Exemple #1
0
/**************************************************************************
 *  SECURE BOOT INIT
 **************************************************************************/ 
int masp_boot_init (void)
{
    int ret = SEC_OK;

    SMSG(true,"[%s] '%s%s'\n",MOD,BUILD_TIME,BUILD_BRANCH);    

#if !defined(MTK_GPT_SCHEME_SUPPORT)        
    /* ----------------------------------- */
    /* check usif status                   */
    /* ----------------------------------- */
    if(SEC_OK != (ret = sec_usif_check()))
    {
        goto _error;
    }
#endif 
    /* ----------------------------------- */
    /* scan partition map                  */
    /* ----------------------------------- */
    sec_dev_find_parts();

    /* ----------------------------------- */
    /* read rom info                       */
    /* ----------------------------------- */
    /* read rom info to get security config. */
    if(SEC_OK != (ret = sec_dev_read_rom_info()))
    {
        goto _error;
    }

    SMSG(true,"[%s] ROM INFO is found\n",MOD);     

    if(0 != mcmp(rom_info.m_id,RI_NAME,RI_NAME_LEN))
    {
        SMSG(true,"[%s] error. ROM INFO not found\n",MOD);
        ret = ERR_ROM_INFO_MTD_NOT_FOUND;
        goto _error;
    }    

    /* ----------------------------------- */
    /* read secro                          */
    /* ----------------------------------- */
    if(TRUE == rom_info.m_SEC_CTRL.m_secro_ac_en)
    {
        if(FALSE == bSECROInit)
        {    
#if 0        
            if(TRUE == sec_secro_ac())
            {
                if(SEC_OK != (ret = sec_dev_read_secroimg()))
                {
                    goto _error;
                }
            }
            else
            {
                /* only for non-security platform */
                if(SEC_OK != (ret = sec_fs_read_secroimg(FS_SECRO_PATH,(uchar*)&secroimg)))
                {
                    goto _error;
                }                
            }
#else
            if(SEC_OK != (ret = sec_dev_read_secroimg()))
            {
                goto _error;
            }

#endif
            bSECROInit = TRUE;
        }
    }

    /* ----------------------------------- */
    /* init key                            */
    /* ----------------------------------- */
    /* TODO : add support to read SML DEC key from SEC_RO */
    if(SEC_OK != (ret = sec_boot_key_init()))
    {
        goto _error;        
    }

    return ret;

_error:

    SMSG(true,"[%s] error (0x%x)\n",MOD,ret);   

    return ret;
}
/**************************************************************************
 *  PART NAME QUERY
 **************************************************************************/
char* mtd2pl (char* part_name)
{
    /* sync mtd partition name with PL's and DA's */
    /* ----------------- */
    /* seccfg            */
    /* ----------------- */    
    if(0 == mcmp(part_name,MTD_SECCFG,strlen(MTD_SECCFG)))
    {   
        return (char*) PL_SECCFG;
    }
    /* ----------------- */
    /* uboot             */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_UBOOT,strlen(MTD_UBOOT)))
    {   
        return (char*) PL_UBOOT;
    }
    /* ----------------- */    
    /* logo              */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_LOGO,strlen(MTD_LOGO)))
    {
        return (char*) PL_LOGO;
    }
    /* ----------------- */
    /* boot image        */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_BOOTIMG,strlen(MTD_BOOTIMG)))
    {
        return (char*) PL_BOOTIMG;
    }
    /* ----------------- */    
    /* user data         */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_USER,strlen(MTD_USER)))
    {
        return (char*) PL_USER;               
    }   
    /* ----------------- */    
    /* system image      */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_ANDSYSIMG,strlen(MTD_ANDSYSIMG)))
    {
        return (char*) PL_ANDSYSIMG;
    }   
    /* ----------------- */    
    /* recovery          */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_RECOVERY,strlen(MTD_RECOVERY)))
    {
        return (char*) PL_RECOVERY;
    }       
    /* ----------------- */    
    /* sec ro            */
    /* ----------------- */    
    else if(0 == mcmp(part_name,MTD_SECRO,strlen(MTD_SECRO)))
    {
        return (char*) PL_SECRO;
    }
    /* ----------------- */    
    /* not found         */
    /* ----------------- */    
    else
    {
        return part_name;
    }    
}
int32
runtime·sighandler(void *v, int8 *s, G *gp)
{
	Ureg *ureg;
	uintptr *sp;
	SigTab *sig, *nsig;
	int32 len, i;

