Google Git
Sign in
cos / mirrors / cros / chromiumos / platform / vboot_reference / refs/heads/stabilize-13597.69.B / . / firmware / 2lib / 2common.c
blob: a88bc2e0be3c1d029197a7a5f2cf0ce4ff9c52d9 [file] [log] [blame]
/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Common functions between firmware and kernel verified boot.
* (Firmware portion)
*/
#include "2common.h"
#include "2rsa.h"
#include "2sha.h"
#include "2sysincludes.h"
vb2_error_t vb2_safe_memcmp(const void *s1, const void *s2, size_t size)
{
const unsigned char *us1 = s1;
const unsigned char *us2 = s2;
int result = 0;
if (0 == size)
return 0;
/*
* Code snippet without data-dependent branch due to Nate Lawson
* (nate@root.org) of Root Labs.
*/
while (size--)
result |= *us1++ ^ *us2++;
return result != 0;
}
vb2_error_t vb2_align(uint8_t **ptr, uint32_t *size, uint32_t align,
uint32_t want_size)
{
uintptr_t p = (uintptr_t)*ptr;
uintptr_t offs = p & (align - 1);
if (offs) {
offs = align - offs;
if (*size < offs)
return VB2_ERROR_ALIGN_BIGGER_THAN_SIZE;
*ptr += offs;
*size -= offs;
}
if (*size < want_size)
return VB2_ERROR_ALIGN_SIZE;
return VB2_SUCCESS;
}
void vb2_workbuf_init(struct vb2_workbuf *wb, uint8_t *buf, uint32_t size)
{
wb->buf = buf;
wb->size = size;
/* Align the buffer so allocations will be aligned */
if (vb2_align(&wb->buf, &wb->size, VB2_WORKBUF_ALIGN, 0))
wb->size = 0;
}
void *vb2_workbuf_alloc(struct vb2_workbuf *wb, uint32_t size)
{
uint8_t *ptr = wb->buf;
/* Round up size to work buffer alignment */
size = vb2_wb_round_up(size);
if (size > wb->size)
return NULL;
wb->buf += size;
wb->size -= size;
return ptr;
}
void *vb2_workbuf_realloc(struct vb2_workbuf *wb, uint32_t oldsize,
uint32_t newsize)
{
/*
* Just free and allocate to update the size. No need to move/copy
* memory, since the new pointer is guaranteed to be the same as the
* old one. The new allocation can fail, if the new size is too big.
*/
vb2_workbuf_free(wb, oldsize);
return vb2_workbuf_alloc(wb, newsize);
}
void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size)
{
/* Round up size to work buffer alignment */
size = vb2_wb_round_up(size);
wb->buf -= size;
wb->size += size;
}
ptrdiff_t vb2_offset_of(const void *base, const void *ptr)
{
return (uintptr_t)ptr - (uintptr_t)base;
}
void *vb2_member_of(void *parent, ptrdiff_t offset)
{
/* TODO(kitching): vb2_assert(parent && offset) */
return parent + offset;
}
vb2_error_t vb2_verify_member_inside(const void *parent, size_t parent_size,
const void *member, size_t member_size,
ptrdiff_t member_data_offset,
size_t member_data_size)
{
const uintptr_t parent_end = (uintptr_t)parent + parent_size;
const ptrdiff_t member_offs = vb2_offset_of(parent, member);
const ptrdiff_t member_end_offs = member_offs + member_size;
const ptrdiff_t data_offs = member_offs + member_data_offset;
const ptrdiff_t data_end_offs = data_offs + member_data_size;
/* Make sure parent doesn't wrap */
if (parent_end < (uintptr_t)parent)
return VB2_ERROR_INSIDE_PARENT_WRAPS;
/*
* Make sure the member is fully contained in the parent and doesn't
* wrap. Use >, not >=, since member_size = 0 is possible.
