/************************************************************************************************** * @fn sblInit * * @brief Boot Loader initialization. * * input parameters * * None. * * output parameters * * None. * * @return TRUE if there is a valid RC image; FALSE otherwise. */ uint8 sblInit(void) { aesLoadKey(); #if defined AES_TEST_VECS uint8 checkSig[KEY_BLENGTH] = { 0xB9, 0xD7, 0x89, 0x67, 0x04, 0xBC, 0xFA, 0x20, 0xB2, 0x10, 0x36, 0x74, 0x45, 0xF9, 0x83, 0xD6 }; imgHdr.len = 1; while (1) { aesSignature(testSig); if (memcmp(testSig, checkSig, KEY_BLENGTH)) // If signature generated is not value expected. { ASM_NOP; } } #else SBL_READ_IMG_HDR(); return checkRC(); #endif }
/************************************************************************************************** * @fn checkRC * * @brief Check validity of the run-code image. * * input parameters * * None. * * output parameters * * None. * * @return TRUE or FALSE for image valid. */ static uint8 checkRC(void) { if ((imgHdr.crc[0] == 0) || (imgHdr.crc[0] == 0xFFFF)) { return FALSE; } if (SBL_SECURE && (imgHdr.crc[0] != imgHdr.crc[1]) && (imgHdr.crc[1] == 0xFFFF)) { uint8 pBuf[KEY_BLENGTH]; if (aesSignature(pBuf)) { uint8 sBuf[KEY_BLENGTH]; SBL_NVM_GET(SBL_ADDR_AES_HDR, sBuf, KEY_BLENGTH); if (!memcmp(sBuf, pBuf, KEY_BLENGTH)) { memset(pBuf, 0x00, KEY_BLENGTH); memset(sBuf, 0x00, KEY_BLENGTH); imgHdr.crc[1] = imgHdr.crc[0]; imgHdr.crc[0] = 0xFFFF; while (!HalAdcCheckVdd(VDD_MIN_NV)); SBL_NVM_SET(SBL_ADDR_CRC, imgHdr.crc, sizeof(imgHdr.crc)); SBL_READ_IMG_HDR(); } memset(sBuf, 0x00, KEY_BLENGTH); } memset(pBuf, 0x00, KEY_BLENGTH); } return (imgHdr.crc[0] == imgHdr.crc[1]); }
/************************************************************************************************** * @fn imgAuth * * @brief Run the AES CTR decryption over the image area specified. * @brief Run the AES CRC-MAC calculation over the image specified and set the image * ready-to-run if the Signature is verified. * * input parameters * * @param imgSel - Image select: 0 for Image-A and 1 for Image-B. * @param imgHdr - Pointer to the Image Header corresponding to the image select. * * output parameters * * None. * * @return TRUE if the image Signature verifies; FALSE otherwise. */ static uint8 imgAuth(uint8 imgSel, img_hdr_t *imgHdr) { if ((imgHdr->crc0 == 0) || (imgHdr->crc0 == 0xFFFF)) { return FALSE; } if (imgHdr->crc0 != imgHdr->crc1) { aesLoadKey(); aes_hdr_t aesHdr; HalFlashRead(ImgPageBeg[imgSel], BEM_AES_OSET, (uint8 *)&aesHdr, sizeof(aes_hdr_t)); // Image length in 3 bytes, MSB to LSB order - the Signature bytes are not to be included. uint32 imageLen = (uint32)HAL_FLASH_PAGE_SIZE * imgHdr->res[0] - KEY_BLENGTH; aesHdr.spare[0] = ((uint8 *)&imageLen)[0]; aesHdr.spare[1] = ((uint8 *)&imageLen)[1]; aesHdr.spare[2] = ((uint8 *)&imageLen)[2]; aesHdr.spare[3] = imgHdr->res[0]; if (aesSignature(imgSel, &aesHdr)) { uint16 crc[2] = { 0xFFFF, imgHdr->crc0 }; BEM_NVM_SET(ImgPageBeg[imgSel], (uint8 *)crc, 4); BEM_NVM_GET(ImgPageBeg[imgSel], (uint8 *)&imgHdr, 4); } } return (imgHdr->crc0 == imgHdr->crc1); }
/************************************************************************************************** * @fn procSignatureCmd * * @brief Run the AES CRC-MAC calculation over the RC image according to the * AES Control Block parameters and update the control block accordingly. * This is used as a tool for signing a binary image. * * input parameters * * None. * * output parameters * * @param pBuf - Pointer to the KEY_BLENGTH-byte buffer to hold the signature calculated. * * @return SBL_SUCCESS or SBL_FAILURE to indicate whether or not the Signature was calculated. */ static uint8 procSignatureCmd(void *pBuf) { uint8 sBuf[KEY_BLENGTH]; if (!SBL_SIGNER || !aesSignature(pBuf)) { return SBL_FAILURE; } SBL_NVM_GET(SBL_ADDR_AES_HDR, sBuf, KEY_BLENGTH); if (memcmp(sBuf, pBuf, KEY_BLENGTH)) { SBL_NVM_SET(SBL_ADDR_AES_HDR, pBuf, KEY_BLENGTH); SBL_NVM_GET(SBL_ADDR_AES_HDR, sBuf, KEY_BLENGTH); } signMode = TRUE; // Now the Signer must encrypt the PC Tool read back. return ((memcmp(sBuf, pBuf, KEY_BLENGTH) == 0) ? SBL_SUCCESS : SBL_FAILURE); }