int SignatureSave(SECURITY_INFO *pBufferAddr) { int ret=-1; int ret_bk =-1; unsigned int u32SigOffset = 0; unsigned int u32SigBkOffset = 0; unsigned int u32SecuritySize= 0; UBOOT_TRACE("IN\n"); //Here, we check the CRC of SECUREITY_INFO, and the check range is from "pBufferAddr->data" to "pBufferAddr->data_interleave" u32SecuritySize = sizeof(_SECURITY_INFO_DATA) * NUMBER_OF_SECURE_INFO; if(pBufferAddr==NULL) { UBOOT_ERROR("The input parameter pBufferAddr' is a null pointer\n"); return -1; } ret = raw_io_config(FLASH_DEFAULT_TARGET,FLASH_DEFAULT_PARTITION,FLASH_DEFAULT_VOLUME); if(ret != 0) { UBOOT_ERROR("raw_io_config setting fail!\n"); return -1; } ret = get_signature_offset(&u32SigOffset,&u32SigBkOffset); if(ret != 0) { UBOOT_ERROR("get_signature_offset fail!\n"); return -1; } UBOOT_DEBUG("u32SigOffset : 0x%x\n",u32SigOffset); UBOOT_DEBUG("u32SigBkOffset : 0x%x\n",u32SigBkOffset); // update CRC pBufferAddr->crc = crc32(0, (unsigned char const *)&pBufferAddr->data,u32SecuritySize); ret = raw_write((unsigned int)pBufferAddr,u32SigOffset,sizeof(SECURITY_INFO)); ret_bk = raw_write((unsigned int)pBufferAddr,u32SigBkOffset,sizeof(SECURITY_INFO)); if(EN_SUCCESS == ret || EN_SUCCESS == ret_bk) { UBOOT_DEBUG("ret : %d , ret_bk : %d \n",ret,ret_bk); UBOOT_TRACE("OK\n"); ret = 0; } else { ret= -1; UBOOT_ERROR("SignatureSave fail\n"); } return ret; }
/** * Given the file name of a signed boot image, verifies the signature * @param image_file Name of the boot image file */ static int verify(const char *image_file) { BootSignature *bs = NULL; int fd = -1; int rc = 1; off64_t offset = 0; if (!image_file) { return rc; } if ((fd = open(image_file, O_RDONLY | O_LARGEFILE)) == -1) { return rc; } if (get_signature_offset(fd, &offset) == -1) { goto out; } if (read_signature(fd, offset, &bs) == -1) { goto out; } if (validate_signature_block(bs, offset) == -1) { goto out; } if (verify_signature(fd, offset, bs) == -1) { goto out; } printf("Signature is VALID\n"); rc = 0; out: if (bs) { BootSignature_free(bs); } if (fd != -1) { close(fd); } return rc; }
int SignatureLoad(SECURITY_INFO *pBufferAddr) { int ret = -1; int flag1=0, flag2=0; unsigned int u32SigOffset = 0; unsigned int u32SigBkOffset = 0; unsigned int u32SecuritySize= 0; UBOOT_TRACE("IN\n"); //Here, we check the CRC of SECUREITY_INFO, and the check range include "pBufferAddr->data" and "pBufferAddr->data_interleave" u32SecuritySize = sizeof(_SECURITY_INFO_DATA) * NUMBER_OF_SECURE_INFO; if(pBufferAddr==NULL) { UBOOT_ERROR("The input parameter pBufferAddr' is a null pointer\n"); return -1; } ret = raw_io_config(FLASH_DEFAULT_TARGET,FLASH_DEFAULT_PARTITION,FLASH_DEFAULT_VOLUME); if(ret != 0) { UBOOT_ERROR("raw_io_config setting fail!\n"); return -1; } ret = get_signature_offset(&u32SigOffset,&u32SigBkOffset); if(ret != 0) { UBOOT_ERROR("get_signature_offset fail!\n"); return -1; } ret = raw_read((unsigned int)pBufferAddr,u32SigOffset,sizeof(SECURITY_INFO)); if( (EN_SUCCESS == ret) && (pBufferAddr->crc == crc32(0, (unsigned char const *)&pBufferAddr->data,u32SecuritySize)) ) flag1=1; ret = raw_read((unsigned int)pBufferAddr,u32SigBkOffset,sizeof(SECURITY_INFO)); if( (EN_SUCCESS == ret) && (pBufferAddr->crc == crc32(0, (unsigned char const *)&pBufferAddr->data,u32SecuritySize)) ) flag2=1; if( (flag2==0) && (flag1!=0) ) { ret = raw_read((unsigned int)pBufferAddr,u32SigOffset,sizeof(SECURITY_INFO)); if( (EN_SUCCESS == ret) && (pBufferAddr->crc == crc32(0, (unsigned char const *)&pBufferAddr->data,u32SecuritySize))) { ret = raw_write((unsigned int)pBufferAddr,u32SigBkOffset,sizeof(SECURITY_INFO)); } else { UBOOT_ERROR("raw_read fail or caculate crc fail!\n"); return -1; } } if((flag1==0)&&(flag2!=0)) { ret = raw_write((unsigned int)pBufferAddr,u32SigOffset,sizeof(SECURITY_INFO)); } if(EN_SUCCESS == ret) { ret=0; UBOOT_TRACE("OK\n"); } else { ret=-1; UBOOT_ERROR("SignatureLoad fail\n"); } return ret; }