int sec_auth (U8* d_buf, U32 d_len, U8* s_buf, U32 s_len) { //RSA1024 if(s_len == RSA1024_KEY_LENGTH) { U8 sha1_buf[SHA1_LENGTH_IN_BYTE] = {0}; if( sec_hash(d_buf, d_len, sha1_buf, SHA1_LENGTH_IN_BYTE) != 0 ) { return -1; } return -2; } //RSA2048 else if(s_len == RSA2048_KEY_LENGTH) { U8 sha256_buf[SHA256_LENGTH_IN_BYTE] = {0}; if( sec_hash(d_buf, d_len, sha256_buf, SHA256_LENGTH_IN_BYTE) != 0 ) { return -3; } return -4; } //If length is not supported, then go here directly return -5; }
int sec_verify (unsigned char * d_buf, unsigned int d_len, unsigned char * s_buf, unsigned int s_len) { //RSA1024 if(s_len == RSA1024_KEY_LENGTH) { unsigned char sha1_buf[SHA1_LENGTH_IN_BYTE] = {0}; if( sec_hash(d_buf, d_len, sha1_buf, SHA1_LENGTH_IN_BYTE) != 0 ) { return -1; } return -1; } //RSA2048 else if(s_len == RSA2048_KEY_LENGTH) { unsigned char sha256_buf[SHA256_LENGTH_IN_BYTE] = {0}; if( sec_hash(d_buf, d_len, sha256_buf, SHA256_LENGTH_IN_BYTE) != 0 ) { return -1; } return -1; } //If length is not supported, then go here directly return -1; }
static int sec_signfmt_gen_hash_by_chunk(ASF_FILE img_fd, char* part_name, uint32 img_hash_off, uint32 img_hash_len, uchar *final_hash_buf, SEC_CRYPTO_HASH_TYPE hash_type, uint32 chunk_size) { uint32 br = 0; uint32 ret = 0; uchar *chunk_buf = NULL; uchar *hash_tmp = NULL; uchar *hash_comb = NULL; uint32 seek_pos = 0; uint32 hash_size = get_hash_size(hash_type); #if DUMP_MORE_FOR_DEBUG uint32 chunk_count = ((img_hash_len-1)/chunk_size)+1; #endif uint32 read_size = 0; uint32 left_size = 0; if(!img_hash_len) { SMSG(true,"[%s] hash length is zero, no need to do hash\n",MOD); ret = -1; memset(final_hash_buf, 0x00, hash_size); goto end_error; } #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Hash size is %d (0x%x)\n",MOD, hash_size, hash_size); SMSG(sec_info.bMsg,"[%s] Offset is %d (0x%x)\n",MOD, img_hash_off, img_hash_off); SMSG(sec_info.bMsg,"[%s] Size is %d (0x%x)\n",MOD, img_hash_len, img_hash_len); SMSG(sec_info.bMsg,"[%s] Chunk size is %d (0x%x)\n",MOD, chunk_size, chunk_size); SMSG(sec_info.bMsg,"[%s] Chunk count is %d (0x%x)\n",MOD, chunk_count, chunk_count); #endif /* allocate hash buffer */ hash_tmp = ASF_MALLOC(hash_size); hash_comb = ASF_MALLOC(hash_size*2); memset(hash_tmp, 0x00, hash_size); memset(hash_comb, 0x00, hash_size*2); /* allocate buffer with known chunk size */ chunk_buf = ASF_MALLOC(chunk_size); /* caculate first hash */ seek_pos = img_hash_off; left_size = img_hash_len; read_size = (left_size>=chunk_size)?chunk_size:left_size; br = sec_signfmt_image_read(img_fd, part_name, seek_pos*sizeof(char), (char*)chunk_buf, read_size); if(br != read_size) { SMSG(true,"[%s] read image content fail, read offset = '0x%x'\n",MOD,seek_pos); ret = -2; goto end_error; } if( sec_hash(chunk_buf,read_size,hash_tmp,hash_size) == -1) { SMSG(true,"[%s] hash fail, offset is '0x%x'(A)\n",MOD,seek_pos); ret = -3; goto end_error; } #if DUMP_MORE_FOR_DEBUG /* ------------------------------------- */ /* dump hash value for debug */ /* ------------------------------------- */ SMSG(sec_info.bMsg,"[%s] Data value(4 bytes) ==>\n",MOD); sec_signfmt_dump_buffer(chunk_buf, 4); SMSG(sec_info.bMsg,"[%s] Hash value(single) (0x%x): \n",MOD, seek_pos); sec_signfmt_dump_buffer(hash_tmp, hash_size); #endif /* copy to compose buffer (first block) */ mcpy(hash_comb,hash_tmp,hash_size); /* move next */ seek_pos += read_size; left_size -= read_size; /* loop hash */ while(left_size) { /* load data */ read_size = (left_size>=chunk_size)?chunk_size:left_size; br = sec_signfmt_image_read(img_fd, part_name, seek_pos*sizeof(char), (char*)chunk_buf, read_size); if(br != read_size) { SMSG(true,"[%s] read image content fail, read offset = '0x%x'\n",MOD,seek_pos); ret = -4; goto end_error; } /* caculate this hash */ if( sec_hash(chunk_buf,read_size,hash_tmp,hash_size) == -1) { SMSG(true,"[%s] hash fail, offset