0) {
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]400 ret = rsa_err("Signer setup failed");
401 goto err_sign;
402 }
403
Simon Glassad74aed2021-07-14 17:05:31 -0500[diff] [blame]404#ifdef CONFIG_FIT_RSASSA_PSS
Philippe Reynes061daa02018-11-14 13:51:01 +0100[diff] [blame]405 if (padding_algo && !strcmp(padding_algo->name, "pss")) {
406 if (EVP_PKEY_CTX_set_rsa_padding(ckey,
407 RSA_PKCS1_PSS_PADDING) <= 0) {
408 ret = rsa_err("Signer padding setup failed");
409 goto err_sign;
410 }
411 }
Simon Glassad74aed2021-07-14 17:05:31 -0500[diff] [blame]412#endif /* CONFIG_FIT_RSASSA_PSS */
Philippe Reynes061daa02018-11-14 13:51:01 +0100[diff] [blame]413
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]414 for (i = 0; i < region_count; i++) {
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]415 if (!EVP_DigestSignUpdate(context, region[i].data,
416 region[i].size)) {
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]417 ret = rsa_err("Signing data failed");
418 goto err_sign;
419 }
420 }
421
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]422 if (!EVP_DigestSignFinal(context, sig, &size)) {
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]423 ret = rsa_err("Could not obtain signature");
424 goto err_sign;
425 }
Philippe Reynes3b5d6972018-11-14 13:50:59 +0100[diff] [blame]426
Alexandru Gagniucfe68a672021-07-29 13:31:21 -0500[diff] [blame]427 EVP_MD_CTX_reset(context);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]428 EVP_MD_CTX_destroy(context);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]429
Chan, Donald6d59ace2021-07-19 09:18:54 -0700[diff] [blame]430 debug("Got signature: %zu bytes, expected %d\n", size, EVP_PKEY_size(pkey));
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]431 *sigp = sig;
432 *sig_size = size;
433
434 return 0;
435
436err_sign:
437 EVP_MD_CTX_destroy(context);
438err_create:
439 free(sig);
440err_alloc:
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]441 return ret;
442}
443
444int rsa_sign(struct image_sign_info *info,
445 const struct image_region region[], int region_count,
446 uint8_t **sigp, uint *sig_len)
447{
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]448 EVP_PKEY *pkey = NULL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]449 ENGINE *e = NULL;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]450 int ret;
451
452 ret = rsa_init();
453 if (ret)
454 return ret;
455
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]456 if (info->engine_id) {
457 ret = rsa_engine_init(info->engine_id, &e);
458 if (ret)
Alexandru Gagniucfe68a672021-07-29 13:31:21 -0500[diff] [blame]459 return ret;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]460 }
461
Alexandru Gagniuc824ee742021-02-19 12:45:18 -0600[diff] [blame]462 ret = rsa_get_priv_key(info->keydir, info->keyname, info->keyfile,
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]463 e, &pkey);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]464 if (ret)
465 goto err_priv;
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]466 ret = rsa_sign_with_key(pkey, info->padding, info->checksum, region,
Heiko Schocher646257d2014-03-03 12:19:26 +0100[diff] [blame]467 region_count, sigp, sig_len);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]468 if (ret)
469 goto err_sign;
470
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]471 EVP_PKEY_free(pkey);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]472 if (info->engine_id)
473 rsa_engine_remove(e);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]474
475 return ret;
476
477err_sign:
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]478 EVP_PKEY_free(pkey);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]479err_priv:
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]480 if (info->engine_id)
481 rsa_engine_remove(e);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]482 return ret;
483}
484
485/*
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]486 * rsa_get_exponent(): - Get the public exponent from an RSA key
487 */
488static int rsa_get_exponent(RSA *key, uint64_t *e)
489{
490 int ret;
491 BIGNUM *bn_te;
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]492 const BIGNUM *key_e;
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]493 uint64_t te;
