Пример #1
0
/**************************************************************************
 *  FUNCTION To Get Extension Length
 **************************************************************************/
unsigned int sec_signfmt_get_extension_length_v3(SECURE_IMG_INFO_V3 *img_if, ASF_FILE fp, SEC_IMG_HEADER *file_img_hdr)
{
    /* the extension include signature + hash + extension header */

    uint32 file_size = 0;
        
    /* get from seccfg's extension header */
    if (ASF_FILE_NULL == fp)
    {
        return img_if->ext_len;
    }
    /* get from file's extension header */
    else
    {
        ASF_SEEK_END(fp, 0);
        file_size = ASF_FILE_POS(fp);

        return (file_size-SEC_IMG_HEADER_SIZE-file_img_hdr->image_length);
    }
}
/**************************************************************************
 *  FUNCTION To Get Extension Length
 **************************************************************************/
unsigned int sec_signfmt_get_extension_length_v4(SECURE_IMG_INFO_V3 *img_if, ASF_FILE fp, SEC_IMG_HEADER *file_img_hdr_p)
{
    /* the extension include signature + hash + extension header */

    u64 file_size = 0;
    SEC_IMG_HEADER_V4 *file_img_hdr = (SEC_IMG_HEADER_V4*)file_img_hdr_p;
        
    /* get from seccfg's extension header */
    if (ASF_FILE_NULL == fp)
    {
        return img_if->ext_len;
    }
    /* get from file's extension header */
    else
    {
        ASF_SEEK_END(fp, 0);
        file_size = ASF_FILE_POS(fp);

        file_size -= SEC_IMG_HEADER_SIZE;
        file_size -= sec_get_u64(file_img_hdr->image_length_high,file_img_hdr->image_length_low);

        return (file_size & 0xFFFFFFFF);
    }
}
Пример #3
0
/**************************************************************************
 *  FUNCTIONS To Verify File
 **************************************************************************/
int sec_signfmt_verify_file_v3(ASF_FILE fp, SEC_IMG_HEADER *img_hdr)
{
    uint32 ret = SEC_OK;
    uint32 final_hash_sig_len = 0;
    uchar *final_hash_sig_buf = NULL;
    uint32 read_sz = 0;
    SEC_IMG_EXTENSTION_SET ext_set;
    uint32 ext_hdr_offset = 0;
    uint32 ext_hdr_len = 0;
    uchar *ext_hdr_buf = NULL;
    uint32 file_size = 0;
    uint32 hash_size = 0;
    uint32 sig_size = 0;
    uint32 i = 0;
    uchar *cal_hash_buf = NULL;
    uint32 cal_hash_buf_len = 0;
    uchar *tmp_ptr = NULL;
    uchar *verify_data = NULL;
    uint32 verify_data_len = 0;
    uint32 real_chunk_size = 0;
    
    /* ======================== */
    /* init check */
    /* ======================== */
#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump header ============> START\n",MOD); 
    sec_signfmt_dump_buffer((uchar*)img_hdr,sizeof(SEC_IMG_HEADER)); 
    SMSG(sec_info.bMsg,"[%s] Dump header ============> END\n",MOD); 
#endif

    if (SEC_IMG_MAGIC != img_hdr->magic_number)
    {
        SMSG(true,"[%s] magic number is invalid '0x%x'\n",MOD,img_hdr->magic_number);
        ret = ERR_SIGN_FORMAT_MAGIC_WRONG;
        goto _magic_wrong_err;
    }

    if (SEC_EXTENSION_MAGIC != img_hdr->sign_offset)
    {
        SMSG(true,"[%s] extension magic number is invalid '0x%x'\n",MOD,img_hdr->sign_offset);
        ret = ERR_SIGN_FORMAT_MAGIC_WRONG;
        goto _magic_wrong_err;
    }
    