*/
if (member_end_offs < member_offs)
return VB2_ERROR_INSIDE_MEMBER_WRAPS;
if (member_offs < 0 || member_offs > parent_size ||
member_end_offs > parent_size)
return VB2_ERROR_INSIDE_MEMBER_OUTSIDE;
/* Make sure the member data is after the member */
if (member_data_size > 0 && data_offs < member_end_offs)
return VB2_ERROR_INSIDE_DATA_OVERLAP;
/* Make sure parent fully contains member data, if any */
if (data_end_offs < data_offs)
return VB2_ERROR_INSIDE_DATA_WRAPS;
if (data_offs < 0 || data_offs > parent_size ||
data_end_offs > parent_size)
return VB2_ERROR_INSIDE_DATA_OUTSIDE;
return VB2_SUCCESS;
}
vb2_error_t vb2_verify_digest(const struct vb2_public_key *key,
struct vb2_signature *sig, const uint8_t *digest,
const struct vb2_workbuf *wb)
{
/* A signature is destroyed in the process of being verified. */
uint8_t *sig_data = vb2_signature_data_mutable(sig);
if (sig->sig_size != vb2_rsa_sig_size(key->sig_alg)) {
VB2_DEBUG("Wrong data signature size for algorithm, "
"sig_size=%d, expected %d for algorithm %d.\n",
sig->sig_size, vb2_rsa_sig_size(key->sig_alg),
key->sig_alg);
return VB2_ERROR_VDATA_SIG_SIZE;
}
if (key->allow_hwcrypto) {
vb2_error_t rv =
vb2ex_hwcrypto_rsa_verify_digest(key, sig_data, digest);
if (rv != VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED) {
VB2_DEBUG("Using HW RSA engine for sig_alg %d %s\n",
key->sig_alg,
rv ? "failed" : "succeeded");
return rv;
}
VB2_DEBUG("HW RSA for sig_alg %d not supported, using SW\n",
key->sig_alg);
} else {
VB2_DEBUG("HW RSA forbidden, using SW\n");
}
return vb2_rsa_verify_digest(key, sig_data, digest, wb);
}
vb2_error_t vb2_verify_data(const uint8_t *data, uint32_t size,
struct vb2_signature *sig,
const struct vb2_public_key *key,
const struct vb2_workbuf *wb)
{
struct vb2_workbuf wblocal = *wb;
struct vb2_digest_context *dc;
uint8_t *digest;
uint32_t digest_size;
if (sig->data_size > size) {
VB2_DEBUG("Data buffer smaller than length of signed data.\n");
return VB2_ERROR_VDATA_NOT_ENOUGH_DATA;
}
/* Digest goes at start of work buffer */
digest_size = vb2_digest_size(key->hash_alg);
if (!digest_size)
return VB2_ERROR_VDATA_DIGEST_SIZE;
digest = vb2_workbuf_alloc(&wblocal, digest_size);
if (!digest)
return VB2_ERROR_VDATA_WORKBUF_DIGEST;
/* Hashing requires temp space for the context */
dc = vb2_workbuf_alloc(&wblocal, sizeof(*dc));
if (!dc)
return VB2_ERROR_VDATA_WORKBUF_HASHING;
VB2_TRY(vb2_digest_init(dc, key->hash_alg));
VB2_TRY(vb2_digest_extend(dc, data, sig->data_size));
VB2_TRY(vb2_digest_finalize(dc, digest, digest_size));
vb2_workbuf_free(&wblocal, sizeof(*dc));
return vb2_verify_digest(key, sig, digest, &wblocal);
}
vb2_error_t vb2_check_keyblock(const struct vb2_keyblock *block, uint32_t size,
const struct vb2_signature *sig)
{
if(size < sizeof(*block)) {
VB2_DEBUG("Not enough space for keyblock header.\n");
return VB2_ERROR_KEYBLOCK_TOO_SMALL_FOR_HEADER;
}
if (memcmp(block->magic, VB2_KEYBLOCK_MAGIC, VB2_KEYBLOCK_MAGIC_SIZE)) {
VB2_DEBUG("Not a valid verified boot keyblock.\n");
return VB2_ERROR_KEYBLOCK_MAGIC;
}
if (block->header_version_major != VB2_KEYBLOCK_VERSION_MAJOR) {
VB2_DEBUG("Incompatible keyblock header version.\n");
return VB2_ERROR_KEYBLOCK_HEADER_VERSION;
}
if (size < block->keyblock_size) {
VB2_DEBUG("Not enough data for keyblock.\n");
return VB2_ERROR_KEYBLOCK_SIZE;
}
if (vb2_verify_signature_inside(block, block->keyblock_size, sig)) {
VB2_DEBUG("Keyblock signature off end of block\n");
return VB2_ERROR_KEYBLOCK_SIG_OUTSIDE;
}
/* Make sure advertised signature data sizes are valid. */