494
495 ret = -EINVAL;
496 bn_te = NULL;
497
498 if (!e)
499 goto cleanup;
500
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]501 RSA_get0_key(key, NULL, &key_e, NULL);
502 if (BN_num_bits(key_e) > 64)
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]503 goto cleanup;
504
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]505 *e = BN_get_word(key_e);
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]506
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]507 if (BN_num_bits(key_e) < 33) {
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]508 ret = 0;
509 goto cleanup;
510 }
511
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]512 bn_te = BN_dup(key_e);
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]513 if (!bn_te)
514 goto cleanup;
515
516 if (!BN_rshift(bn_te, bn_te, 32))
517 goto cleanup;
518
519 if (!BN_mask_bits(bn_te, 32))
520 goto cleanup;
521
522 te = BN_get_word(bn_te);
523 te <<= 32;
524 *e |= te;
525 ret = 0;
526
527cleanup:
528 if (bn_te)
529 BN_free(bn_te);
530
531 return ret;
532}
533
534/*
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]535 * rsa_get_params(): - Get the important parameters of an RSA public key
536 */
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]537int rsa_get_params(RSA *key, uint64_t *exponent, uint32_t *n0_invp,
538 BIGNUM **modulusp, BIGNUM **r_squaredp)
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]539{
540 BIGNUM *big1, *big2, *big32, *big2_32;
541 BIGNUM *n, *r, *r_squared, *tmp;
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]542 const BIGNUM *key_n;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]543 BN_CTX *bn_ctx = BN_CTX_new();
544 int ret = 0;
545
546 /* Initialize BIGNUMs */
547 big1 = BN_new();
548 big2 = BN_new();
549 big32 = BN_new();
550 r = BN_new();
551 r_squared = BN_new();
552 tmp = BN_new();
553 big2_32 = BN_new();
554 n = BN_new();
555 if (!big1 || !big2 || !big32 || !r || !r_squared || !tmp || !big2_32 ||
556 !n) {
557 fprintf(stderr, "Out of memory (bignum)\n");
558 return -ENOMEM;
559 }
560
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]561 if (0 != rsa_get_exponent(key, exponent))
562 ret = -1;
563
Jelle van der Waac3b43282017-05-08 21:31:19 +0200[diff] [blame]564 RSA_get0_key(key, &key_n, NULL, NULL);
565 if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) ||
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]566 !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
567 ret = -1;
568
569 /* big2_32 = 2^32 */
570 if (!BN_exp(big2_32, big2, big32, bn_ctx))
571 ret = -1;
572
573 /* Calculate n0_inv = -1 / n[0] mod 2^32 */
574 if (!BN_mod_inverse(tmp, n, big2_32, bn_ctx) ||
575 !BN_sub(tmp, big2_32, tmp))
576 ret = -1;
577 *n0_invp = BN_get_word(tmp);
578
579 /* Calculate R = 2^(# of key bits) */
580 if (!BN_set_word(tmp, BN_num_bits(n)) ||
581 !BN_exp(r, big2, tmp, bn_ctx))
582 ret = -1;
583
584 /* Calculate r_squared = R^2 mod n */
585 if (!BN_copy(r_squared, r) ||
586 !BN_mul(tmp, r_squared, r, bn_ctx) ||
587 !BN_mod(r_squared, tmp, n, bn_ctx))
588 ret = -1;
589
590 *modulusp = n;
591 *r_squaredp = r_squared;
592
593 BN_free(big1);
594 BN_free(big2);
595 BN_free(big32);
596 BN_free(r);
597 BN_free(tmp);
598 BN_free(big2_32);
599 if (ret) {
600 fprintf(stderr, "Bignum operations failed\n");
601 return -ENOMEM;
602 }
603
604 return ret;
605}
606
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]607int rsa_add_verify_data(struct image_sign_info *info, void *keydest)
608{
609 BIGNUM *modulus, *r_squared;
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]610 uint64_t exponent;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]611 uint32_t n0_inv;
612 int parent, node;
613 char name[100];
614 int ret;
615 int bits;
616 RSA *rsa;
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]617 EVP_PKEY *pkey = NULL;
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]618 ENGINE *e = NULL;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]619
620 debug("%s: Getting verification data\n", __func__);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]621 if (info->engine_id) {
622 ret = rsa_engine_init(info->engine_id, &e);
623 if (ret)
624 return ret;
625 }