    /* ======================== */
    /* locate final signature and hash */
    /* ======================== */
    final_hash_sig_len = img_hdr->signature_length;
    final_hash_sig_buf = (uchar*)ASF_MALLOC(final_hash_sig_len);
    if (NULL == final_hash_sig_buf)
    {
        ret = ERR_FS_READ_BUF_ALLOCATE_FAIL;
        goto _malloc_hash_sig_fail;
    }
    ASF_SEEK_SET(fp, img_hdr->signature_offset);

    if (final_hash_sig_len != (read_sz = ASF_READ(fp, final_hash_sig_buf, final_hash_sig_len)))
    {
        SMSG(true,"[%s] read size '%d' != '%d'\n",MOD,read_sz,final_hash_sig_len);
        ret = ERR_FS_READ_SIZE_FAIL;
        goto _read_hash_sig_fail;
    }

#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump sign and hash value ============> START\n",MOD); 
    sec_signfmt_dump_buffer(final_hash_sig_buf,final_hash_sig_len); 
    SMSG(sec_info.bMsg,"[%s] Dump sign and hash value ============> END\n",MOD); 
#endif

    /* read file size */
    ASF_SEEK_END(fp, 0);
    file_size = ASF_FILE_POS(fp);

    /* ======================== */
    /* search for extension header */
    /* ======================== */
    memset(&ext_set, 0x00, sizeof(SEC_IMG_EXTENSTION_SET));
    ext_hdr_offset = SEC_IMG_HEADER_SIZE + img_hdr->image_length + img_hdr->signature_length;
    ext_hdr_len = file_size - ext_hdr_offset;
    ext_hdr_buf = (uchar*)ASF_MALLOC(ext_hdr_len);
    if (NULL == ext_hdr_buf)
    {
        ret = ERR_FS_READ_BUF_ALLOCATE_FAIL;
        goto _malloc_ext_hdr_fail;
    }
    ASF_SEEK_SET(fp, ext_hdr_offset);

    if (ext_hdr_len != (read_sz = ASF_READ(fp, ext_hdr_buf, ext_hdr_len)))
    {
        SMSG(true,"[%s] read size '%d' != '%d'\n",MOD,read_sz,ext_hdr_len);
        ret = ERR_FS_READ_SIZE_FAIL;
        goto _read_ext_hdr_fail;
    }
    if( SEC_OK != (ret = sec_signfmt_search_extension(ext_hdr_buf, ext_hdr_len, &ext_set)) )
    {
        SMSG(true,"[%s] Image extension header not found\n",MOD); 
        goto _ext_hdr_search_fail;
    }

    hash_size = get_hash_size((SEC_CRYPTO_HASH_TYPE)ext_set.crypto->hash_type);
    sig_size = get_signature_size((SEC_CRYPTO_SIGNATURE_TYPE)ext_set.crypto->sig_type);

#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump ext hash value ============> START\n",MOD); 
    for(i=0;i<ext_set.frag->frag_count;i++)
    {
        SMSG(sec_info.bMsg,"[%s] Dump EXT hash [%d]\n",MOD,i);
        sec_signfmt_dump_buffer(ext_set.hash_only[i]->hash_data,hash_size);
    }
    SMSG(sec_info.bMsg,"[%s] Dump ext hash value ============> END\n",MOD); 
#endif

    /* ======================== */
    /* calculate each hash by chunk */
    /* ======================== */
    cal_hash_buf_len = hash_size*ext_set.frag->frag_count;
    cal_hash_buf = (uchar*)ASF_MALLOC(cal_hash_buf_len);
    if (NULL == cal_hash_buf)
    {
        ret = ERR_FS_READ_BUF_ALLOCATE_FAIL;
        goto _malloc_cal_buf_fail;
    }
    memset(cal_hash_buf, 0x00, cal_hash_buf_len);
#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] dump reset data\n",MOD); 
    sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len);
#endif    
    tmp_ptr = cal_hash_buf;
#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Total cal hash length is %d\n",MOD,cal_hash_buf_len); 
#endif
    for(i=0;i<ext_set.frag->frag_count;i++)
    {
        memset(tmp_ptr, 0x00, hash_size);
        if(ext_set.frag->chunk_size == 0)
        {
            real_chunk_size = ext_set.hash_only[i]->hash_len;
        }
        else
        {
            real_chunk_size = ext_set.frag->chunk_size;
        } 
        if(sec_signfmt_gen_hash_by_chunk(fp, NULL, SEC_IMG_HEADER_SIZE+ext_set.hash_only[i]->hash_offset, ext_set.hash_only[i]->hash_len,
            tmp_ptr, ext_set.hash_only[i]->sub_type, real_chunk_size)!=0)
        {
            ret = ERR_SIGN_FORMAT_CAL_HASH_BY_CHUNK_FAIL;
            goto _gen_hash_by_chunk_fail;
        }

