Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / 0e2caf27ee5c2e984eab423d67e54e7f46fc9567 / . / platform / msm_shared / image_verify.c
blob: 284f8e5ff4867697d79a364ea4f76d16b3e926d3 [file] [log] [blame]
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]1/*
Amir Samuelova3382942014-03-13 13:48:57 +0200[diff] [blame]2 * Copyright (c) 2011,2013-2014 The Linux Foundation. All rights reserved.
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in
11 * the documentation and/or other materials provided with the
12 * distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
15 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
16 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
17 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
18 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
20 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
21 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
22 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
23 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
24 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 * SUCH DAMAGE.
26 */
27#include <x509.h>
28#include <certificate.h>
29#include <crypto_hash.h>
30#include "image_verify.h"
Amir Samuelov67ae1d32013-03-24 16:27:52 +0200[diff] [blame]31#include "scm.h"
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]32
33/*
34 * Returns -1 if decryption failed otherwise size of plain_text in bytes
35 */
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]36static int
37image_decrypt_signature(unsigned char *signature_ptr, unsigned char *plain_text)
38{
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]39 /*
40 * Extract Public Key and Decrypt Signature
41 */
42 int ret = -1;
43 X509 *x509_certificate = NULL;
44 unsigned char *cert_ptr = certBuffer;
45 unsigned int cert_size = sizeof(certBuffer);
46 EVP_PKEY *pub_key = NULL;
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]47 RSA *rsa_key = NULL;
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]48
49 /*
50 * Get Pubkey and Convert the internal EVP_PKEY to RSA internal struct
51 */
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]52 if ((x509_certificate = d2i_X509(NULL, &cert_ptr, cert_size)) == NULL) {
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]53 dprintf(CRITICAL,
54 "ERROR: Image Invalid, X509_Certificate is NULL!\n");
55 goto cleanup;
56 }
57 pub_key = X509_get_pubkey(x509_certificate);
Lijuan Gao0e2caf22014-07-15 18:36:18 +0800[diff] [blame^]58 if (pub_key == NULL) {
59 dprintf(CRITICAL, "ERROR: Boot Invalid, PUB_KEY is NULL!\n");
60 goto cleanup;
61 }
62
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]63 rsa_key = EVP_PKEY_get1_RSA(pub_key);
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]64 if (rsa_key == NULL) {
65 dprintf(CRITICAL, "ERROR: Boot Invalid, RSA_KEY is NULL!\n");
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]66 goto cleanup;
67 }
68
69 ret = RSA_public_decrypt(SIGNATURE_SIZE, signature_ptr, plain_text,
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]70 rsa_key, RSA_PKCS1_PADDING);
71 dprintf(SPEW, "DEBUG openssl: Return of RSA_public_decrypt = %d\n",
72 ret);
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]73
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]74 cleanup:
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]75 if (rsa_key != NULL)
76 RSA_free(rsa_key);
77 if (x509_certificate != NULL)
78 X509_free(x509_certificate);
79 if (pub_key != NULL)
80 EVP_PKEY_free(pub_key);
81 return ret;
82}
83
84/*
85 * Returns 1 when image is signed and authorized.
86 * Returns 0 when image is unauthorized.
87 * Expects a pointer to the start of image and pointer to start of sig
88 */
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]89int
90image_verify(unsigned char *image_ptr,
91 unsigned char *signature_ptr,
92 unsigned int image_size, unsigned hash_type)
93{
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]94
95 int ret = -1;
96 int auth = 0;
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]97 unsigned char *plain_text = NULL;
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]98 unsigned int digest[8];
99 unsigned int hash_size;
100
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]101 plain_text = (unsigned char *)calloc(sizeof(char), SIGNATURE_SIZE);
102 if (plain_text == NULL) {
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]103 dprintf(CRITICAL, "ERROR: Calloc failed during verification\n");
104 goto cleanup;
105 }
106
Amir Samuelova3382942014-03-13 13:48:57 +0200[diff] [blame]107 /*
108 * Calculate hash of image and save calculated hash on TZ.
109 */
110 hash_size =
111 (hash_type == CRYPTO_AUTH_ALG_SHA256) ? SHA256_SIZE : SHA1_SIZE;
112 hash_find(image_ptr, image_size, (unsigned char *)&digest, hash_type);
113#ifdef TZ_SAVE_KERNEL_HASH
114 if (hash_type == CRYPTO_AUTH_ALG_SHA256) {
115 save_kernel_hash_cmd(digest);
116 dprintf(INFO, "Image hash saved.\n");
117 } else
118 dprintf(INFO, "image_verify: hash is not SHA-256.\n");
119#endif
120
121 /*
122 * Decrypt the pre-calculated expected image hash.
Sundarajan Srinivasanf3908592014-04-21 14:14:30 -0700[diff] [blame]123 * Return value, ret should be equal to hash_size. Otherwise it means a failure. With this check
124 * we avoid a potential vulnerability due to trailing data placed at the end of digest.
Amir Samuelova3382942014-03-13 13:48:57 +0200[diff] [blame]125 */
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]126 ret = image_decrypt_signature(signature_ptr, plain_text);
Sundarajan Srinivasanf3908592014-04-21 14:14:30 -0700[diff] [blame]127 if (ret != hash_size) {
128 dprintf(CRITICAL, "ERROR: Image Invalid! signature check failed! ret %d\n", ret);
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]129 goto cleanup;
130 }
131
132 /*
Amir Samuelova3382942014-03-13 13:48:57 +0200[diff] [blame]133 * Compare the expected hash with the calculated hash.
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]134 */
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]135 if (memcmp(plain_text, digest, hash_size) != 0) {
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]136 dprintf(CRITICAL,
137 "ERROR: Image Invalid! Please use another image!\n");
138 ret = -1;
139 goto cleanup;
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]140 } else {
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]141 /* Authorized image */
142 auth = 1;
143 }
144
145 /* Cleanup after complete usage of openssl - cached data and objects */
Ajay Dudanib01e5062011-12-03 23:23:42 -0800[diff] [blame]146 cleanup:
Shashank Mittalcd98d472011-08-02 14:29:24 -0700[diff] [blame]147 if (plain_text != NULL)
148 free(plain_text);
149 EVP_cleanup();
150 CRYPTO_cleanup_all_ex_data();
151 ERR_remove_thread_state(NULL);
152 return auth;
153}