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]626 ret = rsa_get_pub_key(info->keydir, info->keyname, e, &pkey);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]627 if (ret)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]628 goto err_get_pub_key;
Alexandru Gagniucfe68a672021-07-29 13:31:21 -0500[diff] [blame]629
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]630 rsa = EVP_PKEY_get0_RSA(pkey);
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]631 ret = rsa_get_params(rsa, &exponent, &n0_inv, &modulus, &r_squared);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]632 if (ret)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]633 goto err_get_params;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]634 bits = BN_num_bits(modulus);
635 parent = fdt_subnode_offset(keydest, 0, FIT_SIG_NODENAME);
636 if (parent == -FDT_ERR_NOTFOUND) {
637 parent = fdt_add_subnode(keydest, 0, FIT_SIG_NODENAME);
638 if (parent < 0) {
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]639 ret = parent;
640 if (ret != -FDT_ERR_NOSPACE) {
641 fprintf(stderr, "Couldn't create signature node: %s\n",
642 fdt_strerror(parent));
643 }
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]644 }
645 }
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]646 if (ret)
647 goto done;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]648
649 /* Either create or overwrite the named key node */
650 snprintf(name, sizeof(name), "key-%s", info->keyname);
651 node = fdt_subnode_offset(keydest, parent, name);
652 if (node == -FDT_ERR_NOTFOUND) {
653 node = fdt_add_subnode(keydest, parent, name);
654 if (node < 0) {
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]655 ret = node;
656 if (ret != -FDT_ERR_NOSPACE) {
657 fprintf(stderr, "Could not create key subnode: %s\n",
658 fdt_strerror(node));
659 }
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]660 }
661 } else if (node < 0) {
662 fprintf(stderr, "Cannot select keys parent: %s\n",
663 fdt_strerror(node));
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]664 ret = node;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]665 }
666
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]667 if (!ret) {
Simon Glass72188f52020-03-18 11:44:06 -0600[diff] [blame]668 ret = fdt_setprop_string(keydest, node, FIT_KEY_HINT,
669 info->keyname);
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]670 }
Simon Glass4f427a42014-06-02 22:04:51 -0600[diff] [blame]671 if (!ret)
672 ret = fdt_setprop_u32(keydest, node, "rsa,num-bits", bits);
673 if (!ret)
674 ret = fdt_setprop_u32(keydest, node, "rsa,n0-inverse", n0_inv);
675 if (!ret) {
Michael van der Westhuizene0f2f152014-07-02 10:17:26 +0200[diff] [blame]676 ret = fdt_setprop_u64(keydest, node, "rsa,exponent", exponent);
677 }
678 if (!ret) {
Simon Glass4f427a42014-06-02 22:04:51 -0600[diff] [blame]679 ret = fdt_add_bignum(keydest, node, "rsa,modulus", modulus,
680 bits);
681 }
682 if (!ret) {
683 ret = fdt_add_bignum(keydest, node, "rsa,r-squared", r_squared,
684 bits);
685 }
686 if (!ret) {
687 ret = fdt_setprop_string(keydest, node, FIT_ALGO_PROP,
Andrew Duda83dd98e2016-11-08 18:53:41 +0000[diff] [blame]688 info->name);
Simon Glass4f427a42014-06-02 22:04:51 -0600[diff] [blame]689 }
mario.six@gdsys.cc2b9ec762016-07-19 11:07:07 +0200[diff] [blame]690 if (!ret && info->require_keys) {
Simon Glass72188f52020-03-18 11:44:06 -0600[diff] [blame]691 ret = fdt_setprop_string(keydest, node, FIT_KEY_REQUIRED,
Simon Glass4f427a42014-06-02 22:04:51 -0600[diff] [blame]692 info->require_keys);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]693 }
Simon Glass597a8b22014-06-12 07:24:42 -0600[diff] [blame]694done:
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]695 BN_free(modulus);
696 BN_free(r_squared);
697 if (ret)
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]698 ret = ret == -FDT_ERR_NOSPACE ? -ENOSPC : -EIO;
699err_get_params:
Chan, Donaldfbc77742021-04-01 22:42:36 +0000[diff] [blame]700 EVP_PKEY_free(pkey);
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]701err_get_pub_key:
702 if (info->engine_id)
703 rsa_engine_remove(e);
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]704
George McCollisterf1ca1fd2017-01-06 13:14:17 -0600[diff] [blame]705 return ret;
Simon Glass19c402a2013-06-13 15:10:02 -0700[diff] [blame]706}