	if(!s)
		return NCONT;
			
	len = runtime·findnull((byte*)s);
	if(len <= 4 || runtime·mcmp((byte*)s, (byte*)"sys:", 4) != 0)
		return NDFLT;

	nsig = nil;
	sig = runtime·sigtab;
	for(i=0; i < NSIG; i++) {
		if(runtime·strstr((byte*)s, (byte*)sig->name)) {
			nsig = sig;
			break;
		}
		sig++;
	}

	if(nsig == nil)
		return NDFLT;

	ureg = v;
	if(nsig->flags & SigPanic) {
		if(gp == nil || m->notesig == 0)
			goto Throw;

		// Save error string from sigtramp's stack,
		// into gsignal->sigcode0, so we can reliably
		// access it from the panic routines.
		if(len > ERRMAX)
			len = ERRMAX;
		runtime·memmove((void*)m->notesig, (void*)s, len);

		gp->sig = i;
		gp->sigpc = ureg->pc;

		// Only push runtime·sigpanic if ureg->pc != 0.
		// If ureg->pc == 0, probably panicked because of a
		// call to a nil func.  Not pushing that onto sp will
		// make the trace look like a call to runtime·sigpanic instead.
		// (Otherwise the trace will end at runtime·sigpanic and we
		// won't get to see who faulted.)
		if(ureg->pc != 0) {
			sp = (uintptr*)ureg->sp;
			*--sp = ureg->pc;
			ureg->sp = (uint32)sp;
		}
		ureg->pc = (uintptr)runtime·sigpanic;
		return NCONT;
	}

	if(!(nsig->flags & SigThrow))
		return NDFLT;

Throw:
	runtime·startpanic();

	runtime·printf("%s\n", s);
	runtime·printf("PC=%X\n", ureg->pc);
	runtime·printf("\n");

	if(runtime·gotraceback()) {
		runtime·traceback((void*)ureg->pc, (void*)ureg->sp, 0, gp);
		runtime·tracebackothers(gp);
		runtime·dumpregs(ureg);
	}
	runtime·goexitsall("");
	runtime·exits(s);

	return 0;
}
int32
runtime·sighandler(void *v, int8 *s, G *gp)
{
	bool crash;
	Ureg *ureg;
	uintptr *sp;
	SigTab *sig, *nsig;
	intgo len, i;

	if(!s)
		return NCONT;
			
	len = runtime·findnull((byte*)s);
	if(len <= 4 || runtime·mcmp((byte*)s, (byte*)"sys:", 4) != 0)
		return NDFLT;

	nsig = nil;
	sig = runtime·sigtab;
	for(i=0; i < NSIG; i++) {
		if(runtime·strstr((byte*)s, (byte*)sig->name)) {
			nsig = sig;
			break;
		}
		sig++;
	}

	if(nsig == nil)
		return NDFLT;

	ureg = v;
	if(nsig->flags & SigPanic) {
		if(gp == nil || m->notesig == 0)
			goto Throw;

		// Copy the error string from sigtramp's stack into m->notesig so
		// we can reliably access it from the panic routines. We can't use
		// runtime·memmove here since it will use SSE instructions for big
		// copies. The Plan 9 kernel doesn't allow floating point in note
		// handlers.
		//
		// TODO(ality): revert back to memmove when the kernel is fixed.
		if(len >= ERRMAX)
			len = ERRMAX-1;
		for(i = 0; i < len; i++)
			m->notesig[i] = s[i];
		m->notesig[i] = '\0';

		gp->sig = i;
		gp->sigpc = ureg->pc;

		// Only push runtime·sigpanic if ureg->pc != 0.
		// If ureg->pc == 0, probably panicked because of a
		// call to a nil func.  Not pushing that onto sp will
		// make the trace look like a call to runtime·sigpanic instead.
		// (Otherwise the trace will end at runtime·sigpanic and we
		// won't get to see who faulted.)
		if(ureg->pc != 0) {
			sp = (uintptr*)ureg->sp;
			*--sp = ureg->pc;
			ureg->sp = (uint32)sp;
		}
		ureg->pc = (uintptr)runtime·sigpanic;
		return NCONT;
	}

	if(!(nsig->flags & SigThrow))
		return NDFLT;