is '0x%x'(B)\n",MOD,seek_pos); ret = -5; goto end_error; } #if DUMP_MORE_FOR_DEBUG /* ------------------------------------- */ /* dump hash value for debug */ /* ------------------------------------- */ SMSG(sec_info.bMsg,"[%s] Data value(4 bytes) ==>\n",MOD); sec_signfmt_dump_buffer(chunk_buf, 4); SMSG(sec_info.bMsg,"[%s] Hash value(single) (0x%x): \n",MOD, seek_pos); sec_signfmt_dump_buffer(hash_tmp, hash_size); #endif /* compose two hash to buffer (second block) */ mcpy(hash_comb+hash_size,hash_tmp,hash_size); /* caculate compose hash */ if( sec_hash(hash_comb,hash_size*2,hash_tmp,hash_size) == -1) { SMSG(true,"[%s] hash fail, offset is '0x%x'(C)\n",MOD,seek_pos); ret = -6; goto end_error; } #if DUMP_MORE_FOR_DEBUG /* ------------------------------------- */ /* dump hash value for debug */ /* ------------------------------------- */ SMSG(sec_info.bMsg,"[%s] Data value(4 bytes) ==>\n",MOD); sec_signfmt_dump_buffer(chunk_buf, 4); SMSG(sec_info.bMsg,"[%s] Hash value(comp) (0x%x): \n",MOD, seek_pos); sec_signfmt_dump_buffer(hash_tmp, hash_size); #endif /* save this hash to compose buffer (first block) */ mcpy(hash_comb,hash_tmp,hash_size); /* move next */ seek_pos += read_size; left_size -= read_size; } /* ------------------------------------- */ /* dump hash value for debug */ /* ------------------------------------- */ #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Hash value(final) (0x%x): \n",MOD, seek_pos); sec_signfmt_dump_buffer(hash_tmp, hash_size); #endif /* copy hash */ mcpy(final_hash_buf,hash_tmp,hash_size); end_error: ASF_FREE(hash_comb); ASF_FREE(chunk_buf); ASF_FREE(hash_tmp); return ret; }
/************************************************************************** * FUNCTION To Get Image Hash **************************************************************************/ int sec_signfmt_calculate_image_hash_v3(char* part_name, SECURE_IMG_INFO_V3 *img_if, char *final_hash_buf, unsigned int hash_len, char *ext_buf) { unsigned int ret = SEC_OK; SEC_IMG_HEADER *img_hdr = (SEC_IMG_HEADER *)&img_if->header.v3; SEC_IMG_EXTENSTION_SET ext_set; uint32 ext_hdr_offset = 0; uint32 ext_hdr_len = 0; uchar *ext_hdr_buf = NULL; uint32 hash_size = 0; uint32 sig_size = 0; uint32 i = 0; uchar *cal_hash_buf = NULL; uint32 cal_hash_buf_len = 0; uchar *tmp_ptr = NULL; uchar *verify_data = NULL; uint32 verify_data_len = 0; uint32 real_chunk_size = 0; /* ======================== */ /* init check */ /* ======================== */ #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump header ============> START\n",MOD); sec_signfmt_dump_buffer((uchar*)img_hdr,sizeof(SEC_IMG_HEADER)); SMSG(sec_info.bMsg,"[%s] Dump header ============> END\n",MOD); #endif if (SEC_IMG_MAGIC != img_hdr->magic_number) { SMSG(true,"[%s] magic number is invalid '0x%x'\n",MOD,img_hdr->magic_number); ret = ERR_SIGN_FORMAT_MAGIC_WRONG; goto _magic_wrong_err; } if (SEC_EXTENSION_MAGIC != img_hdr->sign_offset) { SMSG(true,"[%s] extension magic number is invalid '0x%x'\n",MOD,img_hdr->sign_offset); ret = ERR_SIGN_FORMAT_MAGIC_WRONG; goto _magic_wrong_err; } /* ======================== */ /* search for extension header */ /* ======================== */ memset(&ext_set, 0x00, sizeof(SEC_IMG_EXTENSTION_SET)); ext_hdr_offset = img_if->ext_offset + img_hdr->signature_length; ext_hdr_len = img_if->ext_len - img_hdr->signature_length; ext_hdr_buf = (uchar*)(ext_buf + ext_hdr_offset); if( SEC_OK != (ret = sec_signfmt_search_extension(ext_hdr_buf, ext_hdr_len, &ext_set)) ) { SMSG(true,"[%s] Image extension header not found\n",MOD); goto _ext_hdr_search_fail; } hash_size = get_hash_size((SEC_CRYPTO_HASH_TYPE)ext_set.crypto->hash_type); sig_size = get_signature_size((SEC_CRYPTO_SIGNATURE_TYPE)ext_set.crypto->sig_type); #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump ext hash value ============> START\n",MOD); for(i=0;i<ext_set.frag->frag_count;i++) { SMSG(sec_info.bMsg,"[%s] Dump