#if DUMP_MORE_FOR_DEBUG        
        SMSG(sec_info.bMsg,"[%s] Dump CAL hash right after: [%d], offset is 0x%x\n",MOD,i,tmp_ptr);
        sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len);
#endif
        tmp_ptr += hash_size;
    }

#if DUMP_MORE_FOR_DEBUG        
    SMSG(sec_info.bMsg,"[%s] Dump CAL hash right after all done, offset is 0x%x\n",MOD,tmp_ptr);
    sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len);
#endif


#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump cal hash value ============> START\n",MOD); 
    tmp_ptr = cal_hash_buf;
    for(i=0;i<ext_set.frag->frag_count;i++)
    {
        SMSG(sec_info.bMsg,"[%s] Dump CAL hash [%d]\n",MOD,i);
        sec_signfmt_dump_buffer(tmp_ptr,hash_size);
        tmp_ptr += hash_size;
    }
    SMSG(sec_info.bMsg,"[%s] Dump cal hash value ============> END\n",MOD); 
#endif

    /* ======================== */
    /* compose final verify buffer */
    /* ======================== */
    verify_data_len = SEC_IMG_HEADER_SIZE+cal_hash_buf_len+ext_hdr_len;
    verify_data = (uchar*)ASF_MALLOC(verify_data_len);
    if (NULL == cal_hash_buf)
    {
        ret = ERR_FS_READ_BUF_ALLOCATE_FAIL;
        goto _malloc_verify_buf_fail;
    }
    tmp_ptr = verify_data;
    /* copy header */
    mcpy(tmp_ptr,img_hdr,SEC_IMG_HEADER_SIZE);
    tmp_ptr += SEC_IMG_HEADER_SIZE;
    /* copy cal hash */
    for(i=0;i<ext_set.frag->frag_count;i++)
    {
        mcpy(tmp_ptr,cal_hash_buf+i*hash_size,hash_size);
        tmp_ptr += hash_size;
    }
    /* copy extension header */
    mcpy(tmp_ptr,ext_hdr_buf,ext_hdr_len);

#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump verify data (%d):\n",MOD,verify_data_len); 
    sec_signfmt_dump_buffer(verify_data,verify_data_len); 
#endif
#if DUMP_MORE_FOR_DEBUG
    SMSG(sec_info.bMsg,"[%s] Dump signature data (%d):\n",MOD,sig_size); 
    sec_signfmt_dump_buffer(final_hash_sig_buf,sig_size); 
#endif

    osal_verify_lock();

    /* ======================== */
    /* verify buffer */
    /* ======================== */
    SMSG(sec_info.bMsg,"[%s] verify (lock)... \n",MOD);    
    if(SEC_OK != (ret = sec_verify(verify_data, verify_data_len, final_hash_sig_buf, sig_size )))
    {
        osal_verify_unlock();    
        SMSG(true,"[%s] verify fail (unlock), ret is %d\n\n",MOD,ret);
        goto _verify_fail;
    }        
    
    osal_verify_unlock();    

    SMSG(sec_info.bMsg,"[%s] verify pass (unlock)\n\n",MOD);

_verify_fail:
    ASF_FREE(verify_data);
_malloc_verify_buf_fail:
_gen_hash_by_chunk_fail:
    ASF_FREE(cal_hash_buf);
_malloc_cal_buf_fail:
_ext_hdr_search_fail:
_read_ext_hdr_fail:
    ASF_FREE(ext_hdr_buf);
_malloc_ext_hdr_fail:
_read_hash_sig_fail:
    ASF_FREE(final_hash_sig_buf);
_malloc_hash_sig_fail:
_magic_wrong_err:    

    return ret;
}