Throw:
	m->throwing = 1;
	m->caughtsig = gp;
	runtime·startpanic();

	runtime·printf("%s\n", s);
	runtime·printf("PC=%X\n", ureg->pc);
	runtime·printf("\n");

	if(runtime·gotraceback(&crash)) {
		runtime·traceback(ureg->pc, ureg->sp, 0, gp);
		runtime·tracebackothers(gp);
		runtime·dumpregs(ureg);
	}
	
	if(crash)
		runtime·crash();

	runtime·goexitsall("");
	runtime·exits(s);

	return 0;
}
Exemple #5
0
/*=============================================================================
Function main

Purpose:  this is the main entry point of the program.  It verifies the DSA
          computations that Dr. Peterson showed us and then I use DSA on some
          text of my own.
          
Parameters:
          not used
          
Returns:  nothing, DSA is demonstrated
=============================================================================*/
int main(int argc, char *argv[]) {

  UL y[32], r[32], qminus1[32], fminus1[32], pminus1[32], temp1[32], temp2[32],
    one[32], kprime[32], s[32], hcopy[32], res1[32], res2[32], w[32], u1[32],
    u2[32], v[32], mykprime[32];

  UL hash[32], hashcopy[32];
  struct hash *texthash;

  /* make a one to work with */
  zeroUL(one,32);
  one[31] = 1;

  /* first demonstrate that Dr. Peterson's example works as shown */

  printf("=========================================================\n");
  printf("Verifying Dr. Peterson's results:\n\n");

  mexp(g,x,y,p); /* here we compute public key y */

  printf("Public key y is:\n");
  fprintUL(stdout,y,32);

  /* and now determine r */
  mexp(g,k,r,p);
  mmult(one,r,r,q);

  printf("r is:\n");
  fprintUL(stdout,r,32);

  /* now calculate kprime */
  copyUL(q,qminus1,32);
  copyUL(f,fminus1,32);
  copyUL(p,pminus1,32);
  msub(qminus1,one,p);
  msub(fminus1,one,p);
  msub(pminus1,one,p);

  mmult(qminus1,fminus1,temp1,p);

  msub(temp1,one,p);

  mexp(k,temp1,kprime,q);

  printf("k' is:\n");
  fprintUL(stdout,kprime,32);

  /* now we get the s */
  mmult(x,r,temp1,q);
  madd(temp1,h,q);

  mmult(kprime,temp1,s,q);

  printf("s is:\n");
  fprintUL(stdout,s,32);

  /* calculate w=sprime */
  mmult(qminus1,fminus1,temp1,p);
  msub(temp1,one,p);
  
  mexp(s,temp1,w,q);

  printf("w is:\n");
  fprintUL(stdout,w,32);

  /* calculate u1 */
  mmult(h,w,u1,q);

  printf("u1 is:\n");
  fprintUL(stdout,u1,32);

  /* calculate u2 */
  mmult(r,w,u2,q);

  printf("u2 is:\n");
  fprintUL(stdout,u2,32);

  /* now calculate v */
  mexp(g,u1,temp1,p);
  mexp(y,u2,temp2,p);
  mmult(temp1,temp2,temp1,p);

  mmult(one,temp1,v,q);
                     
  printf("v is:\n");
  fprintUL(stdout,v,32);

  if (mcmp(r,v)==0)
    printf("v==r, Signature verifies!\n");
  else
    printf("v!=r, Signature does not verify!\n");
  printf("=========================================================\n\n");

  printf("Now working on some text of my own, I will sign the hash.\n\n");

  /* first get the hash we are going to sign */
  texthash = (struct hash *)malloc(sizeof(struct hash));

  sha1Mem(stuff,strlen(stuff),texthash);

  zeroUL(hash,32);
  hash[31] = texthash->H4;
  hash[30] = texthash->H3;
  hash[29] = texthash->H2;
  hash[28] = texthash->H1;
  hash[27] = texthash->H0;

  printf("Hash that we will sign:\n");
  fprintUL(stdout,hash,32);

  printf("Determining if chosen myk is relatively prime to q...\n");
  
  mexp(myk,qminus1,temp1,q);

  if (mcmp(temp1,one)==0)
    printf("myk is relatively prime to q!\n\n");
  else {
    printf("Chosen myk is not relatively prime to q, please \
            choose another myk.\n");
    exit(0);
  }

  mexp(g,x,y,p); /* here we compute public key y */

  printf("Public key y is:\n");
  fprintUL(stdout,y,32);