if (block->keyblock_size < sig->data_size) {
VB2_DEBUG("Signature calculated past end of block\n");
return VB2_ERROR_KEYBLOCK_SIGNED_TOO_MUCH;
}
/* Verify we signed enough data */
if (sig->data_size < sizeof(struct vb2_keyblock)) {
VB2_DEBUG("Didn't sign enough data\n");
return VB2_ERROR_KEYBLOCK_SIGNED_TOO_LITTLE;
}
/* Verify data key is inside the block and inside signed data */
if (vb2_verify_packed_key_inside(block, block->keyblock_size,
&block->data_key)) {
VB2_DEBUG("Data key off end of keyblock\n");
return VB2_ERROR_KEYBLOCK_DATA_KEY_OUTSIDE;
}
if (vb2_verify_packed_key_inside(block, sig->data_size,
&block->data_key)) {
VB2_DEBUG("Data key off end of signed data\n");
return VB2_ERROR_KEYBLOCK_DATA_KEY_UNSIGNED;
}
return VB2_SUCCESS;
}
vb2_error_t vb2_verify_keyblock(struct vb2_keyblock *block, uint32_t size,
const struct vb2_public_key *key,
const struct vb2_workbuf *wb)
{
struct vb2_signature *sig = &block->keyblock_signature;
vb2_error_t rv;
/* Validity check keyblock before attempting signature check of data */
VB2_TRY(vb2_check_keyblock(block, size, sig));
VB2_DEBUG("Checking keyblock signature...\n");
rv = vb2_verify_data((const uint8_t *)block, size, sig, key, wb);
if (rv) {
VB2_DEBUG("Invalid keyblock signature.\n");
return VB2_ERROR_KEYBLOCK_SIG_INVALID;
}
/* Success */
return VB2_SUCCESS;
}
vb2_error_t vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
uint32_t size,
const struct vb2_public_key *key,
const struct vb2_workbuf *wb)
{
struct vb2_signature *sig = &preamble->preamble_signature;
VB2_DEBUG("Verifying preamble.\n");
/* Validity checks before attempting signature of data */
if(size < sizeof(*preamble)) {
VB2_DEBUG("Not enough data for preamble header\n");
return VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER;
}
if (preamble->header_version_major !=
VB2_FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) {
VB2_DEBUG("Incompatible firmware preamble header version.\n");
return VB2_ERROR_PREAMBLE_HEADER_VERSION;
}
if (preamble->header_version_minor < 1) {
VB2_DEBUG("Only preamble header 2.1+ supported\n");
return VB2_ERROR_PREAMBLE_HEADER_OLD;
}
if (size < preamble->preamble_size) {
VB2_DEBUG("Not enough data for preamble.\n");
return VB2_ERROR_PREAMBLE_SIZE;
}
/* Check signature */
if (vb2_verify_signature_inside(preamble, preamble->preamble_size,
sig)) {
VB2_DEBUG("Preamble signature off end of preamble\n");
return VB2_ERROR_PREAMBLE_SIG_OUTSIDE;
}
/* Make sure advertised signature data sizes are valid. */
if (preamble->preamble_size < sig->data_size) {
VB2_DEBUG("Signature calculated past end of the block\n");
return VB2_ERROR_PREAMBLE_SIGNED_TOO_MUCH;
}
if (vb2_verify_data((const uint8_t *)preamble, size, sig, key, wb)) {
VB2_DEBUG("Preamble signature validation failed\n");
return VB2_ERROR_PREAMBLE_SIG_INVALID;
}
/* Verify we signed enough data */
if (sig->data_size < sizeof(struct vb2_fw_preamble)) {
VB2_DEBUG("Didn't sign enough data\n");
return VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE;
}
/* Verify body signature is inside the signed data */
if (vb2_verify_signature_inside(preamble, sig->data_size,
&preamble->body_signature)) {
VB2_DEBUG("Firmware body signature off end of preamble\n");
return VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE;
}
/* Verify kernel subkey is inside the signed data */
if (vb2_verify_packed_key_inside(preamble, sig->data_size,
&preamble->kernel_subkey)) {
VB2_DEBUG("Kernel subkey off end of preamble\n");
return VB2_ERROR_PREAMBLE_KERNEL_SUBKEY_OUTSIDE;
}
/* Success */
return VB2_SUCCESS;
}