platform: msm_shared: Update rot calculation
Update the public key used to generate the hash
for setting the rot in case of VB2.
Change-Id: I19991eaad111d0ff383a0a9638291248573e840c
diff --git a/platform/msm_shared/boot_verifier.c b/platform/msm_shared/boot_verifier.c
index caee469..4a219f1 100644
--- a/platform/msm_shared/boot_verifier.c
+++ b/platform/msm_shared/boot_verifier.c
@@ -34,6 +34,7 @@
#include <image_verify.h>
#include <mmc.h>
#include <oem_keystore.h>
+#include <avb/OEMPublicKey.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <partition_parser.h>
@@ -449,6 +450,114 @@
}
#endif
+#if VERIFIED_BOOT_2
+bool send_rot_command(uint32_t is_unlocked)
+{
+ int ret = 0;
+ unsigned char *input = (unsigned char *)OEMPublicKey;
+ unsigned int key_len = sizeof(OEMPublicKey);
+ unsigned char *keystatebuf = NULL;
+ unsigned char digest[SHA256_SIZE] = {0}, final_digest[SHA256_SIZE] = {0};
+ uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA256;
+ uint32_t boot_device_state = boot_verify_get_state();
+ int app_handle = 0;
+ km_set_rot_req_t *read_req = NULL;
+ km_set_rot_rsp_t read_rsp;
+ app_handle = get_secapp_handle();
+ uint32_t version = 0;
+ void *cpy_ptr;
+
+ if( input == NULL || UINT_MAX - 1 < key_len )
+ {
+ dprintf(CRITICAL, "Failed to read ROT key\n");
+ ASSERT(0);
+ }
+ switch (boot_device_state)
+ {
+ case GREEN:
+ case YELLOW:
+ if(!( keystatebuf = malloc( key_len + 1)))
+ {
+ dprintf(CRITICAL, "Failed to allocate memory for ROT digest\n");
+ ASSERT(0);
+ }
+ memscpy(keystatebuf , key_len + 1, input, key_len);
+ hash_find((unsigned char *)keystatebuf, key_len , (unsigned char *) digest, auth_algo);
+ keystatebuf[key_len] = (unsigned char )is_unlocked;
+ hash_find((unsigned char *)keystatebuf, key_len + 1, (unsigned char *) final_digest, auth_algo);
+ break;
+ case ORANGE:
+ // Unlocked device and no verification done.
+ // Send the hash of boot device state
+ input = NULL;
+ hash_find((unsigned char *) &is_unlocked, sizeof(unsigned char), (unsigned char *)&final_digest, auth_algo);
+ break;
+ case RED:
+ default:
+ dprintf(CRITICAL, "Invalid state to boot!\n");
+ }
+ dprintf(SPEW, "Digest: ");
+ for(uint8_t i = 0; i < SHA256_SIZE; i++)
+ dprintf(SPEW, "0x%x ", final_digest[i]);
+ dprintf(SPEW, "\n");
+
+ if(!(read_req = malloc(sizeof(km_set_rot_req_t) + sizeof(final_digest))))
+ {
+ dprintf(CRITICAL, "Failed to allocate memory for ROT structure\n");
+ ASSERT(0);
+ }
+
+ cpy_ptr = (uint8_t *) read_req + sizeof(km_set_rot_req_t);
+ read_req->cmd_id = KEYMASTER_SET_ROT;
+ read_req->rot_ofset = (uint32_t) sizeof(km_set_rot_req_t);
+ read_req->rot_size = sizeof(final_digest);
+ memscpy(cpy_ptr, sizeof(final_digest), (void *) &final_digest, sizeof(final_digest));
+ dprintf(SPEW, "Sending Root of Trust to trustzone: start\n");
+
+ ret = qseecom_send_command(app_handle, (void*) read_req, sizeof(km_set_rot_req_t) + sizeof(final_digest), (void*) &read_rsp, sizeof(read_rsp));
+ if (ret < 0 || read_rsp.status < 0)
+ {
+ dprintf(CRITICAL, "QSEEcom command for Sending Root of Trust returned error: %d\n", read_rsp.status);
+ free(read_req);
+ return false;
+ }
+
+#if OSVERSION_IN_BOOTIMAGE
+ boot_state_info.is_unlocked = is_unlocked;
+ boot_state_info.color = boot_verify_get_state();
+ memscpy(boot_state_info.public_key, sizeof(boot_state_info.public_key), digest, SHA256_SIZE);
+ boot_verify_send_boot_state(&boot_state_info);
+#endif
+ if ( is_secure_boot_enable()
+ && (dev_boot_state != GREEN))
+ {
+ version = qseecom_get_version();
+ if(allow_set_fuse(version)) {
+ ret = set_tamper_fuse_cmd(HLOS_IMG_TAMPER_FUSE);
+ if (ret) {
+ ret = false;
+ goto err;
+ }
+ ret = set_tamper_fuse_cmd(HLOS_TAMPER_NOTIFY_FUSE);
+ if (ret) {
+ dprintf(CRITICAL, "send_rot_command: set_tamper_fuse_cmd (TZ_HLOS_TAMPER_NOTIFY_FUSE) fails!\n");
+ ret = false;
+ goto err;
+ }
+ } else {
+ dprintf(CRITICAL, "send_rot_command: TZ didn't support this feature! Version: major = %d, minor = %d, patch = %d\n", (version >> 22) & 0x3FF, (version >> 12) & 0x3FF, version & 0x3FF);
+ goto err;
+ }
+ }
+ dprintf(CRITICAL, "Sending Root of Trust to trustzone: end\n");
+ ret = true;
+err:
+ if(keystatebuf)
+ free(keystatebuf);
+ free(read_req);
+ return ret;
+}
+#else
bool send_rot_command(uint32_t is_unlocked)
{
int ret = 0;
@@ -605,6 +714,7 @@
free(rot_input);
return ret;
}
+#endif
unsigned char* get_boot_fingerprint(unsigned int* buf_size)
{