  /* and now determine r */
  mexp(g,myk,r,p);
  mmult(one,r,r,q);

  printf("r is:\n");
  fprintUL(stdout,r,32);

  /* calculate mykprime */
  copyUL(qminus1,temp1,32);
  msub(temp1,one,q);
  mexp(myk,temp1,mykprime,q);

  /* calculate s */
  mmult(x,r,temp1,q);
  madd(temp1,hash,q);

  mmult(mykprime,temp1,s,q);

  printf("s is:\n");
  fprintUL(stdout,s,32);

  /* calculate w=sprime */
  mmult(qminus1,fminus1,temp1,p);
  msub(temp1,one,p);
  
  mexp(s,temp1,w,q);

  printf("w is:\n");
  fprintUL(stdout,w,32);

  /* calculate u1 */
  mmult(hash,w,u1,q);

  printf("u1 is:\n");
  fprintUL(stdout,u1,32);

  /* calculate u2 */
  mmult(r,w,u2,q);

  printf("u2 is:\n");
  fprintUL(stdout,u2,32);

  /* now calculate v */
  mexp(g,u1,temp1,p);
  mexp(y,u2,temp2,p);
  mmult(temp1,temp2,temp1,p);

  mmult(one,temp1,v,q);
                     
  printf("v is:\n");
  fprintUL(stdout,v,32);

  if (mcmp(r,v)==0)
    printf("v==r, Signature verifies!\n");
  else
    printf("v!=r, Signature does not verify!\n");

}
Exemple #6
0
int imp_key (char *kf, char *kp, char gen_hdr, FILE *gen_fd)
{
    CUSTOMER_SEC_INTER cust;
    uchar *r0,*r1,*r2;    
    uchar line[300];    

    /* ------------------------------------- */
    /* import key                            */
    /* ------------------------------------- */    
    FILE *key_fd = fopen(kf,"r");        
    if(key_fd == 0)
    {    
        MSG("[%s] %s not found\n",MOD,kf);
        return -1;
    }
    else
    {
        while(fgets(line,300,key_fd) != NULL)
        {
            r0 = strtok(line," ");
            r1 = strtok(NULL, " ");
            r2 = strtok(NULL, " \n");

            /* ------------------------------------- */
            /* parse key                             */
            /* ------------------------------------- */            
            if ( 0 == mcmp(r0,CUSTOM_RSA_N,strlen(CUSTOM_RSA_N)))
            {
                MSG("[%s] import CUSTOM_RSA_N\n",MOD);
                
                mcpy(cust.key_rsa_n,r2+PREFIX_SIZE,sizeof(cust.key_rsa_n));    

                /* ------------------------------------- */
                /* write key to generated header file    */
                /* ------------------------------------- */                
                if (TRUE == gen_hdr)                
                {
                    fwrite ("#define ",1,strlen("#define "),gen_fd);      
                    fwrite (kp,1,strlen(kp),gen_fd); 
                    fwrite ("_",1,strlen("_"),gen_fd); 
                    fwrite (CUSTOM_RSA_N,1,strlen(CUSTOM_RSA_N),gen_fd);                     
                    fwrite (" \"",1,strlen(" \""),gen_fd);            
                    fwrite (cust.key_rsa_n,1,sizeof(cust.key_rsa_n),gen_fd);      
                    fwrite ("\"\n",1,strlen("\"\n"),gen_fd);                   
                }
            }

            else if ( 0 == mcmp(r0,CUSTOM_RSA_D,strlen(CUSTOM_RSA_D)))
            {
                MSG("[%s] import CUSTOM_RSA_D\n",MOD);
                
                mcpy(cust.key_rsa_d,r2+PREFIX_SIZE,sizeof(cust.key_rsa_d));    
            }

            else if ( 0 == mcmp(r0,CUSTOM_RSA_E,strlen(CUSTOM_RSA_E)))
            {
                MSG("[%s] import CUSTOM_RSA_E\n",MOD);
                
                mcpy(cust.key_rsa_e,r2+PREFIX_SIZE,sizeof(cust.key_rsa_e));    

