blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-10 01:29:21 -04:00
Code Issues Projects Releases Wiki Activity

bootloader: Fix secure boot digest generation for image length where (len%128 < 32)

Browse Source
This commit is contained in:
Angus Gratton 2018-09-30 00:31:58 +10:00 committed by Angus Gratton
parent 2e8d7fa36d
commit 283c47cbba
3 changed files with 38 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
components/bootloader_support/include/esp_image_format.h
View File

@ -81,6 +81,8 @@ typedef struct {
_Static_assert(sizeof(esp_image_header_t) == 24, "binary image header should be 24 bytes"); _Static_assert(sizeof(esp_image_header_t) == 24, "binary image header should be 24 bytes");
#define ESP_IMAGE_HASH_LEN 32 /* Length of the appended SHA-256 digest */
/* Header of binary image segment */ /* Header of binary image segment */
typedef struct { typedef struct {
uint32_t load_addr; uint32_t load_addr;
@ -142,6 +144,16 @@ esp_err_t esp_image_load(esp_image_load_mode_t mode, const esp_partition_pos_t *
*/ */
esp_err_t esp_image_verify_bootloader(uint32_t *length); esp_err_t esp_image_verify_bootloader(uint32_t *length);
/**
* @brief Verify the bootloader image.
*
* @param[out] Metadata for the image. Only valid if result is ESP_OK.
*
* @return As per esp_image_load_metadata().
*/
esp_err_t esp_image_verify_bootloader_data(esp_image_metadata_t *data);
typedef struct { typedef struct {
uint32_t drom_addr; uint32_t drom_addr;
uint32_t drom_load_addr; uint32_t drom_load_addr;

25
components/bootloader_support/src/esp_image_format.c
View File

@ -26,7 +26,7 @@
static const char *TAG = "esp_image"; static const char *TAG = "esp_image";
#define HASH_LEN 32 /* SHA-256 digest length */ #define HASH_LEN ESP_IMAGE_HASH_LEN
#define SIXTEEN_MB 0x1000000 #define SIXTEEN_MB 0x1000000
#define ESP_ROM_CHECKSUM_INITIAL 0xEF #define ESP_ROM_CHECKSUM_INITIAL 0xEF
@ -441,19 +441,28 @@ static bool should_load(uint32_t load_addr)
esp_err_t esp_image_verify_bootloader(uint32_t *length) esp_err_t esp_image_verify_bootloader(uint32_t *length)
{ {
esp_image_metadata_t data; esp_image_metadata_t data;
const esp_partition_pos_t bootloader_part = { esp_err_t err = esp_image_verify_bootloader_data(&data);
.offset = ESP_BOOTLOADER_OFFSET,
.size = ESP_PARTITION_TABLE_OFFSET - ESP_BOOTLOADER_OFFSET,
};
esp_err_t err = esp_image_load(ESP_IMAGE_VERIFY,
&bootloader_part,
&data);
if (length != NULL) { if (length != NULL) {
*length = (err == ESP_OK) ? data.image_len : 0; *length = (err == ESP_OK) ? data.image_len : 0;
} }
return err; return err;
} }
esp_err_t esp_image_verify_bootloader_data(esp_image_metadata_t *data)
{
if (data == NULL) {
return ESP_ERR_INVALID_ARG;
}
const esp_partition_pos_t bootloader_part = {
.offset = ESP_BOOTLOADER_OFFSET,
.size = ESP_PARTITION_TABLE_OFFSET - ESP_BOOTLOADER_OFFSET,
};
return esp_image_load(ESP_IMAGE_VERIFY,
&bootloader_part,
data);
}
static esp_err_t verify_checksum(bootloader_sha256_handle_t sha_handle, uint32_t checksum_word, esp_image_metadata_t *data) static esp_err_t verify_checksum(bootloader_sha256_handle_t sha_handle, uint32_t checksum_word, esp_image_metadata_t *data)
{ {
uint32_t unpadded_length = data->image_len; uint32_t unpadded_length = data->image_len;

12
components/bootloader_support/src/secure_boot.c
View File

@ -50,7 +50,7 @@ static bool secure_boot_generate(uint32_t image_len){
const uint32_t *image; const uint32_t *image;
/* hardware secure boot engine only takes full blocks, so round up the /* hardware secure boot engine only takes full blocks, so round up the
image length. The additional data should all be 0xFF. image length. The additional data should all be 0xFF (or the appended SHA, if it falls in the same block).
*/ */
if (image_len % sizeof(digest.iv) != 0) { if (image_len % sizeof(digest.iv) != 0) {
image_len = (image_len / sizeof(digest.iv) + 1) * sizeof(digest.iv); image_len = (image_len / sizeof(digest.iv) + 1) * sizeof(digest.iv);
@ -104,7 +104,6 @@ static inline void burn_efuses()
esp_err_t esp_secure_boot_permanently_enable(void) { esp_err_t esp_secure_boot_permanently_enable(void) {
esp_err_t err; esp_err_t err;
uint32_t image_len = 0;
if (esp_secure_boot_enabled()) if (esp_secure_boot_enabled())
{ {
ESP_LOGI(TAG, "bootloader secure boot is already enabled, continuing.."); ESP_LOGI(TAG, "bootloader secure boot is already enabled, continuing..");
@ -116,7 +115,9 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
return ESP_ERR_NOT_SUPPORTED; return ESP_ERR_NOT_SUPPORTED;
} }
err = esp_image_verify_bootloader(&image_len); /* Verify the bootloader */
esp_image_metadata_t bootloader_data = { 0 };
err = esp_image_verify_bootloader_data(&bootloader_data);
if (err != ESP_OK) { if (err != ESP_OK) {
ESP_LOGE(TAG, "bootloader image appears invalid! error %d", err); ESP_LOGE(TAG, "bootloader image appears invalid! error %d", err);
return err; return err;
@ -155,6 +156,11 @@ esp_err_t esp_secure_boot_permanently_enable(void) {
} }
ESP_LOGI(TAG, "Generating secure boot digest..."); ESP_LOGI(TAG, "Generating secure boot digest...");
uint32_t image_len = bootloader_data.image_len;
if(bootloader_data.image.hash_appended) {
/* Secure boot digest doesn't cover the hash */
image_len -= ESP_IMAGE_HASH_LEN;
}
if (false == secure_boot_generate(image_len)){ if (false == secure_boot_generate(image_len)){
ESP_LOGE(TAG, "secure boot generation failed"); ESP_LOGE(TAG, "secure boot generation failed");
return ESP_FAIL; return ESP_FAIL;