EXT hash [%d]\n",MOD,i); sec_signfmt_dump_buffer(ext_set.hash_only[i]->hash_data,hash_size); } SMSG(sec_info.bMsg,"[%s] Dump ext hash value ============> END\n",MOD); #endif /* ======================== */ /* calculate each hash by chunk */ /* ======================== */ cal_hash_buf_len = hash_size*ext_set.frag->frag_count; cal_hash_buf = (uchar*)ASF_MALLOC(cal_hash_buf_len); if (NULL == cal_hash_buf) { ret = ERR_FS_READ_BUF_ALLOCATE_FAIL; goto _malloc_cal_buf_fail; } memset(cal_hash_buf, 0x00, cal_hash_buf_len); #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] dump reset data\n",MOD); sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len); #endif tmp_ptr = cal_hash_buf; #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Total cal hash length is %d\n",MOD,cal_hash_buf_len); #endif for(i=0;i<ext_set.frag->frag_count;i++) { memset(tmp_ptr, 0x00, hash_size); if(ext_set.frag->chunk_size == 0) { real_chunk_size = ext_set.hash_only[i]->hash_len; } else { real_chunk_size = ext_set.frag->chunk_size; } if(sec_signfmt_gen_hash_by_chunk(ASF_FILE_NULL, part_name, ext_set.hash_only[i]->hash_offset, ext_set.hash_only[i]->hash_len, tmp_ptr, ext_set.hash_only[i]->sub_type, real_chunk_size)!=0) { ret = ERR_SIGN_FORMAT_CAL_HASH_BY_CHUNK_FAIL; goto _gen_hash_by_chunk_fail; } #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump CAL hash right after: [%d], offset is 0x%x\n",MOD,i,tmp_ptr); sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len); #endif tmp_ptr += hash_size; } #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump CAL hash right after all done, offset is 0x%x\n",MOD,tmp_ptr); sec_signfmt_dump_buffer(cal_hash_buf,cal_hash_buf_len); #endif #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump cal hash value ============> START\n",MOD); tmp_ptr = cal_hash_buf; for(i=0;i<ext_set.frag->frag_count;i++) { SMSG(true,"[%s] Dump CAL hash [%d]\n",MOD,i); sec_signfmt_dump_buffer(tmp_ptr,hash_size); tmp_ptr += hash_size; } SMSG(sec_info.bMsg,"[%s] Dump cal hash value ============> END\n",MOD); #endif /* ======================== */ /* copy cal hash to extension header */ /* ======================== */ tmp_ptr = cal_hash_buf; for(i=0;i<ext_set.frag->frag_count;i++) { mcpy(ext_set.hash_only[i]->hash_data, tmp_ptr, hash_size); tmp_ptr += hash_size; } /* ======================== */ /* compose final verify buffer */ /* ======================== */ verify_data_len = SEC_IMG_HEADER_SIZE+cal_hash_buf_len+ext_hdr_len; verify_data = (uchar*)ASF_MALLOC(verify_data_len); if (NULL == cal_hash_buf) { ret = ERR_FS_READ_BUF_ALLOCATE_FAIL; goto _malloc_verify_buf_fail; } tmp_ptr = verify_data; /* copy header */ mcpy(tmp_ptr,img_hdr,SEC_IMG_HEADER_SIZE); tmp_ptr += SEC_IMG_HEADER_SIZE; /* copy cal hash */ for(i=0;i<ext_set.frag->frag_count;i++) { mcpy(tmp_ptr,cal_hash_buf+i*hash_size,hash_size); tmp_ptr += hash_size; } /* copy extension header */ mcpy(tmp_ptr,ext_hdr_buf,ext_hdr_len); #if DUMP_MORE_FOR_DEBUG SMSG(sec_info.bMsg,"[%s] Dump verify data (%d):\n",MOD,verify_data_len); sec_signfmt_dump_buffer(verify_data,verify_data_len); #endif /* ======================== */ /* generate final hash */ /* ======================== */ /* hash */ SMSG(sec_info.bMsg,"[%s] generate hash ... \n",MOD); if(SEC_OK != (ret = sec_hash(verify_data, verify_data_len, (uchar*)final_hash_buf, hash_len ))) { SMSG(true,"[%s] generate hash fail\n\n",MOD); ret = ERR_SIGN_FORMAT_GENERATE_HASH_FAIL; goto _hash_fail; } /* ================== */ /* dump hash data */ /* ================== */ SMSG(sec_info.bMsg,"[%s] dump hash data\n",MOD); dump_buf((uchar*)final_hash_buf,hash_len); SMSG(sec_info.bMsg,"[%s] generate hash pass\n\n",MOD); _hash_fail: ASF_FREE(verify_data); _malloc_verify_buf_fail: _gen_hash_by_chunk_fail: ASF_FREE(cal_hash_buf); _malloc_cal_buf_fail: _ext_hdr_search_fail: _magic_wrong_err: return ret; }