                /* ------------------------------------- */
                /* write rsa key to generate header file */
                /* ------------------------------------- */                
                if (TRUE == gen_hdr)                
                {                
                    fwrite ("#define ",1,strlen("#define "),gen_fd);      
                    fwrite (kp,1,strlen(kp),gen_fd); 
                    fwrite ("_",1,strlen("_"),gen_fd); 
                    fwrite (CUSTOM_RSA_E,1,strlen(CUSTOM_RSA_E),gen_fd);      
                    fwrite (" \"",1,strlen(" \""),gen_fd);
                    fwrite (cust.key_rsa_e,1,sizeof(cust.key_rsa_e),gen_fd);      
                    fwrite ("\"\n",1,strlen("\"\n"),gen_fd);   
                }
            }
            else
            {
                MSG("[%s] %s format error\n",MOD,kf);
                return -1;        
            }            
        }
    }

    /* ------------------------------------- */
    /* initialize internal crypto engine     */
    /* ------------------------------------- */    
    cust_init_key(cust.key_rsa_n, sizeof(cust.key_rsa_n),
                    cust.key_rsa_d, sizeof(cust.key_rsa_d),
                    cust.key_rsa_e, sizeof(cust.key_rsa_e));

    /* close key file */
    fclose (key_fd);    

    return 0;
}
Exemple #7
0
int gen_hdr (char *cfg_name, char *hdr_name, char* img_name, char *hs_name)
{
    SEC_IMG_HEADER sec = {0};
    uchar *r0,*r1,*r2;    
    uchar line[300];    
    SEC_EXTENTION_CFG *p_ext_cfg = (SEC_EXTENTION_CFG *)get_ext_cfg();    
    bool b_ext_offset[MAX_VERITY_COUNT] = {0};
    bool b_ext_length[MAX_VERITY_COUNT] = {0};
    unsigned int tmp, i;

    p_ext_cfg->chunk_size = SEC_CHUNK_SIZE_ZERO;
    /* ------------------------------------- */
    /* open image config file                */
    /* ------------------------------------- */    
    FILE *config_fd = fopen(cfg_name,"r");        
    
    if(config_fd == 0)
    {    
        MSG("[%s] %s not found\n",MOD,cfg_name);
        return -1;
    }
    else
    {
        while(fgets(line,300,config_fd) != NULL)
        {
            r0 = strtok(line," ");
            r1 = strtok(NULL, " ");
            r2 = strtok(NULL, " \n");

            /* ------------------------------------- */
            /* parse image config                    */
            /* ------------------------------------- */
            if ( 0 == mcmp(r0,CUSTOM_NAME,strlen(CUSTOM_NAME)))
            {
                if(0 == mcmp(r2,"NULL",strlen("NULL")))
                {
                    MSG("[%s] empty customer name '%s'\n",MOD,r2);
                    memset(sec.cust_name,0,sizeof(sec.cust_name));  
                }
                else
                {
                    mcpy(sec.cust_name,r2,sizeof(sec.cust_name));    
                }
            }
            else if ( 0 == mcmp(r0,IMAGE_VERSION,strlen(IMAGE_VERSION)))
            {
                sec.img_ver = atoi(r2);
            }
            else if ( 0 == mcmp(r0,VERIFY_OFFSET,strlen(VERIFY_OFFSET)))
            {
                if (strlen(VERIFY_OFFSET) != strlen(r0))
                {
                    sscanf(r0, "VERIFY_OFFSET[%d]", &tmp);
                    p_ext_cfg->verify_offset[tmp] = atoi(r2);
                    b_ext_offset[tmp] = TRUE;
                    MSG("[%s] VERIFY_OFFSET[%d]=%d\n",MOD, tmp, p_ext_cfg->verify_offset[tmp]);
                }
                else
                {
                    sec.s_off = atoi(r2);
                }
            }
            else if ( 0 == mcmp(r0,VERIFY_LENGTH,strlen(VERIFY_LENGTH)))
            {
                if (strlen(VERIFY_LENGTH) != strlen(r0))
                {
                    sscanf(r0, "VERIFY_LENGTH[%d]", &tmp);
                    p_ext_cfg->verify_length[tmp] = atoi(r2);
                    b_ext_length[tmp] = TRUE;
                    MSG("[%s] VERIFY_LENGTH[%d]=%d\n",MOD, tmp, p_ext_cfg->verify_length[tmp]);
                }
                else
                {
                    sec.s_len = atoi(r2);   
                }       
            }
            else if ( 0 == mcmp(r0,VERIFY_COUNT,strlen(VERIFY_COUNT)))
            {
                p_ext_cfg->verify_count = atoi(r2);
                set_hdr_version(SEC_HDR_V3);
                MSG("[%s] VERIFY_COUNT=%d\n",MOD, p_ext_cfg->verify_count);
            }
            else if ( 0 == mcmp(r0,CHUNK_SIZE,strlen(CHUNK_SIZE)))
            {
                p_ext_cfg->chunk_size = atoi(r2);
                MSG("[%s] CHUNK_SIZE=%d\n",MOD, p_ext_cfg->chunk_size);
            }
            else if (';' == r0[0])
            {
    
