From d83033f449078dafe2387c10cdd0a1aaac7abf33 Mon Sep 17 00:00:00 2001 From: Jukka Laitinen Date: Fri, 28 May 2021 15:28:37 +0300 Subject: [PATCH] Take the crypto_backend library into use in bootloader for signature verification Signed-off-by: Jukka Laitinen --- .../src/bootloader/common/CMakeLists.txt | 8 +++ platforms/nuttx/src/bootloader/common/bl.c | 9 +++ .../nuttx/src/bootloader/common/crypto.c | 69 +++++++++++++++++++ .../nuttx/src/bootloader/common/crypto.h | 12 ++-- .../nuttx/src/bootloader/common/image_toc.c | 4 -- 5 files changed, 93 insertions(+), 9 deletions(-) create mode 100644 platforms/nuttx/src/bootloader/common/crypto.c diff --git a/platforms/nuttx/src/bootloader/common/CMakeLists.txt b/platforms/nuttx/src/bootloader/common/CMakeLists.txt index dce9f3a105..7ba4af3826 100644 --- a/platforms/nuttx/src/bootloader/common/CMakeLists.txt +++ b/platforms/nuttx/src/bootloader/common/CMakeLists.txt @@ -34,6 +34,7 @@ add_library(bootloader bl.c image_toc.c + crypto.c ) target_link_libraries(bootloader @@ -41,6 +42,13 @@ target_link_libraries(bootloader arch_bootloader ) +if (DEFINED PX4_CRYPTO) + target_link_libraries(bootloader + PRIVATE + crypto_backend + ) +endif() + add_dependencies(bootloader prebuild_targets) add_subdirectory(lib) diff --git a/platforms/nuttx/src/bootloader/common/bl.c b/platforms/nuttx/src/bootloader/common/bl.c index b25941f2e5..6102d0a851 100644 --- a/platforms/nuttx/src/bootloader/common/bl.c +++ b/platforms/nuttx/src/bootloader/common/bl.c @@ -51,6 +51,10 @@ #include "cdcacm.h" #include "uart.h" +#ifdef BOOTLOADER_USE_SECURITY +#include +#endif + // bootloader flash update protocol. // // Command format: @@ -301,6 +305,11 @@ jump_to_app() } #ifdef BOOTLOADER_USE_TOC + +#ifdef BOOTLOADER_USE_SECURITY + crypto_init(); +#endif + const image_toc_entry_t *toc_entries; uint8_t len; uint8_t i = 0; diff --git a/platforms/nuttx/src/bootloader/common/crypto.c b/platforms/nuttx/src/bootloader/common/crypto.c new file mode 100644 index 0000000000..12bf011dd9 --- /dev/null +++ b/platforms/nuttx/src/bootloader/common/crypto.c @@ -0,0 +1,69 @@ +/**************************************************************************** + * + * Copyright (c) 2021 Technology Innovation Institute. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * 3. Neither the name PX4 nor the names of its contributors may be + * used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN + * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + * + ****************************************************************************/ + +#include +#include "image_toc.h" +#include "hw_config.h" + +#ifdef BOOTLOADER_USE_SECURITY + +#include + +bool verify_app(uint16_t idx, const image_toc_entry_t *toc_entries) +{ + volatile uint8_t *app_signature_ptr = NULL; + volatile size_t len = 0; + bool ret; + + uint8_t sig_idx = toc_entries[idx].signature_idx; + uint8_t sig_key = toc_entries[idx].signature_key; + crypto_session_handle_t handle = crypto_open(BOOTLOADER_SIGNING_ALGORITHM); + app_signature_ptr = (volatile uint8_t *)toc_entries[sig_idx].start; + len = (size_t)toc_entries[idx].end - (size_t)toc_entries[idx].start; + + ret = crypto_signature_check(handle, sig_key, (const uint8_t *)app_signature_ptr, + (const uint8_t *)toc_entries[idx].start, len); + + crypto_close(&handle); + return ret; +} + +bool decrypt_app(uint16_t idx, const image_toc_entry_t *toc_entries) +{ + /* + * Not implemented yet. + */ + return false; +} + +#endif //BOOTLOADER_USE_SECURITY diff --git a/platforms/nuttx/src/bootloader/common/crypto.h b/platforms/nuttx/src/bootloader/common/crypto.h index cbd4d289ed..daf5c4df66 100644 --- a/platforms/nuttx/src/bootloader/common/crypto.h +++ b/platforms/nuttx/src/bootloader/common/crypto.h @@ -40,9 +40,9 @@ #pragma once -#ifdef BOOTLOADER_USE_TOC - -#ifdef BOOTLOADER_USE_SECURITY +/* Using security always needs TOC (but TOC could be used without security) */ +#if defined(BOOTLOADER_USE_SECURITY) +# define BOOTLOADER_USE_TOC #include @@ -55,6 +55,8 @@ bool decrypt_app(uint16_t idx, const image_toc_entry_t *toc_entries); #else +# if defined(BOOTLOADER_USE_TOC) + /* No security, application verification passes always */ static inline bool verify_app(uint16_t idx, const image_toc_entry_t *toc_entries) {return true;} @@ -63,6 +65,6 @@ static inline bool verify_app(uint16_t idx, const image_toc_entry_t *toc_entries static inline bool decrypt_app(uint16_t idx, const image_toc_entry_t *toc_entries) {return false;} -#endif +# endif -#endif +#endif // BOOTLOADER_USE_SECURITY diff --git a/platforms/nuttx/src/bootloader/common/image_toc.c b/platforms/nuttx/src/bootloader/common/image_toc.c index 9b723dac60..cdc6ca9db3 100644 --- a/platforms/nuttx/src/bootloader/common/image_toc.c +++ b/platforms/nuttx/src/bootloader/common/image_toc.c @@ -33,8 +33,6 @@ #include "hw_config.h" -#ifdef BOOTLOADER_USE_TOC - #include #include #include @@ -102,5 +100,3 @@ bool find_toc(const image_toc_entry_t **toc_entries, uint8_t *len) *len = 0; return false; } - -#endif