            }
            else if (NULL == r1)
            {
    
            }            
            else
            {
                MSG("[%s] %s format error\n",MOD,cfg_name);
                return -1;        
            }            
        }

        /* check config format for v3 */
        if( is_hdr_version3() )
        {
            for(i=0 ; i<p_ext_cfg->verify_count ; i++)
            {
                if( !b_ext_offset[i] || !b_ext_length[i])
                {
                    MSG("[%s] %s config setting error\n",MOD,cfg_name);
                    return -1;    
                }
            }
        }
    }

    /* ------------------------------------- */
    /* fill and write header                 */
    /* ------------------------------------- */  
    COMPILE_ASSERT(SEC_IMG_HDR_SZ == sizeof(sec));
    
    FILE *hdr_fd = fopen(hdr_name,"wb");

    /* config common part */
    FILE *img_fd = fopen(img_name,"r"); 
    if(img_fd == 0)
    {
        MSG("[%s] %s not found\n",MOD,img_name);
        goto img_err;
    }    
    fseek(img_fd, 0, SEEK_END);
    sec.img_len = ftell(img_fd);
    fclose(img_fd);
    sec.magic_num = SEC_IMG_MAGIC;
    sec.img_off = SEC_IMG_HDR_SZ;
    sec.sig_off = sec.img_off + sec.img_len;

    if( is_hdr_version3() )
    {
        /* config header for v3 */
        if(config_header_v3_chk(&sec))
            goto check_err;
    }
    else
    {
        /* config header for v1 and v2 */
        if(config_header_v1_v2_chk(&sec))
            goto check_err;
    }
    

    /* ------------------------------------- */
    /* write to image                        */
    /* ------------------------------------- */    
    fwrite (&sec, 1 , sizeof(sec) , hdr_fd);      

    /* ------------------------------------- */
    /* dump information                      */
    /* ------------------------------------- */    
    MSG("[%s] hdr.magic_num     = 0x%x\n",MOD,sec.magic_num,sec.magic_num);
    MSG("[%s] hdr.cust_name     = %s\n",MOD,sec.cust_name); 
    MSG("[%s] hdr.img_ver       = %d (0x%x)\n",MOD,sec.img_ver,sec.img_ver);     
    MSG("[%s] hdr.img_off       = %d (0x%x)\n",MOD,sec.img_off,sec.img_off);     
    MSG("[%s] hdr.img_len       = %d (0x%x)\n",MOD,sec.img_len,sec.img_len);     
    MSG("[%s] hdr.sign_off      = %d (0x%x)\n",MOD,sec.s_off,sec.s_off);     
    MSG("[%s] hdr.sign_len      = %d (0x%x)\n",MOD,sec.s_len,sec.s_len);     
    MSG("[%s] hdr.hs_off        = %d (0x%x)\n",MOD,sec.sig_off,sec.sig_off);         
    MSG("[%s] hdr.hs_len        = %d (0x%x)\n",MOD,sec.sig_len,sec.sig_len);                

img_err:
check_err:
    /* close header file */
    fclose (hdr_fd);        
    
    return 0;
}
/******************************************************************************
 *  SECCFG VERSION CHECK
 ******************************************************************************/
int seccfg_ver_verify (void)
{
    int ret = SEC_OK;

    /* ----------------------------------- */
    /* check seccfg magic                  */
    /* ----------------------------------- */    
    if(SEC_CFG_MAGIC_NUM != seccfg.v1.magic_number)
    {                
        ret = ERR_SEC_CFG_MAGIC_INVALID;
        goto _end;        
    }

    /* ----------------------------------- */
    /* check seccfg version                */
    /* ----------------------------------- */    
    switch(get_seccfg_ver())
    {
        case SECCFG_V1:
        case SECCFG_V1_2:
            SMSG(true,"[%s] seccfg id = %s\n",MOD,seccfg.v1.id);
            
            if(0 != mcmp(seccfg.v1.id,SEC_CFG_BEGIN,SEC_CFG_BEGIN_LEN))
            {
                ret = ERR_SEC_CFG_INVALID_ID;
                goto _end;
            }            

            SMSG(true,"[%s] seccfg end pattern = 0x%x\n",MOD,seccfg.v1.end_pattern);

            if(SEC_CFG_END_PATTERN != seccfg.v1.end_pattern)
            {
                ret = ERR_SEC_CFG_INVALID_END_PATTERN;
                goto _end;
            } 
            
            break;            
            
        case SECCFG_V3:
            SMSG(true,"[%s] seccfg id = %s\n",MOD,seccfg.v3.id);
            
            if(0 != mcmp(seccfg.v3.id,SEC_CFG_BEGIN,SEC_CFG_BEGIN_LEN))
            {
                ret = ERR_SEC_CFG_INVALID_ID;
                goto _end;
            }            

            SMSG(true,"[%s] seccfg end pattern = 0x%x\n",MOD,seccfg.v3.end_pattern);

            if(SEC_CFG_END_PATTERN != seccfg.v3.end_pattern)
            {
                ret = ERR_SEC_CFG_INVALID_END_PATTERN;
                goto _end;
            } 

            break;
        default:

            ret = ERR_SEC_CFG_VERSION_INVALID;
            goto _end;           
    }    

_end:

    return ret;
}
Exemple #9
0
int sec_aes_import_key(void)
{
    int ret = SEC_OK;
    uchar key[AES_KEY_SIZE] = {0};    
    AES_VER aes_ver = AES_VER_LEGACY; 
    uint32 key_len = 0;    

    /* avoid re-init aes key
       if re-init key again, key value will be decoded twice ..*/
    if(TRUE == bAesKeyInit)
    {
        SMSG("[%s] reset aes vector\n",MOD);
        /* initialize internal crypto engine */    
        if(SEC_OK != (ret = lib_aes_init_vector (rom_info.m_SEC_CTRL.m_sec_aes_legacy?(AES_VER_LEGACY):(AES_VER_SO))))
        {
            goto _end;
        }
        return ret;
    }

    bAesKeyInit = TRUE;        
    
    if(0 != mcmp(rom_info.m_id,RI_NAME,RI_NAME_LEN))
    {
        SMSG("[%s] error. key not found\n",MOD);
        ret = ERR_AES_KEY_NOT_FOUND;
        goto _end;
    }


    /* -------------------------- */
    /* check aes type             */
    /* -------------------------- */
    if(TRUE == rom_info.m_SEC_CTRL.m_sec_aes_legacy)
    {
        aes_ver = AES_VER_LEGACY;
        key_len = 32;        
    }
    else
    {
        aes_ver = AES_VER_SO;
        key_len = 16;        
    }


    /* -------------------------- */
    /* get sml aes key            */
    /* -------------------------- */    
    if(FALSE == rom_info.m_SEC_CTRL.m_sml_aes_key_ac_en)
    {
        sec_decode_key(     rom_info.m_SEC_KEY.sml_aes_key, 
                            sizeof(rom_info.m_SEC_KEY.sml_aes_key), 
                            rom_info.m_SEC_KEY.crypto_seed, 
                            sizeof(rom_info.m_SEC_KEY.crypto_seed));    
        dump_buf(rom_info.m_SEC_KEY.sml_aes_key,4);
        mcpy(key,rom_info.m_SEC_KEY.sml_aes_key,sizeof(key));    
    }
    else 
    {
        SMSG("\n[%s] AC enabled\n",MOD);  
        dump_buf(secroimg.m_andro.sml_aes_key,4);
        sec_decode_key(     secroimg.m_andro.sml_aes_key, 
                            sizeof(secroimg.m_andro.sml_aes_key), 
                            (uchar*)SML_SCRAMBLE_SEED, 
                            sizeof(SML_SCRAMBLE_SEED));
        dump_buf(secroimg.m_andro.sml_aes_key,4);                            
        mcpy(key,secroimg.m_andro.sml_aes_key,sizeof(key));
    }

    /* initialize internal crypto engine */    
    if(SEC_OK != (ret = lib_aes_init_key (key,key_len,aes_ver)))
    {
        goto _end;
    }
    
_end:

    return ret;
}